Executive Summary
Summary | |
---|---|
Title | Vulnerability in Windows Fax Cover Page Editor Could Allow Remote Code Execution (2527308) |
Informations | |||
---|---|---|---|
Name | MS11-024 | First vendor Publication | 2011-04-12 |
Vendor | Microsoft | Last vendor Modification | 2011-04-27 |
Severity (Vendor) | Important | Revision | 1.2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.6 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.2 (April 27, 2011): Corrected the severity table and vulnerability section to add CVE-2010-4701 as a vulnerability addressed by this update. This is an informational change only.Summary: This security update resolves two publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opened a specially crafted fax cover page file (.cov) using the Windows Fax Cover Page Editor. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS11-024.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12390 | |||
Oval ID: | oval:org.mitre.oval:def:12390 | ||
Title: | Fax Cover Page Editor Memory Corruption Vulnerability | ||
Description: | fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse FAX cover pages, which allows remote attackers to execute arbitrary code via a crafted .cov file, aka "Fax Cover Page Editor Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3974 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12689 | |||
Oval ID: | oval:org.mitre.oval:def:12689 | ||
Title: | Fax Cover Page Use After Free Vulnerability | ||
Description: | Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute arbitrary code via a long record in a Fax Cover Page (.cov) file. NOTE: some of these details are obtained from third party information. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4701 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Microsoft Windows Fax Cover Page Editor Double Free Memory Corruption Vulnerability | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2011-04-13 | Name : Windows Fax Cover Page Editor Remote Code Execution Vulnerability (2527308) File : nvt/secpod_ms11-024.nasl |
2011-01-27 | Name : Microsoft Windows Fax Cover Page Editor BOF Vulnerabilities File : nvt/gb_ms_windows_fscpe_bof_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
71775 | Microsoft Windows Fax Cover Page Editor Memory Corruption A memory corruption flaw exists in Microsoft Windows. The fxscover.exe application in the Fax Cover Page Editor fails to sanitize user-supplied input when parsing FAX cover pages, resulting in memory corruption. With a specially crafted .cov file, a context-dependent attacker can execute arbitrary code. |
70126 | Microsoft Windows Fax Cover Page Editor CDrawPoly::Serialize() Function Overflow Microsoft Windows is prone to an overflow condition. The Windows Fax Cover Page Editor component (fxscover.exe) fails to properly sanitize user-supplied input when the 'CDrawPoly::Serialize()' function reads in data, resulting in a heap-based buffer overflow. With a specially crafted Fax Cover Page file (.cov), a context-dependent attacker can potentially execute arbitrary code. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-04-14 | IAVM : 2011-B-0045 - Microsoft Windows Fax Cover Page Editor Vulnerability Severity : Category II - VMSKEY : V0026509 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50873 - Revision : 1 - Type : OS-WINDOWS |
2019-09-05 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 50872 - Revision : 1 - Type : OS-WINDOWS |
2015-03-31 | Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruptio... RuleID : 33604 - Revision : 2 - Type : FILE-OTHER |
2015-03-31 | Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruptio... RuleID : 33603 - Revision : 2 - Type : FILE-OTHER |
2014-01-10 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 21352 - Revision : 5 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Fax Cover Page Editor heap corruption attempt RuleID : 18673 - Revision : 7 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-04-13 | Name : A fax cover page editor on the remote host has a memory corruption vulnerabil... File : smb_nt_ms11-024.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-03-20 21:21:09 |
|
2014-02-17 11:46:55 |
|
2014-01-19 21:30:39 |
|
2013-11-11 12:41:22 |
|
2013-05-11 00:49:48 |
|