HTTP: Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption
This signature detects attempts to exploit a known double-free memory corruption vulnerability in Microsoft Windows Fax Services. It is due to improper handling of Text objects while parsing Microsoft Fax cover page files. Remote attackers could exploit this by enticing the target user to open a specially crafted Fax cover page file. A successful attack can result in execution of arbitrary code within the security context of the currently logged in user. An unsuccessful attempt terminates the affected application abnormally.
Extended Description
Microsoft Windows Fax Cover Page Editor is prone to a double-free memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted Fax Cover Page file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition. Microsoft Windows Fax Cover Page Editor versions 5.2.3790.3959 and prior are vulnerable.
Affected Products
Microsoft windows
References
BugTraq: 45942
Short Name
HTTP:STC:FAX-COVER-MC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Corruption Cover Double Editor Fax Free Memory Microsoft Page Services Windows bid:45942
Release Date
01/31/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Microsoft