Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Titlesort descending Description Vulnerabilty Category Platform
06.02.2010 Solaris ICMP Packet Remote DoS This module exploits a vulnerability in Solaris 10. The vulnerability is caused due to the improper handling of ICMP packets by the Solaris Operating System. CVE-2007-0634 Denial of Service/Remote Solaris
07.31.2005 Solaris LD_AUDIT exploit This module exploits a vulnerability in the Solaris Runtime Linker using the unsafe environment variable LD_AUDIT. CVE-2005-2072 Exploits/Local Solaris
02.13.2013 Solaris LD_AUDIT Privilege Escalation Exploit Update This module exploits a vulnerability in the Solaris Runtime Linker using the unsafe environment variable LD_AUDIT. This module exploits the vulnerability and installs an agent with root privileges. This update resolves an issue where the module could erroneously install agents in non-vulnerable systems. CVE-2005-2072 Exploits/Local Solaris
02.26.2014 SolarWinds Application Monitor Pepco32c ActiveX Exploit The vulnerability is caused due to an error when handling the "PEstrarg1" member within pepco32c.ocx. NOCVE-9999-60564 Exploits/Client Side Windows
08.26.2014 SolarWinds Network Configuration Manager Pesgo32c PEstrarg1 Heap Overflow Exploit The vulnerability is caused due to a boundary error when handling the PEstrarg1 property and can be exploited to cause a heap overflow by assigning an overly long string to this property. CVE-2014-3459 Exploits/Client Side Windows
04.10.2012 SolarWinds Storage Manager Server SQL Injection Authentication Bypass Exploit This module exploits a vulnerability in the SolarWinds Storage Manager Server. The LoginServlet page available on port 9000 is vulnerable to SQL injection via the loginName field. An attacker can send a specially crafted username and execute arbitrary SQL commands leading to remote code execution. NOCVE-9999-51501 Exploits/Remote Windows
06.15.2010 Solarwinds TFTP Read Request DoS This exploit shutdown the Solarwinds TFTP server, sending a crafted Read Request to the affected port. CVE-2010-2115 Denial of Service/Remote Windows
08.28.2014 SolidWorks Workgroup PDM 2014 Opcode 2001 Remote Code Execution Exploit A stack buffer overflow occurs when copying a user supplied input to a fixed size stack buffer without boundary check leading to overwrite the SEH and the return address. The copying procedure stops when a null word is found and no size check is proceeded. NOCVE-9999-65834 Exploits/Remote Windows
10.21.2014 SolidWorks Workgroup PDM 2014 Opcode 2001 Remote Code Execution Exploit Update A stack buffer overflow occurs when copying a user supplied input to a fixed size stack buffer without boundary check leading to overwrite the SEH and the return address. The copying procedure stops when a null word is found and no size check is proceeded. NOCVE-9999-65834 Exploits/Remote Windows
02.16.2011 Sony Sound Forge Pro MtxParhVegasPreview DLL Hijacking Exploit Sony Sound Forge Pro is prone to a vulnerability that may allow the execution of any library file named MtxParhVegasPreview.dll, if this dll is located in the same folder as a .SFW file. The attacker must entice a victim into opening a specially crafted .SFW file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code. NOCVE-9999-47140 Exploits/Client Side Windows
10.30.2013 Sophos AntiVirus PDF Key Lenght Vulnerability Exploit A Buffer Overflow exist in Sophos Antivirus when parsing encrypted revision 3 PDF files by reading the encryption key contents onto a fixed length stack buffer. NOCVE-9999-55894 Exploits/Client Side Mac OS X
09.06.2013 Sophos Web Protection Appliance sblistpack Command Injection Exploit The /opt/ws/bin/sblistpack Perl script in Sophos Web Protection Appliance, which can be reached from the web interface, is vulnerable to OS command injection because its get_referers() function does not escape the first argument of the script before using it within a string that will be executed as a command by using backticks. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code in the affected appliance with the privileges of the "spiderman" operating system user. A second vulnerability in the Sophos Web Protection Appliance (an OS command injection in the /opt/cma/bin/clear_keys.pl script, which can be executed by the "spiderman" user with the sudo command without password) allows an attacker who successfully compromised the appliance to escalate privileges from "spiderman" to root. CVE-2013-4983 Exploits/Remote Linux
09.07.2011 Sorax PDF Reader dwmapi DLL Hijacking Exploit Sorax PDF Reader is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .PDF file. NOCVE-9999-49231 Exploits/Client Side Windows
12.02.2010 Sothink SWF Decompiler dwmapi DLL Hijacking Exploit Sothink SWF Decompiler is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .FLV file. NOCVE-9999-45993 Exploits/Client Side Windows
07.20.2009 Soulseek Server Peer Search Buffer Overflow Exploit The application is prone to a stack-based buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue occurs when performing a direct peer file search. CVE-2009-1830 Exploits/Remote Windows
02.22.2013 Sparklabs Viscosity Python Exec Local Privilege Escalation Exploit The setuid-set ViscosityHelper binary insecurely executes certain scripts and can be exploited to gain escalated privileges via symlink attacks. CVE-2012-4284 Exploits/Local Mac OS X
08.01.2012 SQL Injection Analyzer Update Test a web page's parameters trying to detect potential SQL Injection vulnerabilities. The module can be configured to look for vulnerabilities in GET & POST parameters and cookies. This update adds an additional trigger to the FAST set of SQL injection triggers for the SQL Injection analyzer to use. Exploits/SQL Injection/Analyzer
10.22.2012 SQL Injection Analyzer Update 2 Test a web page's parameters trying to detect potential SQL Injection vulnerabilities. this update is for 12.5. Exploits/SQL Injection/Analyzer
10.29.2006 SQL Server Hello exploit update This module exploits a vulnerability in Microsoft SQL Server. This update improves the exploit reliability and adds support for Windows 2003 CVE-2002-1123 Exploits/Remote Windows
02.04.2009 Squid Web Proxy Cache HTTP Version Number DoS This module sends HTTP requests that causes the Squid Web Proxy to stop running. NOCVE-9999-35968 Denial of Service/Remote Linux
01.11.2011 SquirrelMail map_yp_alias Command Injection Exploit The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. This module works if map:map_yp_alias is set as the imap server address in config.php, which is not the default setting. CVE-2009-1579 Exploits/Remote Solaris, AIX, Linux
06.07.2009 SSDT Cleaner for IMPACT SDT Cleaner is a tool that intends to clean the SSDT (system service descriptor table) from hooks. The SDT Cleaner allows you to clean hooks installed by Anti-Virus and Firewalls. Exploits/Tools Windows
05.28.2009 Steamcast GET Request Remote Buffer Overflow Exploit A boundary error can be exploited to cause a stack-based buffer overflow by sending a specially crafted GET HTTP request with an overly long path to the web server. CVE-2008-0550 Exploits/Remote Windows
05.27.2009 Ston3d Player Command Injection Exploit This module exploits a remote command injection vulnerability in Ston3DWebPlayer and Ston3DStandalonePlayer via an specially crafted STK file. CVE-2009-1792 Exploits/Client Side Windows, Linux
02.22.2010 Sudoedit Privilege Escalation Exploit Exploits a missing verification of the path in the command "sudoedit", provided by the sudo package. This can be exploited to e.g. execute any command as root including a shell, allowing an unprivileged process to elevate privileges to root. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0426 Exploits/Local Solaris, AIX, Linux, FreeBSD, OpenBSD, Mac OS X
07.22.2010 Sudoedit Privilege Escalation Exploit Update This module exploits a missing verification of the path in the command "sudoedit", provided by the sudo package. This can be exploited to execute any command as root including a shell, allowing an unprivileged process to elevate its privileges to root. This update adds OSX 10.6 (Snow Leopard) as supported target. CVE-2010-0426 Exploits/Local Solaris, AIX, Linux, FreeBSD, OpenBSD, Mac OS X
07.16.2012 SugarCRM CE unserialize PHP Code Execution Exploit The vulnerability is caused by scripts using "unserialize()" with user controlled input. This can be exploited to execute arbitrary PHP code via the "__destruct()" method of the "SugarTheme" class or passing an ad-hoc serialized object through the $_REQUEST['current_query_by_page'] input variable. CVE-2012-0694 Exploits/Remote Solaris, Linux, Mac OS X
08.17.2009 SugarCRM Remote Code Execution Exploit Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition (aka SugarCRM) before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct request to a modified filename under cache/modules/Emails/, as demonstrated using .php as the entire original name. CVE-2009-2146 Exploits/Remote Linux, Solaris, Mac OS X
11.30.2011 SugarCRM Remote Code Execution Exploit Update This update adds support for Solaris and Mac OS X platforms CVE-2009-2146 Exploits/Remote Linux, Solaris, Mac OS X
12.06.2009 SumatraPDF Shading Pattern Processing Buffer Overflow Exploit The vulnerabilities are caused due to boundary errors within the "pdf_loadtype4shade()", "pdf_loadtype5shade()", "pdf_loadtype6shade()", and "pdf_loadtype7shade()" functions. This can be exploited to cause stack-based buffer overflows. CVE-2009-1605 Exploits/Client Side Windows

Pages