Vulnerabilities > Julian Pawlowski > Capi4Hylafax
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-09-06 | CVE-2006-3126 | Remote Arbitrary Command Execution vulnerability in Julian Pawlowski Capi4Hylafax 01.02.03 c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\0) and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number. | 7.5 |
2006-03-14 | CVE-2006-1231 | Unspecified vulnerability in Julian Pawlowski Capi4Hylafax 1.3 CAPI4HylaFAX 1.3, when compiled with GENERATE_DEBUGSFFDATAFILE set, allows local users to modify arbitrary files via a symlink attack on the c2faxrecv_dbgdatafile.sff temporary file. | 1.2 |