Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Datesort ascending Title Description Vulnerabilty Category Platform
05.28.2014 WinRAR Filename Spoofing Exploit The file names showed in WinRAR when opening a ZIP file come from the central directory, but the file names used to extract and open contents come from the Local File Header. This allows to spoof file names when opening ZIP files and can be abused to execute arbitrary code. NOCVE-9999-63311 Exploits/Client Side Windows
05.27.2014 QuickView Plus Client vsacs Buffer Overflow Exploit Quick View Plus contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Quick View Plus when handling .MDB files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .MDB file. This module runs a malicious web server on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to it by opening the crafted MDB file with Quick View Plus. CVE-2013-5791 Exploits/Client Side Windows
05.27.2014 Microsoft Internet Explorer CMarkup Object Use-After-Free Exploit(MS14-021) Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. CVE-2014-1776 Exploits/Client Side Windows
05.27.2014 Wireshark MPEG File Parser Buffer Overflow Exploit An error within the MPEG file parser can be exploited to cause a buffer overflow via a specially crafted packet trace file. CVE-2014-2299 Exploits/Client Side Windows
05.22.2014 Catia CATSV5 Backbone Remote Buffer Overflow Exploit This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing CATIA. The vulnerability is caused due to a boundary error when copying a user supplied input to a fixed size stack buffer. The copying procedure stops when a null byte is found and no size check is proceeded. NOCVE-9999-62708 Exploits/Remote Windows
05.21.2014 Schneider Electric OFS Client Buffer Overflow Exploit When a crafted configuration file is parsed by the client, it may cause a buffer overflow allowing the configuration file execute code on the target PC. CVE-2014-0774 Exploits/Client Side Windows
05.21.2014 IBM SPSS SamplePower vsflex8l ActiveX Control ComboList Property Second Buffer Overflow Exploit The vulnerability is a buffer overflow caused due to an error related to the ComboList property within the vsflex8l ActiveX Control. CVE-2013-5057 Exploits/Client Side Windows
05.20.2014 Microsoft Windows Kernel NDProxy Vulnerability Exploit (MS14-002) This module exploits a vulnerability in Windows kernel ("ndproxy.sys" driver) by calling to the "DeviceIoControl" function with crafted parameters. This module is an update of the original "Microsoft Windows NDProxy DeviceIoControl Vulnerability Exploit" module. Besides, this module adds support to Windows 2003 SP2 64 bits edition. CVE-2013-5065 Exploits/Local Windows
05.19.2014 Publish-It PUI File Buffer Overflow Exploit Publish-It is prone to a buffer overflow when handling specially crafted PUI files. CVE-2014-0980 Exploits/Client Side Windows
05.18.2014 Adobe Flash Player SWF Load Crafted Module Exploit Update 2 This module exploits a vulnerability in Adobe Flash Player triggered when processing a SWF file and this load a crafted dll module. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This update improves the reliability of the exploit. CVE-2013-0634 Exploits/Client Side Windows
05.15.2014 Apache Struts ClassLoader Manipulation Remote Code Execution Exploit This module exploits a vulnerability in Apache Struts. The specific vulnerability is in the ParametersInterceptor, which allows a direct manipulation of the ClassLoader and as a result an attacker can execute arbitrary Java code in the target machine. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2014-0094 Exploits/Remote Linux
05.14.2014 WellinTech KingScada kxClientDownload ActiveX Exploit By properly setting the ProjectURL property, it is possible for an attacker to download an arbitrary dll file from a remote location and run the code in the dll in the context of the target process. CVE-2013-2827 Exploits/Client Side Windows
05.12.2014 Microsoft Internet Explorer CDisplayPointer Use-After-Free Exploit (MS13-080) Use after free in Internet Explorer when handling a CDisplayPointer object via the use of a "onpropertychange" event handler. Successful control of the freed memory may leverage arbitrary code execution under the context of the user. CVE-2013-3897 Exploits/Client Side Windows
05.07.2014 Adobe Flash Player Pixel Bender Exploit This module exploits a buffer overflow vulnerability in Adobe Flash Player in the flash.Display.Shader class when setting a Pixel Bender Filte as the Shader bytecode. This vulnerability has been found exploited in-the-wild during April 2014. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2014-0515 Exploits/Client Side Windows
05.05.2014 Adobe Flash Player Type Confusion Exploit Update This module exploits a type confusion vulnerability in Adobe Flash Player. This vulnerability has been found exploited in-the-wild during December 2013. This update improves module documentation, exploit code and adds more vulnerable Adobe Flash Player versions. CVE-2013-5331 Exploits/Client Side Windows
05.04.2014 Adobe Flash Player AVM2 Integer Underflow Exploit This module exploits an integer underflow vulnerability in Adobe Flash Player. This vulnerability was exploited in 0day attacks in February 2014. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2014-0497 Exploits/Client Side Windows
04.29.2014 Linux TCP ICMPv6 Router Advertisement Flooding Vulnerability Denial of Service This module exploits a vulnerability in Linux kernel by sending a big number of Router Advertisement messages to the target. CVE-2014-0254 Denial of Service/Remote Windows, Linux
04.28.2014 EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution Exploit This module exploits a remote code execution vulnerability in EMC Data Protection Advisor (DAP). Vulnerable installations of EMC DPA exposes the EJBInvokerServlet invoker servlet which does not require any type of authentication by default on certain profiles and allow remote attackers to invoke MBean methods and execute arbitrary code. CVE-2012-0874 Exploits/Remote Windows
04.25.2014 Adobe Flash Player Type Confusion Exploit This module exploits a type confusion vulnerability in Adobe Flash Player. This vulnerability has been found exploited in-the-wild during December 2013. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2013-5331 Exploits/Client Side Windows
04.23.2014 Microsoft Windows OpenType Engine Infinite Loop DoS (MS12-078) The OpenType Font driver in Microsoft Windows doesn't sufficiently validate user supplied input, leading to a denial of service vulnerability . CVE-2012-2556 Denial of Service/Local Windows
04.15.2014 HP ProCurve Agent AgentServlet Remote Code Execution Exploit The AgentServlet class in the Web interface of HP ProCurve Agent is prone to an authentication bypass vulnerability when handling HEAD requests. This vulnerability can be abused by remote unauthenticated attackers to modify the configuration of the HP ProCurve Agent, which can ultimately be leveraged to access the Tornado service component and finally execute arbitrary code with SYSTEM privileges on the target machine. CVE-2013-4813 Exploits/Remote Windows
04.13.2014 HP Data Protector EXEC_BAR Remote Command Execution Exploit This module exploits a remote code execution vulnerability in HP Data Protector by sending a specially crafted EXEC_BAR request. CVE-2013-2347 Exploits/Remote Windows
04.08.2014 OpenSSL TLS Heartbeat Read Overrun Memory Disclosure Exploit A missing boundary check in the TLS Heartbeat extension in OpenSSL can be abused by remote attackers to read up to 64 kb of memory from the server. This memory disclosure vulnerability can be used by remote unauthenticated attackers to obtain sensitive information from the affected server, including private keys and session cookies. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2014-0160 Exploits/Remote Linux
04.08.2014 AV Shell improvement This update is to increase the realiability of AV shell module. Post Exploitation
04.07.2014 Microsoft Word RTF listoverridecount Object Confusion Exploit This module exploits a vulnerability in Microsoft Word 2010 when parsing a specially crafted RTF file. This vulnerability was found being exploited in-the-wild during March 2014. CVE-2014-1761 Exploits/Client Side Windows
04.06.2014 Schneider Electric Serial Modbus Driver Buffer Overflow Exploit The vulnerability is a buffer overflow in Schneider Electric OPC factory Suite which bundle the vulnerable component Schneider Electric Modbus Serial Driver (ModbusDrv.exe). CVE-2013-0662 Exploits/Remote Windows
04.03.2014 Oracle VirtualBox VBoxSF.sys IOCTL_MRX_VBOX_DELCONN Privilege Escalation Exploit The VBoxSF.sys driver is a component of VirtualBox Guest Additions, which is in charge of providing the 'Shared Folders' feature offered by Oracle VirtualBox. This driver doesn't properly validate a pointer when handling the IOCTL_MRX_VBOX_DELCONN IoControl. This allows an unprivileged user in a Windows Guest OS with VirtualBox Guest Additions installed to gain SYSTEM privileges within the Guest OS. CVE-2014-0405 Exploits/Local Windows
03.31.2014 IrfanView PlugIn SID Image Processing Buffer Overflow Exploit A boundary error within the MrSID plug-in (MrSID.dll) when processing the IMAGE tag can be exploited to cause a stack-based buffer overflow. CVE-2013-3944 Exploits/Client Side Windows
03.20.2014 VLC MMS Stream Handling Buffer Overflow Exploit Update A Stack-based buffer overflow in VideoLAN VLC media player allows remote attackers to execute arbitrary code via a crafted MMS:// stream. This version fix a bug with source ip calculation. CVE-2012-1775 Exploits/Client Side Windows
03.20.2014 IBM Installation Manager URI Handler Argument Injection Exploit Update This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by instantiating the "iim" uri handler with a malicious DLL(impact.dll) as parameter. This update adds WEBDav support. CVE-2009-3518 Exploits/Client Side Windows

Pages