CVE-2013-10064

CRITICAL

ActFax Server <5.01 - Buffer Overflow

Title source: llm

Description

A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's RAW protocol interface fails to safely process user-supplied data in @F506 fax header fields due to insecure usage of strcpy. Remote attackers can exploit this vulnerability by sending specially crafted @F506 fields, potentially leading to arbitrary code execution. Successful exploitation requires network access to TCP port 4559 and does not require authentication.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Craig Freyman · rubyremotewindows

https://www.exploit-db.com/exploits/24467

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Craig Freyman, corelanc0d3r, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/actfax_raw_server_bof.rb

View Code ZIP pw:eip

References (5)

[Various Sources] http://www.actfax.com/

[Various Sources] https://web.archive.org/web/20130212065755/http://www.pwnag3.com/2013/02/actfax-raw-server-exploit.html

[Various Sources] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/misc/actfax_raw_server_bof.rb

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/24467

[Third Party Advisory] https://www.vulncheck.com/advisories/actfax-raw-server-buffer-overflow

Scores

CVSS v4 9.3

EPSS 0.6383

EPSS Percentile 98.4%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-121

Status published

Products (1)

ActFax Communication/ActFax Server 5.01

Published Aug 05, 2025

Tracked Since Feb 18, 2026