A memory corruption flaw exists in Microsoft Windows. The fxscover.exe application in the Fax Cover Page Editor fails to sanitize user-supplied input when parsing FAX cover pages, resulting in memory corruption. With a specially crafted .cov file, a context-dependent attacker can execute arbitrary code.

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

• OVAL ID: 12390
• CVE ID: 2010-3974 (see also: NVD)
• Microsoft Knowledge Base Article: 2527308
• Bugtraq ID: 45583
• Generic Exploit URL: http://aluigi.org/poc/fxscover_1.cov
• Mail List Post: http://seclists.org/bugtraq/2011/Jan/125
• Vendor URL: http://windows.microsoft.com/en-US/windows-vista/Create-or-edit-a-fax-cover-page
• News Article: http://www.scmagazineus.com/microsoft-distributes-17-patches-for-64-flaws/article/200597/
• Microsoft Security Bulletin: MS11-024
• CERT: TA11-102A

• Not Available