EIP-2026-117490

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117490. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The document provides a detailed technical analysis of a double-free vulnerability in Microsoft Fax Cover Page Editor (fxscover.exe) affecting versions <= 5.2.3790.3959. It explains the root cause involving a 16-bit field used to index 'Text' elements, which can be manipulated to trigger a double-free condition during object deallocation, potentially leading to code execution.

Description

Microsoft Fax - Cover Page Editor 5.2.3790.3959 Double-Free Memory Corruption

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textlocalwindows

https://www.exploit-db.com/exploits/16024

View Code ZIP pw:eip

The document provides a detailed technical analysis of a double-free vulnerability in Microsoft Fax Cover Page Editor (fxscover.exe) affecting versions <= 5.2.3790.3959. It explains the root cause involving a 16-bit field used to index 'Text' elements, which can be manipulated to trigger a double-free condition during object deallocation, potentially leading to code execution.

Classification

Writeup 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft Fax Cover Page Editor <= 5.2.3790.3959

No auth needed

Prerequisites: Fax Service installed on Windows · Ability to deliver a malicious .cov file to the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Microsoft Fax - Cover Page Editor 5.2.3790.3959 Double-Free Memory Corruption

Exploitation Summary

Description

Exploits (1)

Details