CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Date Titlesort descending Description Vulnerabilty Category Platform
12.01.2010 Adobe Photoshop CS5 wintab32 DLL Hijacking Exploit Adobe Photoshop CS5 is prone to a vulnerability that may allow execution of Wintab32.dll if this dll is located in the same folder than .PSD file. CVE-2010-3127 Exploits/Client Side Windows
11.30.2010 Adobe Pixel Bender Toolkit tbbmalloc DLL Hijacking Exploit Adobe Pixel Bender Toolkit is prone to a vulnerability that may allow execution of tbbmalloc.dll if this dll is located in the same folder than .PBK file. NOCVE-9999-45909 Exploits/Client Side Windows
12.05.2010 Adobe Premiere CS4 iacenc DLL Hijacking Exploit Adobe Premiere CS4 is prone to a vulnerability that may allow the execution of any library file named iacenc.dll, if this dll is located in the same folder than a .PPJ file. NOCVE-9999-45992 Exploits/Client Side Windows
10.21.2009 Adobe Reader and Acrobat Malformed U3D Data Heap Memory Corruption Exploit Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via a malformed U3D content in a .PDF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-2997 Exploits/Client Side Windows
02.26.2007 Adobe Reader and Acrobat PDF subroutine pointer exploit This module exploits a vulnerability in Adobe Reader and Acrobat 7.0.8 and earlier, which allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering. CVE-2006-5857 Exploits/Client Side Windows
03.07.2007 Adobe Reader and Acrobat PDF subroutine pointer exploit update This module exploits a vulnerability in Adobe Reader and Acrobat 7.0.8 and earlier, which allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering. This update adds Windows Vista support. CVE-2006-5857 Exploits/Client Side Windows
10.03.2007 Adobe Reader and Acrobat PDF subroutine pointer exploit update 2 This package updates the Adobe Reader and Acrobat PDF subroutine pointer exploit module. CVE-2006-5857 Exploits/Client Side Windows
06.28.2010 Adobe Reader authplay AVM2 newfunction Exploit Update This module exploits a vulnerability in Adobe Reader when parsing .PDF files. The vulnerability is caused due to a boundary error in authplay.dll when handling crafted malicious Flash (.SWF) file or by embedding a malicious Flash application in a .PDF file. This version add Windows Vista support. CVE-2010-1297 Exploits/Client Side Windows
10.28.2010 Adobe Reader authplay Flash Exploit This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed flash file embedded. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-3654 Exploits/Client Side Windows
11.04.2010 Adobe Reader authplay Flash Exploit Update This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed Flash file embedded. This update fixes an issue in the agent connector. CVE-2010-3654 Exploits/Client Side Windows
09.07.2010 Adobe Reader Font Parsing Exploit This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed font embedded. WARNING: This is an early release module.This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-2883 Exploits/Client Side Windows
09.19.2010 Adobe Reader Font Parsing Exploit Update This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed font embedded. This update adds support for several versions of Adobe Reader and corrects the CVE Number of the vulnerability. CVE-2010-2883 Exploits/Client Side Windows
01.25.2011 Adobe Reader Font SING Table Buffer Overflow Exploit Adobe Acrobat and Reader have a buffer overflow error in the "CoolType.dll" module when processing a .PDF document containing an overly long field in a SING (Smart Independent Glyphlets) table within a TrueType font. CVE-2010-2883 Exploits/Client Side Windows
04.18.2012 Adobe Reader Font SING Table Buffer Overflow Exploit Update This update fixes an error which made the module abort. CVE-2010-2883 Exploits/Client Side Windows
01.22.2012 Adobe Reader ICC Chunk Parsing Integer Overflow Exploit An integer overflow occurs when Adobe Reader parses some crafted ICC chunks. CVE-2011-2097 Exploits/Client Side Windows
02.23.2010 Adobe Reader Import Tiff Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in Adobe Reader products when a malformed .TIFF file is parsed. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0188 Exploits/Client Side Windows
03.04.2010 Adobe Reader Import Tiff Buffer Overflow Exploit Update This module exploits a buffer overflow vulnerability in Adobe Reader products when a malformed .TIFF file is parsed. This update add support for Windows Vista and Windows 7 trying to bypass DEP and ASRL protections. CVE-2010-0188 Exploits/Client Side Windows
02.23.2009 Adobe Reader JBIG2Decode Memory Corruption Exploit This module exploits an array indexing vulnerability in Adobe Reader when handling a specially crafted PDF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-0658 Exploits/Client Side Windows
08.11.2009 Adobe Reader JBIG2Decode Memory Corruption Exploit update This module exploits an array indexing vulnerability in Adobe Reader when handling a specially crafted PDF file. This update adds support for Windows XP SP2, Windows 2000 Professional SP4 and improves reliability when exploiting from browsers. CVE-2009-0658 Exploits/Client Side Windows
11.03.2008 Adobe Reader printf Buffer Overflow Exploit The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the util.printf() JavaScript function. CVE-2008-2992 Exploits/Client Side Windows
11.06.2008 Adobe Reader printf Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the util.printf() JavaScript function. This update improves exploit reliability and fixes a cookie handling bug. CVE-2008-2992 Exploits/Client Side Windows
12.10.2013 Adobe Reader ToolButton Use-After-Free Exploit This module exploits a Use-After-Free vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2013-3346 Exploits/Client Side Windows
01.16.2014 Adobe Reader ToolButton Use-After-Free Exploit Update This module exploits a Use-After-Free vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This update adds Javascript obfuscation to the PDF document and fixes some documentation issues. CVE-2013-3346 Exploits/Client Side Windows
12.12.2011 Adobe Reader U3D Memory Corruption Exploit The vulnerability is a memory corruption in the U3D component in Adobe Reader when handling a specially crafted PDF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2011-2462 Exploits/Client Side Windows
09.17.2014 Adobe Reader X AdobeCollabSync Buffer Overflow Sandbox Bypass Exploit This module allows an agent running in the context of AcroRd32.exe with Low Integrity Level/AppContainer Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level. CVE-2013-2730 Exploits/Local Windows
06.24.2014 Adobe Reader X XFA BMP RLE Heap Corruption Exploit This module exploits a heap based buffer overflow vulnerability in Adobe Reader X when handling a specially crafted PDF file. CVE-2013-2729 Exploits/Client Side Windows
11.16.2009 Adobe RoboHelp Server File Upload Code Execution Exploit This module exploits a remote .JSP code injection in Adobe RoboHelp Server by sending a specially crafted HTTP request to the affected service. CVE-2009-3068 Exploits/Remote Windows
10.21.2010 Adobe Shockwave rcsL Buffer Overflow Exploit This module exploits a vulnerability in Adobe Shockwave triggered when processing a specially crafted .DIR file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-2873 Exploits/Client Side Windows
07.10.2013 Adrenalin Player ASX Buffer Overflow Exploit This module exploits a vulnerability in Adrenalin Player .ASX files. The vulnerability is caused due to lack of boundary checks in exporting an ASX file witch causes an Buffer Overflow of the stack and a SEH attack is possible due to a vulnerable DLL included in the software. NOCVE-9999-58660 Exploits/Client Side Windows
07.07.2013 Adrenalin Player WAX Buffer Overflow Exploit This module exploits a vulnerability in Adrenalin Player .WAX files. The vulnerability is caused due to lack of boundary checks in exporting a WAX file witch causes an Buffer Overflow of the stack and a SEH attack is possible due to a vulnerable DLL included in the software. NOCVE-9999-58661 Exploits/Client Side Windows

Pages