9.3

CVE-2010-3145

Exploit

EPSS 13.59%
Published 27.08.2010 19:00:02
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by a directory that contains a Windows Backup Catalog (.wbcat) file, aka "Backup Manager Insecure Library Loading Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows Vista Updatesp1

Microsoft ≫ Windows Vista Updatesp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	13.59%	0.939

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://www.exploit-db.com/exploits/14751/

Exploit

http://www.securitytracker.com/id?1024948

http://www.us-cert.gov/cas/techalerts/TA11-011A.html

US Government Resource

http://www.vupen.com/english/advisories/2011/0074

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-001

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12273

https://nvd.nist.gov/vuln/detail/CVE-2010-3145

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-3145

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-3145

EUVD