Vulnerabilities > CVE-2010-3145 - Unspecified vulnerability in Microsoft Windows Vista
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by a directory that contains a Windows Backup Catalog (.wbcat) file, aka "Backup Manager Insecure Library Loading Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |
Exploit-Db
description | Microsoft Vista BitLocker Drive Encryption API Hijacking Exploit (fveapi.dll). CVE-2010-3145. Local exploit for windows platform |
file | exploits/windows/local/14751.txt |
id | EDB-ID:14751 |
last seen | 2016-02-01 |
modified | 2010-08-25 |
platform | windows |
port | |
published | 2010-08-25 |
reporter | Beenu Arora |
source | https://www.exploit-db.com/download/14751/ |
title | Microsoft Vista - BitLocker Drive Encryption API Hijacking Exploit fveapi.dll |
type | local |
Msbulletin
bulletin_id | MS11-001 |
bulletin_url | |
date | 2011-01-11T00:00:00 |
impact | Remote Code Execution |
knowledgebase_id | 2478935 |
knowledgebase_url | |
severity | Important |
title | Vulnerability in Windows Backup Manager Could Allow Remote Code Execution |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS11-001.NASL |
description | The remote Windows host contains a version of the Windows Backup Manager that incorrectly restricts the path used for loading external libraries. If an attacker can trick a user into opening a specially crafted Windows Backup manager file that is located in the same network directory as a specially crafted dynamic link library file, he may be able to leverage this issue to execute arbitrary code subject to the user |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 51454 |
published | 2011-01-11 |
reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/51454 |
title | MS11-001: Vulnerability in Windows Backup Manager Could Allow Remote Code Execution (2478935) |
code |
|
Oval
accepted | 2014-03-03T04:00:21.355-05:00 | ||||||||||||||||
class | vulnerability | ||||||||||||||||
contributors |
| ||||||||||||||||
definition_extensions |
| ||||||||||||||||
description | Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by a directory that contains a Windows Backup Catalog (.wbcat) file, aka "Backup Manager Insecure Library Loading Vulnerability." | ||||||||||||||||
family | windows | ||||||||||||||||
id | oval:org.mitre.oval:def:12273 | ||||||||||||||||
status | accepted | ||||||||||||||||
submitted | 2011-01-11T13:00:00 | ||||||||||||||||
title | Backup Manager Insecure Library Loading Vulnerability | ||||||||||||||||
version | 75 |
References
- http://www.exploit-db.com/exploits/14751/
- http://www.securitytracker.com/id?1024948
- http://www.vupen.com/english/advisories/2011/0074
- http://www.us-cert.gov/cas/techalerts/TA11-011A.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12273
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-001