Skip navigation
4143 Views 4 Replies Latest reply: Apr 12, 2011 6:44 PM by Craig Kagawa RSS
zentiva Level 1 7 posts since
Mar 2, 2011
Currently Being Moderated

Apr 8, 2011 6:34 AM

QID 90675 - Microsoft Windows Fax Cover Page Editor Buffer Overflow Vulnerability - Zero Day

Hello,

 

Does anyone have experience with this vulnerability?

 

M.

 

 

(SEVERITY 3) Microsoft Windows Fax Cover Page Editor Buffer Overflow Vulnerability - Zero Day

QID: 90675

Category: Windows

CVE ID: CVE-2010-4701

 

 

 

Bugtraq ID: -

Service Modified: 12/27/2010

User Modified: -

Edited: No

PCI Vuln: No

 

THREAT:

Microsoft Windows Fax Cover Page Editor is prone to a buffer overflow vulnerability. The vulnerability is caused by an input validation error in the

Windows Fax Cover Page Editor component (fxscover.exe) when the "CDrawPoly::Serialize()" function reads data from a Fax Cover Page file

(".cov").

 

Affected Operating System:

Windows XP

Windows Server 2003

 

IMPACT:

Successful exploitation allows malicious people to compromise a vulnerable system.

 

SOLUTION:

There are no vendor supplied patches available at this time.

 

COMPLIANCE:#

Not Applicable

 

EXPLOITABILITY:

The Exploit-DB

     Reference: CVE-2010-4701

     Description: Microsoft Windows Fax Services Cover Page Editor (.cov) Memory Corruption - The Exploit-DB Ref : 15839

     Link: http://www.exploit-db.com/exploits/15839

 

 

ASSOCIATED MALWARE:

There is no malware information for this vulnerability.

 

RESULTS:

Microsoft Windows Fax Cover Page Editor Vulnerability Detected

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 6 points