CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Datesort ascending Title Description Vulnerabilty Category Platform
05.14.2012 Microsoft Windows Win32k Keyboard Layout Vulnerability Exploit (MS12-034) Update 3 This update adds support to Microsoft Windows XP with the MS12-034 patch installed. This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters. When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption. CVE-2012-0181 Exploits/Local Windows
05.14.2012 Shadow Stream Recorder Buffer Overflow Exploit Shadow Stream Recorder is prone to a remote stack-based buffer-overflow vulnerability because the applications fail to perform adequate boundary checks on user-supplied input. NOCVE-9999-52135 Exploits/Client Side Windows
05.13.2012 Microsoft Windows MSCOMCTL Exploit (MS12-027) Update This module exploits a stack-based buffer overflow in the MSCOMCTL.OCX control by sending a specially crafted .RTF file. This update fixes an issue in the agent connector. CVE-2012-0158 Exploits/Client Side Windows
05.13.2012 TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow Exploit A vulnerability exists in TRENDnet SecurView Internet Camera's ActiveX control that can be exploited by sending a long string of data to the OpenFileDlg() function. NOCVE-9999-51950 Exploits/Client Side Windows
05.10.2012 MPlayer SAMI Subtitle File Buffer Overflow Exploit This module exploits a vulnerability in MPlayer. A stack-based buffer overflow in the sub_read_line_sami function in MPlayer SVN Versions before 33471 and SMPlayer 0.6.9 and older versions allows remote attackers to execute arbitrary code via a SAMI subtitle file. CVE-2011-3625 Exploits/Client Side Windows
05.10.2012 Quest InTrust AnnotateX ActiveX Exploit A vulnerability exists in AnnotateX.dll - by invoking the Add() method it is possible to call inside of any memory region of choice as selected by an attacker. NOCVE-9999-51883 Exploits/Client Side Windows
05.10.2012 Linux Sing Log Injection Local Exploit SING is prone to a local privilege-escalation vulnerability, that allows an unprivileged process to elevate privileges to root. CVE-2007-6211 Exploits/Local Linux
05.10.2012 PHP-CGI Argument Injection Exploit This module exploits an argument injection vulnerability in PHP up to version 5.3.12 and 5.4.2 when running as a standalone CGI processor and takes advantage of the -d flag to achieve remote code execution. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2012-1823 Exploits/Remote Windows, OpenBSD, Linux, FreeBSD
05.08.2012 Microsoft Windows Win32k Keyboard Layout Vulnerability Exploit (MS12-034) Update 2 This update adds support to Microsoft Windows 2008. This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters. When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption. CVE-2012-0181 Exploits/Local Windows
05.07.2012 Microsoft Windows Win32k Keyboard Layout Vulnerability Exploit (MS12-034) This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters. When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption. CVE-2012-0181 Exploits/Local Windows
04.23.2012 LotusCMS router PHP Command Injection Exploit Input passed via the "page" parameter to index.php is not properly sanitised in the "Router()" function in core/lib/router.php before being used in an "eval()" call. This can be exploited to execute arbitrary PHP code. NOCVE-9999-51709 Exploits/Remote Solaris, Linux
04.23.2012 NetOp Remote Control Client Buffer Overflow Exploit A stack-based buffer overflow can be exploited in NetOp Remote Control when opening a crafted .dws file with a string longer then 520 characters. NOCVE-9999-51905 Exploits/Client Side Windows
04.22.2012 Novell ZENworks Configuration Management Preboot Service Opcode 0x4c Buffer Overflow Exploit A buffer-overflow vulnerability exists in the PreBoot Service when processing requests containing opcode 0x4c. CVE-2011-3176 Exploits/Remote Windows
04.18.2012 Miniserv Perl Format String Exploit Update This update fixes an issue with the SSL support in the exploit for Usermin's and Webmin's perl format string vulnerability (CVE-2005-3912). CVE-2005-3912 Exploits/Remote Linux
04.18.2012 Microsoft Office Excel RTD Data Record Processing Stack Overwrite Exploit (MS11-021) Update 2 The flaw exists within the methods used for RealTimeData Record Parsing. When handling a stTopic field that has a bit set specifying double byte characters in the following field the value of a global pointer is improperly calculated. This version adds Windows 7 support and updates the CVE number. CVE-2011-0105 Exploits/Client Side Windows
04.18.2012 Adobe Reader Font SING Table Buffer Overflow Exploit Update This update fixes an error which made the module abort. CVE-2010-2883 Exploits/Client Side Windows
04.16.2012 Microsoft Windows MSCOMCTL Exploit (MS12-027) This module exploits a stack-based buffer overflow in the MSCOMCTL.OCX control by sending a specially crafted .RTF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2012-0158 Exploits/Client Side Windows
04.16.2012 Atlassian FishEye Struts 2 ExceptionDelegator Remote Code Execution Exploit The ExceptionDelegator component of the XWork framework, part of the Apache Struts 2 web framework, as shipped with Atlassian FishEye, interprets parameters values as OGNL expressions when handling a type conversion error. This can be exploited to execute arbitrary code on the vulnerable server by tricking a logged-in user with administrator privileges within the FishEye site to visit a specially crafted web page. NOCVE-9999-51763 Exploits/Client Side Linux
04.12.2012 Netmechanica NetDecision HTTP Server Buffer Overflow Exploit A buffer overflow in NetDecision's HTTP service is exploited when a long URL is managed by the HTTP Server's active window. For successfull exploitation, the victim need to have the HttpSvr's window open. CVE-2012-1465 Exploits/Remote Windows
04.10.2012 SolarWinds Storage Manager Server SQL Injection Authentication Bypass Exploit This module exploits a vulnerability in the SolarWinds Storage Manager Server. The LoginServlet page available on port 9000 is vulnerable to SQL injection via the loginName field. An attacker can send a specially crafted username and execute arbitrary SQL commands leading to remote code execution. NOCVE-9999-51501 Exploits/Remote Windows
03.27.2012 Adobe Flash Player MP4 cprt Buffer Overflow Exploit A memory corruption vulnerability in Adobe Flash Player allows attackers to execute arbitrary code sending a crafted MP4 file. CVE-2012-0754 Exploits/Client Side Windows
03.26.2012 Sysax Multi Server SSH Username Buffer Overflow Exploit This module exploits a stack based buffer overflow on Sysax Multi Server when parsing an overly long username at the beginning of an SSH session. NOCVE-9999-51516 Exploits/Remote Windows
03.25.2012 Oracle Java AtomicReferenceArray Type Confusion Exploit Unsafe type handling performed by the AtomicReferenceArray class of the Oracle Java Runtime Environment can be abused to cause a type confusion error. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user. CVE-2012-0507 Exploits/Client Side Windows, Linux, Mac OS X
03.21.2012 PAM Motd Privilege Escalation Exploit Update The PAM MOTD module in Ubuntu does not correctly handle path permissions when creating user file stamps. A local attacker can exploit this to gain root privileges. This update improves the reliability of the exploit. CVE-2010-0832 Exploits/Local Linux
03.21.2012 IBM Tivoli Provisioning Manager Express for Software ActiveX Buffer Overflow Exploit The specific flaw exists within the way the ActiveX Control parses data supplied to the RunAndUploadFile function. The ActiveX control is used to create an Asset Information file for the local system to be uploaded to the IBM Tivoli Provisioning Manager Express Server. CVE-2012-0198 Exploits/Client Side Windows
03.21.2012 CA Total Defense UNCWS Web Service exportReport Remote Code Execution Exploit The UNCWS Web Service component of CA Total Defense listens for SOAP requests. The exportReport method makes use of the uncsp_GenerateReports_Dashboard stored procedure, which is vulnerable to SQL Injection. A remote unauthenticated attacker can exploit this to execute arbitrary code on a vulnerable machine with SYSTEM privileges. NOCVE-9999-51517 Exploits/Remote Code Execution Windows
03.20.2012 IBM Personal Communications Buffer Overflow Exploit IBM Personal Communications is prone to a stack based buffer overflow when parsing a malformed WS file. This module exploits this flaw to archive a clientside code execution. CVE-2012-0201 Exploits/Client Side Windows
03.19.2012 Kingview SCADA HMI HistorySvr Heap Overflow Exploit Update KingView Scada is vulnerable to a buffer overflow error in the HistorySvr.exe module when processing malformed packets sent to port 777/TCP. This update adds new indirection using shell32.dll version 6.0.0.2900.5512. CVE-2011-0406 Exploits/Remote Windows
03.19.2012 AT TFTP Server Long Filename Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error during the processing of TFTP Read/Write request packet types. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet with an overly long filename field. This update ensures that the program receives all data. CVE-2006-6184 Exploits/Remote Windows
03.15.2012 Microsoft Windows Remote Desktop Protocol DoS (MS12-020) This module triggers a memory corruption vulnerability in the Remote Desktop Service by sending a malformed packet to the 3389/TCP port. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2012-0002 Denial of Service/Remote Windows

Pages