MS11-001: Vulnerability in Windows Backup Manager Could Allow Remote Code Execution (2478935)

high Nessus Plugin ID 51454

Synopsis

The remote Windows host is affected by a code execution vulnerability in the Windows Backup Manager.

Description

The remote Windows host contains a version of the Windows Backup Manager that incorrectly restricts the path used for loading external libraries.

If an attacker can trick a user into opening a specially crafted Windows Backup manager file that is located in the same network directory as a specially crafted dynamic link library file, he may be able to leverage this issue to execute arbitrary code subject to the user's privileges.

Solution

Microsoft has released a patch for Windows Vista.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2011/ms11-001

Plugin Details

Severity: High

ID: 51454

File Name: smb_nt_ms11-001.nasl

Version: 1.19

Type: local

Agent: windows

Published: 1/11/2011

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/11/2011

Vulnerability Publication Date: 8/25/2010

Reference Information

CVE: CVE-2010-3145

BID: 42763

IAVB: 2011-B-0007

MSFT: MS11-001

MSKB: 2478935