Published: 27/08/2010 Updated: 07/12/2023

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by a directory that contains a Windows Backup Catalog (.wbcat) file, aka "Backup Manager Insecure Library Loading Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows vista

# Greetz to :b0nd, Fbih2s,r45c4l,Charles ,j4ckh4x0r, punter,eberly, Charles , Dinesh Arora /* Exploit Title: Microsoft Vista BitLocker Drive Encryption API Hijacking Exploit Date: 25/08/2010 Author: Beenu Arora Tested on: Windows XP SP3 Vulnerable extensions: wbcat Compile and rename to fveapidll, create a file in the same dir with one of the ...

NVD-CWE-Other http://www.exploit-db.com/exploits/14751/http://www.securitytracker.com/id?1024948 http://www.vupen.com/english/advisories/2011/0074 http://www.us-cert.gov/cas/techalerts/TA11-011A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12273 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-001 https://nvd.nist.gov https://www.exploit-db.com/exploits/14751/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-3145

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect