9.3

CVE-2010-3145

Exploit

EPSS 13.59%
Veröffentlicht 27.08.2010 19:00:02
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by a directory that contains a Windows Backup Catalog (.wbcat) file, aka "Backup Manager Insecure Library Loading Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows Vista Updatesp1

Microsoft ≫ Windows Vista Updatesp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	13.59%	0.939

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://www.exploit-db.com/exploits/14751/

Exploit

http://www.securitytracker.com/id?1024948

http://www.us-cert.gov/cas/techalerts/TA11-011A.html

US Government Resource

http://www.vupen.com/english/advisories/2011/0074

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-001

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12273

https://nvd.nist.gov/vuln/detail/CVE-2010-3145

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-3145

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-3145

EUVD