What is CVE-2013-10064?

CVE-2013-10064 is a vulnerability in Actfax Communication Server, classified under Stack-based Buffer Overflow. Published 2025-08-05.

Is CVE-2013-10064 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Actfax Communication Server

CVE-2013-10064

A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's RAW protocol interface fails to safely process user-supplied data in @F506 fax header fields due to insecure usage of strcpy. Remote attackers c…

Vulnerability class: Buffer Overflow

EPSS: 0.760 (98.9th percentile) — read the EPSS interpretation.

Affected products

Actfax Communication Server — versions 5.01

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

Public proof-of-concept exploits

rapid7/metasploit-framework

References

www.actfax.com/ (product)
web.archive.org/web/20130212065755/http://www.pwnag3.com/2013/02/actfax-raw-ser… (technical-description, exploit)
raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/w… (exploit)
www.exploit-db.com/exploits/24467 (exploit)
www.vulncheck.com/advisories/actfax-raw-server-buffer-overflow (third-party-advisory)

Frequently asked questions

What is CVE-2013-10064?: CVE-2013-10064 is a vulnerability in Actfax Communication Server, classified under Stack-based Buffer Overflow. Published 2025-08-05.
Is CVE-2013-10064 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.