Does anyone have experience with this vulnerability?
(SEVERITY 3) Microsoft Windows Fax Cover Page Editor Buffer Overflow Vulnerability - Zero Day
CVE ID: CVE-2010-4701
Bugtraq ID: -
Service Modified: 12/27/2010
User Modified: -
PCI Vuln: No
Microsoft Windows Fax Cover Page Editor is prone to a buffer overflow vulnerability. The vulnerability is caused by an input validation error in the
Windows Fax Cover Page Editor component (fxscover.exe) when the "CDrawPoly::Serialize()" function reads data from a Fax Cover Page file
Affected Operating System:
Windows Server 2003
Successful exploitation allows malicious people to compromise a vulnerable system.
There are no vendor supplied patches available at this time.
Description: Microsoft Windows Fax Services Cover Page Editor (.cov) Memory Corruption - The Exploit-DB Ref : 15839
There is no malware information for this vulnerability.
Microsoft Windows Fax Cover Page Editor Vulnerability Detected
I'm not sure if I understand your question, but would like to help you. Could you please tell me more about the information you are looking for?
Please feel free to contact the Support department. (email: email@example.com, or via phone at 1 (866) 801 6161)
My question si very simple: How to fix vulnerability "QID: 90675"
As this is a "zero day" vulnerability, Microsoft has yet to release a patch. In fact, I don't see any reference to this CVE on the Microsoft site.
If this vulnerability is a concern to you, I'd recommend restricting access to fxscover.exe (the vulnerable binary) and monitor the distribution of .cov files within your organization.
Today Microsoft released an update for the Fax issue.
You may download the patch for your operating system at http://www.microsoft.com/technet/security/bulletin/ms11-024.mspx
We have also updated the detection and the description of the QID in our knowledgebase.
If you have any further questions, please don't hesitate to contact us.