Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Datesort ascending Title Description Vulnerabilty Category Platform
02.03.2016 Proface GP Pro EX Buffer Overflow Exploit The specific flaw exists within BeginPreRead() processing. When handling malformed 0x7f77 type fields. NOCVE-9999-74950 Exploits/Client Side Windows
02.01.2016 Agent Injector improvements Previously, the APC mechanism used to inject the agent in another process was done using an exe file written into the filesystem. This file could potentialy be detected with an AV. For this reason, its execution was changed to be from memory (using Impact's Dynamic Forking mechanism). Exploits/Remote
01.27.2016 Microsoft Group Policy Preferences Exploit (MS14-025) The Group Policy implementation in Microsoft Windows does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share. CVE-2014-1812 Exploits/Remote Windows
01.21.2016 Microsoft Windows NDIS Pool Overflow Vulnerability DoS (MS15-117) A vulnerability in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to trigger buffer overflow. This allows unprivileged local users to cause an invalid dereference in kernel mode, which produces a BSoD. CVE-2015-6098 Denial of Service/Local Windows
01.18.2016 Jenkins commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit Update Jenkins is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. This update adds proper CVE number, support for Jenkins with HTTPS enabled, and DNS channel support. It also extends on the supported platforms, improves IPv6 functionality and removes redundant code. CVE-2015-8103 Exploits/Remote Windows, Linux
01.17.2016 Linux Blueman D-Bus Service EnableNetwork Privilege Escalation Exploit The EnableNetwork method in the org.blueman.Mechanism D-Bus service of Blueman, a Bluetooth Manager, receives untrusted Python code provided by unprivileged users and evaluates it as root. This can be leveraged by a local unprivileged attacker to gain root privileges. CVE-2015-8612 Exploits/Local Linux
01.13.2016 Microsoft Windows OpenType Font Driver Vulnerability Exploit (MS15-078) Update 3 This module exploits a vulnerability in "atmfd.dll" Windows driver by loading a crafted OTF font. This update adds support to "Low Integrity Level" bypass for "Windows 8.1" 32 bits by using a kernel memory leak (CVE-2015-2433). CVE-2015-2426 Exploits/Local Windows
01.13.2016 Microsoft Windows Win32k SetParent Null Pointer Dereference Exploit (MS15-135) This module exploits a vulnerability in win32k.sys by calling to SetParent function with crafted parameters. CVE-2015-6171 Exploits/Local Windows
01.07.2016 Linux Overlayfs ovl_setattr Local Privilege Escalation Exploit This module exploits a vulnerability in Linux. The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application. CVE-2015-8660 Exploits/Local Linux
01.04.2016 Microsoft Windows OpenType Font Driver Vulnerability Exploit (MS15-078) Update 2 This module exploits a vulnerability in "atmfd.dll" Windows driver by loading a crafted OTF font. This update adds support to "Low Integrity Level" bypass for "Windows 8.1" 64 bits and "Windows 2012" R2 by using a kernel memory leak (CVE-2015-2433). Besides, this updates improves AV evasion. CVE-2015-2426 Exploits/Local Windows
12.27.2015 Microsoft Office COM Object els.dll based Binary Planting Exploit (MS15-132) This module exploits a COM Server-based Binary Planting vulnerability on Microsoft Word to deploy an agent. CVE-2015-6128 Exploits/Client Side Windows
12.23.2015 Linux abrt sosreport Symlink Privilege Escalation Exploit The sosreport program, a component of the ABRT bug reporting system used in Red Hat Enterprise Linux, does not handle symbolic links correctly when writing core dumps of ABRT programs to the ABRT dump directory (/var/tmp/abrt). This can be leveraged by local unprivileged attackers to gain root privileges on vulnerable systems. CVE-2015-5287 Exploits/Local Linux
12.22.2015 Jenkins Default Configuration Remote Code Execution Exploit This module exploits a Jenkins command injection in order to install an agent. NOCVE-9999-74942 Exploits/Remote Linux
12.15.2015 Joomla com_contenthistory SQL Injection This module exploits a SQL Injection vulnerability in Joomla which allows gathering of users and password hashes by parsing SQL output errors CVE-2015-7297 Linux
12.15.2015 Joomla User Agent Object Injection Exploit This module exploits a remote code execution vulnerability in Joomla. The session handling code is susceptible to PHP Object Injection attacks due to lack of sanitization in some HTTP headers that are saved to the database session backend. CVE-2015-8562 Exploits/OS Command Injection/Known Vulnerabilities Linux
12.13.2015 AlienVault Unified Security Management av-forward Deserialization of Untrusted Data Exploit This update introduces an exploit for AlienVault Unified Security Management. A vulnerability exists in the av-forward daemon running in AlienVault Unified Security Management appliances. The daemon accepts serialized Python and proceeds to deserialize it without proper validation, allowing unauthenticated arbitrary code execution. NOCVE-9999-74938 Exploits/Remote
12.10.2015 VMware vCenter Server Java JMX-RMI Remote Code Execution Exploit VMware vCenter Server is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine. By exploiting known methods, it is possible to remotely load an MLet file from an attacker controlled web server that points at a, also controlled, jar file. CVE-2015-2342 Exploits/Remote Windows
12.08.2015 SolarWinds Application Monitor TSUnicodeGraphEditorControl factory Buffer Overflow Exploit Update 2 The specific flaw exists within the 'factory' object's loadExtensionFactory method. The issue lies in a failure to validate the size of an attacker-supplied input before copying it into a fixed-size buffer on the stack. An attacker can leverage this vulnerability to execute code under the context of the current process. This version add x86_64 support and improves reliability. CVE-2015-1500 Exploits/Client Side Windows
12.07.2015 Microsoft Windows Media Center MCL URL File Disclosure Exploit (MS15-134) Windows Media Center MCL files can specify a URL to be automatically loaded within Media Center. A specially crafted MCL file can trick Windows Media Center into rendering the very same MCL file as a local HTML file within the application's embedded web browser. This can be leveraged by an attacker to read and exfiltrate arbitrary files from a victim's local fileystem by convincing an unsuspecting user to open an MCL file. CVE-2015-6127 Exploits/Client Side Windows
11.30.2015 Borland AccuRev Reprise License Server edit_lf_process Write Arbitrary Files Exploit Update 2 The specific flaw exists within the edit_lf_process resource of the AccuRev Reprise License Manager service. The issue lies in the ability to write arbitrary files with controlled data. An attacker could leverage this vulnerability to execute arbitrary code under the context of SYSTEM. This update introduces a number of improvements related to the architecture of the agent installed and scenarios where multiple targets are tested. This update adds reliability. NOCVE-9999-74481 Exploits/Remote Windows
11.25.2015 Symantec Endpoint Protection Manager Java Library Deserialization Vulnerability Remote Code Execution Exploit Symantec Endpoint Protection Manager is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. CVE-2015-6555 Exploits/Remote Windows
11.24.2015 Oracle WebLogic Server commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit Update Oracle WebLogic Server is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. This update add proper CVE number and more supported platforms. CVE-2015-4852 Exploits/Remote Solaris, Windows, Linux
11.23.2015 Kaspersky Antivirus ThinApp Parser Exploit Kaspersky Antivirus is prone to a buffer overflow when handling a specially crafted ThinApp compressed file. NOCVE-9999-74927 Exploits/Client Side Windows
11.23.2015 SMB library fixes This update fixes an issue handling binary files which is present when running proxied. Exploits/Remote
11.16.2015 Oracle WebLogic Server commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit Oracle WebLogic Server is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. CVE-2015-4852 Exploits/Remote Solaris, Windows, Linux
11.12.2015 JBoss commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit JBoss Application Server is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. NOCVE-9999-74929 Exploits/Remote Code Execution Windows, Linux
11.12.2015 Jenkins commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit Jenkins is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. NOCVE-9999-74930 Exploits/Remote Code Execution Windows, Linux
11.11.2015 IBM WebSphere commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit IBM WebSphere Application Server is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary java objects leading to remote code execution. NOCVE-9999-74928 Exploits/Remote Code Execution Windows
11.11.2015 Moxa VPort SDK Plus ActiveX Exploit The specific flaw exists within the VPORTSDK.VPortSDKCtrl.1 ActiveX control. By passing an overly long string to the GetClientReg method's Name parameter. CVE-2015-0986 Exploits/Client Side Windows
11.10.2015 HP LoadRunner Controller Scenario File Buffer Overflow Exploit The specific flaw exists within the handling of scenario files (.lrs). By manipulating a scenario file's values, an attacker can cause a fixed-length stack buffer to overflow. CVE-2015-5426 Exploits/Client Side Windows

Pages