CVE-2013-10064
BaseFortify
Publication date: 2025-08-05
Last updated on: 2025-08-05
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| actfax | server | 5.01 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in ActFax Server version 5.01. It occurs because the server's RAW protocol interface improperly handles user-supplied data in the @F506 fax header fields using the unsafe strcpy function. An attacker can send specially crafted @F506 fields to exploit this flaw, potentially allowing them to execute arbitrary code on the server without authentication, provided they have network access to TCP port 4559.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow a remote attacker to execute arbitrary code on the affected ActFax Server. This could lead to full compromise of the server, including unauthorized access, data theft, disruption of services, or use of the server as a foothold for further attacks within the network.