Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Titlesort descending Description Vulnerabilty Category Platform
11.14.2007 Adobe PageMaker Fontname exploit update for IMPACT 7.5 This module sends a mail with a specially crafted .pmd attachment. Once open, vulnerable versions of Adobe PageMaker will install an agent. CVE-2007-5169 Exploits/Client Side Windows
05.04.2009 Adobe PDF CustomDictionaryOpen Buffer Overflow Exploit This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in the customdictionaryopen() method in Javascript api. This can be exploited to cause a heap overflow when a specially crafted PDF file is opened. NOCVE-9999-38081 Exploits/Client Side Linux
08.24.2009 Adobe PDF CustomDictionaryOpen Buffer Overflow Update This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in the customdictionaryopen() method in Javascript api. This can be exploited to cause a heap overflow when a specially crafted PDF file is opened. This update corrects the CVE number for this exploit. CVE-2009-1493 Exploits/Client Side Linux
10.18.2009 Adobe PDF FlateDecode Argument Buffer Overflow Exploit This module exploits a heap based buffer overflow vulnerability in Adobe Reader when handling a specially crafted PDF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-3459 Exploits/Client Side Windows
03.29.2009 Adobe PDF getIcon Buffer Overflow Exploit This module exploits a stack based buffer overflow vulnerability in Adobe Reader when handling a specially crafted PDF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-0927 Exploits/Client Side Windows
04.12.2009 Adobe PDF getIcon Buffer Overflow Exploit Update This module exploits a stack based buffer overflow vulnerability in Adobe Reader when handling a specially crafted PDF file. This update adds support for Adobe Acrobat Pro Extended 9. CVE-2009-0927 Exploits/Client Side Windows
03.05.2008 Adobe PDF JavaScript Buffer Overflow Exploit This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary error in collectEmailInfo() method in EScript.api. This can be exploited to cause a stack-based buffer overflow when a specially crafted PDF file is opened. CVE-2007-5659 Exploits/Client Side Windows
07.09.2008 Adobe PDF JavaScript Buffer Overflow Exploit Update This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary error in collectEmailInfo() method in EScript.api. This can be exploited to cause a stack-based buffer overflow when a specially crafted PDF file is opened. This update adds support for Adobe Reader 7.0.9. CVE-2007-5659 Exploits/Client Side Windows
07.13.2008 Adobe PDF JavaScript Buffer Overflow Exploit Update 2 This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary error in collectEmailInfo() method in EScript.api. This can be exploited to cause a stack-based buffer overflow when a specially crafted PDF file is opened. This update adds support for Windows XP SP3 and Windows Vista SP1. CVE-2007-5659 Exploits/Client Side Windows
09.11.2008 Adobe PDF JavaScript Buffer Overflow Exploit Update 3 This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in collectEmailInfo() method in EScript.api. This can be exploited to cause a stack-based buffer overflow when a specially crafted PDF file is opened. This update adds support for Mac OS X 10.4.x and 10.5.x. CVE-2007-5659 Exploits/Client Side Windows, Mac OS X
12.15.2009 Adobe PDF Newplayer JavaScript Buffer Overflow Exploit This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in newplayer() method in multimedia.api. This can be exploited to cause a buffer overflow when a specially crafted .PDF file is opened. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-4324 Exploits/Client Side Windows
12.22.2009 Adobe PDF Newplayer JavaScript Buffer Overflow Exploit Update This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in newplayer() method in multimedia.api. This can be exploited to cause a buffer overflow when a specially crafted .PDF file is opened. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This Update adds support for Windows XP SP3 and Vista. CVE-2009-4324 Exploits/Client Side Windows
10.16.2007 Adobe PDF URI Handler Exploit This module exploits a vulnerability in Adobe Reader and Acrobat 8.0.1 and earlier on systems with Internet Explorer 7 installed. CVE-2007-5020 Exploits/Client Side Windows
11.16.2008 Adobe PDF URI Handler Exploit Update This module exploits a vulnerability in Adobe Reader and Acrobat 8.1.0 and earlier on systems with Internet Explorer 7 installed. This update adds support for WEB SERVER. CVE-2007-5020 Exploits/Client Side Windows
07.14.2008 Adobe Photoshop BMP Exploit This module exploits a vulnerability in Adobe Photoshop products when a malformed .BMP file is parsed. CVE-2008-1765 Exploits/Client Side Windows
06.06.2012 Adobe Photoshop Collada Asset Elements Buffer Overflow Exploit Adobe Photoshop CS5.1 is prone to a unicode overflow which occurs when overlong asset elements are processed. CVE-2012-2052 Exploits/Client Side Windows
11.30.2010 Adobe Photoshop CS4 dwmapi DLL Hijacking Exploit Adobe Photoshop CS4 is prone to a vulnerability that may allow execution of dwmapi.dll if this dll is located in the same folder than .PSD file. CVE-2010-3127 Exploits/Client Side Windows
12.01.2010 Adobe Photoshop CS5 wintab32 DLL Hijacking Exploit Adobe Photoshop CS5 is prone to a vulnerability that may allow execution of Wintab32.dll if this dll is located in the same folder than .PSD file. CVE-2010-3127 Exploits/Client Side Windows
11.30.2010 Adobe Pixel Bender Toolkit tbbmalloc DLL Hijacking Exploit Adobe Pixel Bender Toolkit is prone to a vulnerability that may allow execution of tbbmalloc.dll if this dll is located in the same folder than .PBK file. NOCVE-9999-45909 Exploits/Client Side Windows
12.05.2010 Adobe Premiere CS4 iacenc DLL Hijacking Exploit Adobe Premiere CS4 is prone to a vulnerability that may allow the execution of any library file named iacenc.dll, if this dll is located in the same folder than a .PPJ file. NOCVE-9999-45992 Exploits/Client Side Windows
10.21.2009 Adobe Reader and Acrobat Malformed U3D Data Heap Memory Corruption Exploit Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via a malformed U3D content in a .PDF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-2997 Exploits/Client Side Windows
02.26.2007 Adobe Reader and Acrobat PDF subroutine pointer exploit This module exploits a vulnerability in Adobe Reader and Acrobat 7.0.8 and earlier, which allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering. CVE-2006-5857 Exploits/Client Side Windows
03.07.2007 Adobe Reader and Acrobat PDF subroutine pointer exploit update This module exploits a vulnerability in Adobe Reader and Acrobat 7.0.8 and earlier, which allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering. This update adds Windows Vista support. CVE-2006-5857 Exploits/Client Side Windows
10.03.2007 Adobe Reader and Acrobat PDF subroutine pointer exploit update 2 This package updates the Adobe Reader and Acrobat PDF subroutine pointer exploit module. CVE-2006-5857 Exploits/Client Side Windows
06.28.2010 Adobe Reader authplay AVM2 newfunction Exploit Update This module exploits a vulnerability in Adobe Reader when parsing .PDF files. The vulnerability is caused due to a boundary error in authplay.dll when handling crafted malicious Flash (.SWF) file or by embedding a malicious Flash application in a .PDF file. This version add Windows Vista support. CVE-2010-1297 Exploits/Client Side Windows
10.28.2010 Adobe Reader authplay Flash Exploit This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed flash file embedded. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-3654 Exploits/Client Side Windows
11.04.2010 Adobe Reader authplay Flash Exploit Update This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed Flash file embedded. This update fixes an issue in the agent connector. CVE-2010-3654 Exploits/Client Side Windows
09.07.2010 Adobe Reader Font Parsing Exploit This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed font embedded. WARNING: This is an early release module.This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-2883 Exploits/Client Side Windows
09.19.2010 Adobe Reader Font Parsing Exploit Update This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed font embedded. This update adds support for several versions of Adobe Reader and corrects the CVE Number of the vulnerability. CVE-2010-2883 Exploits/Client Side Windows
01.25.2011 Adobe Reader Font SING Table Buffer Overflow Exploit Adobe Acrobat and Reader have a buffer overflow error in the "CoolType.dll" module when processing a .PDF document containing an overly long field in a SING (Smart Independent Glyphlets) table within a TrueType font. CVE-2010-2883 Exploits/Client Side Windows

Pages