CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Datesort ascending Title Description Vulnerabilty Category Platform
02.10.2014 HP ProCurve Manager SNAC UpdateDomainControllerServlet Exploit This module exploits a path traversal vulnerability in HP ProCurve Manager. The specific flaw exists within the UpdateDomainControllerServlet. This servlet improperly sanitizes the adCert argument allowing the remote attacker could upload a .jsp file and execute arbitrary code. Authentication is not required to exploit this vulnerability. CVE-2013-4811 Exploits/Remote Windows
02.06.2014 Zavio Camera RTSP Video Stream Unauthenticated Access Exploit The RTSP protocol authentication in the Zavio F3105 IP camera is disabled by default. This configuration error allows remote attackers to access the live video stream without being asked for credentials. CVE-2013-2569 Exploits/Remote
02.05.2014 Novell iPrint Client IPP Response URI Handling Buffer Overflow Exploit A buffer overflow vulnerability within the handling of functions that take a URI as a parameter allows arbitrary command execution when a user loads a specially crafted web page. CVE-2013-1091 Exploits/Client Side Windows
02.05.2014 HP ProCurve Manager SNAC UpdateCertificatesServlet Exploit This module exploits a path traversal vulnerability in HP ProCurve Manager. The specific flaw exists within the UpdateCertificatesServlet. This servlet improperly sanitizes the fileName argument allowing the remote attacker could upload a .jsp file and execute arbitrary code. Authentication is not required to exploit this vulnerability. CVE-2013-4812 Exploits/Remote Windows
02.04.2014 Trojan Agents Enhancements Rev 02 This update improves the reliability and AV Evasion of Agents generated with modules: . Package and Register Agent . Send Agent by E-Mail . Serve Agent in Web Server Exploits/Remote
01.29.2014 Watermark Master Buffer Overflow Exploit Watermark Master is prone to a buffer overflow vulnerability when handling WCF files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing users to open a specially crafted WCF file. NOCVE-9999-60773 Exploits/Client Side Windows
01.20.2014 VMware VMCI Privilege Escalation Exploit When the "vmci.sys" driver processes a crafted call from user an array index out of bound is exploited CVE-2013-1406 Exploits/Local Windows
01.20.2014 Microsoft Windows Hyper-V Address Corruption Vulnerability DoS (MS13-092) This module exploits a vulnerability in the hypervisor of Hyper-V by sending a crafted hypercall from the "guest OS" to the "host OS". CVE-2013-3898 Denial of Service/Local Windows
01.16.2014 MongoDB mongoFind Uninitialized Memory Exploit Update The mongo::mongoFind method in MongoDB makes use of uninitialized memory. A remote attacker can fill that memory address with controlled data and then call the vulnerable function in order to execute arbitrary code on the affected server. This update adds the CVE number. CVE-2013-3969 Exploits/Remote Linux
01.16.2014 Microsoft Windows Win32k IsHandleEntrySecure Null Pointer Dereference DoS This module exploits a vulnerability in win32k.sys calling win32k!IsHandleEntrySecure function with crafted parameters. NOCVE-9999-60893 Denial of Service/Local Windows
01.16.2014 Adobe Reader ToolButton Use-After-Free Exploit Update This module exploits a Use-After-Free vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This update adds Javascript obfuscation to the PDF document and fixes some documentation issues. CVE-2013-3346 Exploits/Client Side Windows
01.07.2014 MongoDB mongoFind Uninitialized Memory Exploit The mongo::mongoFind method in MongoDB makes use of uninitialized memory. A remote attacker can fill that memory address with controlled data and then call the vulnerable function in order to execute arbitrary code on the affected server. NOCVE-9999-58919 Exploits/Remote Linux
01.05.2014 Vortex Light Alloy M3U Playlist Buffer Overflow Exploit A Buffer Overflow exist in Vortex Light Alloy when parsing .M3U files. The vulnerability is caused due to a boundary error in Vortex Light Alloy when handling .M3U files beginning with "http://", when the application tries to obtain a stream from an url. This can be exploited to cause a stack-based buffer overflow via a specially crafted .M3U file. CVE-2013-6874 Exploits/Client Side Windows
12.19.2013 Microsoft Windows Win32k Integer Overflow DoS (MS13-101) Update This module exploits a vulnerability in win32k.sys by calling to "NtGdiGetTextExtent" function with crafted parameters. This update adds support to Windows 2003 (32 and 64 bits), Windows Vista (32 and 64 bits), Windows 2008 (32 and 64 bits), Windows 7 64 bits, Windows 2008 R2, Windows 8 ( 32 and 64 bits) and Windows 2012. CVE-2013-5058 Denial of Service/Local Windows
12.19.2013 IBM Forms Viewer XFDL Buffer Overflow Exploit IBM Forms Viewer is prone to a buffer overflow when handling a specially crafted XFDL file. CVE-2013-5447 Exploits/Client Side Windows
12.17.2013 RealPlayer TRACKID tag handling RMP Buffer Overflow Exploit Real Media Player are vulnerable to a heap buffer overflow when provided with a specially crafted .rmp file with malformed TRACKID tags. CVE-2013-6877 Exploits/Client Side Windows
12.15.2013 PDFCool Studio Buffer Overflow Exploit PDFCool Studio Suite is prone to a security vulnerability when processing PDF files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing users to open a specially crafted PDF file. CVE-2013-4986 Exploits/Client Side Windows
12.15.2013 Microsoft Internet Explorer CCaret Use-After-Free Exploit (MS13-069) Use after free in Internet Explorer when handling the caret (text cursor) object. Successful control of the freed memory may leverage arbitrary code execution under the context of the user. CVE-2013-3205 Exploits/Client Side Windows
12.12.2013 ABB MicroSCADA Wserver Buffer Overflow Exploit This vulnerability is a buffer overflow and allows remote attackers to execute arbitrary code on vulnerable installations of ABB MicroSCADA Wserver without authentication. The specific flaw exists within the wserver.exe component which listens on TCP port 12221. This component performs insufficient bounds checking on user-supplied data which results in stack buffer ovreflow. NOCVE-9999-61094 Exploits/Remote Windows
12.12.2013 TP-Link Camera Unauthenticated Remote Firmware Upgrade Exploit The /cgi-bin/firmwareupgrade file in TP-Link IP cameras allows remote unauthenticated attackers to perform firmware upgrades. This module tries to verify if the vulnerability is present in the target device without actually upgrading its firmware. CVE-2013-2581 Exploits/Remote
12.11.2013 Microsoft Windows Win32k Integer Overflow DoS (MS13-101) This module exploits a vulnerability in win32k.sys by calling to "NtGdiGetTextExtent" function with crafted parameters. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2013-5058 Denial of Service/Local Windows
12.11.2013 HP Data Protector Cell Manager Opcode 211 Buffer Overflow Exploit A buffer overflow vulnerability in crs.exe when handling requests with opcode 211. CVE-2013-2333 Exploits/Remote Windows
12.11.2013 HP SiteScope Remote Code Execution Exploit Update This module exploits two vulnerabilities in HP SiteScope to gain remote code execution. The first vulnerability is an authentication bypass in the getSiteScopeConfiguration operation available through the APISiteScopeImpl AXIS service to grab the administrator credentials from the server running HP SiteScope. The second vulnerability is a directory traversal in the UploadFileHandler url that allows to upload files to the server into a directory that allows for scripting. This update only adds CVE number. CVE-2013-2367 Exploits/Remote Windows
12.10.2013 Corel PaintShop Pro X5 dwmapi DLL Insecure Library Loading Exploit Corel Paint Shop Pro is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .JPG file. CVE-2013-0733 Exploits/Client Side Windows
12.10.2013 Adobe Reader ToolButton Use-After-Free Exploit This module exploits a Use-After-Free vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2013-3346 Exploits/Client Side Windows
12.08.2013 Microsoft Internet Explorer Tabular Data Control ActiveX Exploit Reliability Enhancement v2 This updates improves the reliability of Microsoft Internet Explorer Tabular Data Control ActiveX Exploit. CVE-2010-0805 Exploits/Client Side Windows
12.08.2013 Microsoft Windows NFS NULL Dereference DoS (MS13-014) Update 2 This modules exploits a Windows kernel vulnerability in "nfssvr.sys" by sending a NFS file renaming crafted request to the target. This update adds support to Microsoft Windows Server 2012 and IPv6 attacks. CVE-2013-1281 Denial of Service/Remote Windows
12.05.2013 Oracle Java ShortComponentRaster Exploit The ShortComponentRaster.verify() method in Oracle Java versions prior to 7u25 holds a memory corruption vulnerability that allows the bypassing of "dataOffsets[]" boundary checks. This module exploits such vulnerability allowing for remote code execution. CVE-2013-2472 Exploits/Client Side Windows, Linux
12.03.2013 Microsoft Internet Explorer NonQuotedCmdLine Protected Mode Escape Exploit (MS13-055) An error in the way the GetSanitizedParametersFromNonQuotedCmdLine() function in the Internet Explorer broker process handles command-line arguments when trying to launch a program can be exploited to escape from the Internet Explorer Protected Mode sandbox. This module allows an agent running in the context of iexplore.exe with Low Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level. CVE-2013-4015 Exploits/Local Windows
12.02.2013 Microsoft Windows Active Directory Lightweight Directory Service DoS (MS13-079) This module exploits a vulnerability in "Microsoft Windows Active Directory Lightweight Directory" service by sending UDP requests to the LDAP port (usually 389) and then sending ICMP error messages producing a LDAP Stop Responding behavior. CVE-2013-3868 Denial of Service/Remote Windows

Pages