Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-3974 | First vendor Publication | 2011-04-13 |
Vendor | Cve | Last vendor Modification | 2023-12-07 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.6 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse FAX cover pages, which allows remote attackers to execute arbitrary code via a crafted .cov file, aka "Fax Cover Page Editor Memory Corruption Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3974 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12390 | |||
Oval ID: | oval:org.mitre.oval:def:12390 | ||
Title: | Fax Cover Page Editor Memory Corruption Vulnerability | ||
Description: | fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse FAX cover pages, which allows remote attackers to execute arbitrary code via a crafted .cov file, aka "Fax Cover Page Editor Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3974 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-03-06 | Name : Microsoft SMB Transaction Parsing Remote Code Execution Vulnerability File : nvt/secpod_ms11-020_remote.nasl |
2011-04-13 | Name : Windows Fax Cover Page Editor Remote Code Execution Vulnerability (2527308) File : nvt/secpod_ms11-024.nasl |
2011-01-27 | Name : Microsoft Windows Fax Cover Page Editor BOF Vulnerabilities File : nvt/gb_ms_windows_fscpe_bof_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
71775 | Microsoft Windows Fax Cover Page Editor Memory Corruption A memory corruption flaw exists in Microsoft Windows. The fxscover.exe application in the Fax Cover Page Editor fails to sanitize user-supplied input when parsing FAX cover pages, resulting in memory corruption. With a specially crafted .cov file, a context-dependent attacker can execute arbitrary code. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-04-14 | IAVM : 2011-B-0045 - Microsoft Windows Fax Cover Page Editor Vulnerability Severity : Category II - VMSKEY : V0026509 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50873 - Revision : 1 - Type : OS-WINDOWS |
2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50872 - Revision : 1 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 21352 - Revision : 5 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 18673 - Revision : 7 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-04-13 | Name : A fax cover page editor on the remote host has a memory corruption vulnerabil... File : smb_nt_ms11-024.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:14:21 |
|
2024-02-01 12:03:58 |
|
2023-12-07 21:28:03 |
|
2023-09-05 12:13:22 |
|
2023-09-05 01:03:50 |
|
2023-09-02 12:13:27 |
|
2023-09-02 01:03:53 |
|
2023-08-12 12:15:59 |
|
2023-08-12 01:03:53 |
|
2023-08-11 12:13:30 |
|
2023-08-11 01:04:01 |
|
2023-08-06 12:12:59 |
|
2023-08-06 01:03:55 |
|
2023-08-04 12:13:04 |
|
2023-08-04 01:03:55 |
|
2023-07-14 12:13:01 |
|
2023-07-14 01:03:53 |
|
2023-03-29 01:14:55 |
|
2023-03-28 12:03:59 |
|
2022-10-11 12:11:37 |
|
2022-10-11 01:03:40 |
|
2021-05-04 12:12:57 |
|
2021-04-22 01:13:22 |
|
2020-09-28 17:22:42 |
|
2020-05-23 00:26:46 |
|
2019-05-09 12:03:25 |
|
2019-02-26 17:19:34 |
|
2018-10-31 00:20:08 |
|
2018-10-13 00:23:01 |
|
2018-09-20 12:08:32 |
|
2017-09-19 09:24:02 |
|
2016-09-30 01:02:35 |
|
2016-08-31 12:02:19 |
|
2016-08-05 12:02:40 |
|
2016-06-28 18:21:30 |
|
2016-04-26 20:11:20 |
|
2014-02-17 10:58:17 |
|
2014-01-19 21:27:15 |
|
2013-11-11 12:39:02 |
|
2013-05-10 23:35:45 |
|