CVE-2010-4701

2011-01-2019:00:07

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-4701

microsoft

windows fax services

buffer overflow

remote code execution

security vulnerability

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.964 High

EPSS

Percentile

99.6%

JSON

Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute arbitrary code via a long record in a Fax Cover Page (.cov) file. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

microsoftwindows_2003_serverr2_sp2enterprise

microsoftwindows_7professional

microsoftwindows_xpsp3

CPENameOperatorVersion
microsoft:windows_2003_servermicrosoft windows 2003 servereq*
microsoft:windows_7microsoft windows 7eq*
microsoft:windows_xpmicrosoft windows xpeq*