VYPR

ActFax

by ActFax

CVEs (4)

  • CVE-2013-10064CriAug 5, 2025
    risk 0.70cvss epss 0.01

    A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's RAW protocol interface fails to safely process user-supplied data in @F506 fax header fields due to insecure usage of strcpy. Remote attackers can exploit this vulnerability by sending…

  • CVE-2012-10043CriAug 8, 2025
    risk 0.65cvss epss 0.00

    A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. The application fails to properly validate the length of tab-delimited fields in .exp files, leading to unsafe…

  • CVE-2020-15843HigSep 24, 2020
    risk 0.47cvss 7.3epss 0.00

    ActFax Version 7.10 Build 0335 (2020-05-25) is susceptible to a privilege escalation vulnerability due to insecure folder permissions on %PROGRAMFILES%\ActiveFax\Client\, %PROGRAMFILES%\ActiveFax\Install\ and %PROGRAMFILES%\ActiveFax\Terminal\. The folder permissions allow "Full…

  • CVE-2023-53954MedDec 19, 2025
    risk 0.40cvss 6.2epss 0.00

    ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious…