Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows backup manager insecure DLL loading
Published:12.01.2011
Source:
SecurityVulns ID:11347
Type:remote
Threat Level:
5/10
Description:insecure DLL loading on .wbcat file opening.
Affected:MICROSOFT : Windows Vista
CVE:CVE-2010-3145 (Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by a directory that contains a Windows Backup Catalog (.wbcat) file, aka "Backup Manager Insecure Library Loading Vulnerability.")
Files:Microsoft Security Bulletin MS11-001 - Important Vulnerability in Windows Backup Manager Could Allow Remote Code Execution (2478935)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod