CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Date Titlesort descending Description Vulnerabilty Category Platform
12.06.2009 SumatraPDF Shading Pattern Processing Buffer Overflow Exploit The vulnerabilities are caused due to boundary errors within the "pdf_loadtype4shade()", "pdf_loadtype5shade()", "pdf_loadtype6shade()", and "pdf_loadtype7shade()" functions. This can be exploited to cause stack-based buffer overflows. CVE-2009-1605 Exploits/Client Side Windows
02.21.2010 Sun Java AWT Library setDiffICM Buffer Overflow Exploit This module exploits a buffer overflow in the AWT library in Sun Java JRE when a specially crafted parameter is passed to the setDiffICM function. CVE-2009-3869 Exploits/Client Side Windows
06.29.2009 Sun Java Calendar Deserialization Exploit This module exploits a deserialization bug in several Java Runtime Environments. CVE-2008-5353 Exploits/Client Side Windows, Mac OS X, Linux
11.18.2009 Sun Java getSoundBank Buffer Overflow Exploit This module exploits a stack based buffer overflow vulnerability in Sun Java SE in JDK and JRE when the HsbParser.getSoundBank function in jsound.dll handles a specially crafted .JAR file. CVE-2009-3867 Exploits/Client Side Windows, Linux
06.23.2011 Sun Java RMIConnectionImpl Deserialization Privilege Escalation Exploit This module exploits a privilege escalation vulnerability in Sun Java. The specific flaw exists within the deserialization of RMIConnectionImpl objects. Due to a lack of privilege checks during deserialization it is possible to supply privileged code in the ClassLoader of a constructor being deserialized. This allows for a remote attacker to call system level Java functions without proper sandboxing. Exploitation of this can lead to remote system compromise under the context of the currently logged in user. CVE-2010-0094 Exploits/Client Side Windows, Linux, Mac OS X
06.20.2011 Sun Java Runtime Environment Trusted Methods Chaining Exploit The specific flaw exists within the code responsible for ensuring proper privileged execution of methods. If an untrusted method in an applet attempts to call a method that requires privileges, Java will walk the call stack and for each entry verify that the method called is defined within a class that has that privilege. However, this does not take into account an untrusted object that has extended the trusted class without overwriting the target method. Additionally, this can be bypassed by abusing a similar trust issue with interfaces. An attacker can leverage these insecurities to execute vulnerable code under the context of the user invoking the JRE. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime. Authentication is not required to exploit this vulnerability. CVE-2010-0840 Exploits/Remote Windows, Linux, Mac OS X
01.21.2010 Sun Java System Web Server Digest DoS Multiple vulnerabilities have been identified in Sun Java System Web Server, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by buffer overflow errors when processing malformed "TRACE" or "OPTIONS" requests, or overly long "Authorization: Digest" headers, which could be exploited by attackers to crash an affected server or execute arbitrary code. This exploit forces the server process to throw an unhandled exception and be restarted. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0387 Denial of Service/Remote Solaris, Windows, Linux, AIX
01.26.2010 Sun Java System Web Server Webdav Stack Overflow This module exploits a buffer overflow vulnerability in the Sun Web Server Webdav service when parsing OPTION requests. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0361 Exploits/Remote Windows
10.17.2007 Sun Java Web Console format string exploit This module exploits a format string vulnerability in the Sun Java Web Console and installs an agent. CVE-2007-1681 Exploits/Remote Solaris
06.28.2007 Sun Java Web SOCKS Proxy Authentication Exploit This module exploits a stack-based buffer overflow vulnerability in the SOCKS proxy included in the Sun Java Web Proxy Server. The exploit sends specially crafted packets during the SOCKS connection negotiation and installs an agent if successful. CVE-2007-2881 Exploits/Remote Linux
04.14.2010 Sun Java Web Start Arbitrary Command Line Injection Exploit This module exploits a command injection vulnerability within the launch() function in the Java Deployment Toolkit. CVE-2010-1423 Exploits/Client Side Windows
07.21.2010 Sun Java Web Start Arbitrary Command Line Injection Exploit Update Argument injection vulnerability in the URI handler in Java Deployment Toolkit allows remote attackers to execute arbitrary code via the -J argument to javaws.exe, which is processed by the launch method. This update adds support for Windows Vista and Windows 7. CVE-2010-1423 Exploits/Client Side Windows
09.04.2007 Sun Java Web Start JNLP Stack Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in the javaws.exe program and deploys an agent when successful. The exploit triggers a vulnerability in the Java Runtime Environment allowing an attacker to execute arbitrary code on the remote machine. CVE-2007-3655 Exploits/Remote Windows
07.13.2008 Sun ONE Web Server-NSS challenge overflow exploit update A heap overflow in Netscape Network Security Services (NSS) library used by the Sun ONE Web Server is exploited remotely gaining control of the execution flow on the target host. This package updates the exploit. CVE-2004-0826 Exploits/Remote Solaris
09.28.2005 Sun Solaris Printd Arbitrary File Deletion Exploit Sun Solaris printd is affected by an arbitrary file deletion vulnerability. This module exploits this vulnerability. CVE-2005-4797 Exploits/Tools Solaris
02.21.2011 Sun SunScreen Firewall Privilege Escalation Exploit The SunScreen Firewall is prone to a vulnerability that allows the execution of arbitrary commands as the root user. This module exploits the vulnerability and installs an agent with root privileges. CVE-2011-0902 Exploits/Local Solaris
05.07.2009 Sun xVM VirtualBox Exploit This module exploits a local privilege escalation vulnerability in certain packages shipped with Sun xVM VirtualBox for the Linux platform. CVE-2009-0876 Exploits/Local Linux
09.15.2011 Sunway Force Control SCADA httpsvr Exploit A buffer-overflow vulnerability affects the httpsvr.exe webserver included in the device. This issue occurs when handling an excessively large URI. CVE-2011-2960 Exploits/Remote Windows
02.06.2012 Sunway Force Control SCADA SMNP NetDBServer Buffer Overflow Exploit A stack based buffer overflow in the SNMP NetDBServer service of Sunway Forcecontrol is triggered when sending an overly long string to the listening service on port 2001. NOCVE-9999-51166 Exploits/Remote Windows
02.13.2013 Sunway Force Control SCADA SMNP NetDBServer Buffer Overflow Exploit Update A stack based buffer overflow in the SNMP NetDBServer service of Sunway Forcecontrol is triggered when sending an overly long string to the listening service on port 2001. This version updates runtime value to the appropriate for this case. NOCVE-9999-51166 Exploits/Remote Windows
10.25.2011 Sunway ForceControl SCADA YRWXls ActiveX Exploit A code execution vulnerability exists in the Login method of Sunway ForceControl YRWXls.ocx NOCVE-9999-49943 Exploits/Client Side Windows
08.21.2013 Super Player 3500 M3U Local Stack Buffer Overflow Exploit Super Player 3500 contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Super Player when handling long .m3u files. NOCVE-9999-59277 Exploits/Client Side Windows
08.12.2014 Supported services list update This package updates the list of network service TCP and UDP ports known to the Impact exploits framework. Exploits/Remote
03.09.2008 SurgeMail Mail Server Exploit This module exploits a buffer overflow in SurgeMail Mail Server and installs an agent into the target host. A buffer overflow vulnerability is located in the function which handles the real CGI executables. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to this module. CVE-2008-1054 Exploits/Remote Windows
04.21.2008 SurgeMail Mail Server Exploit update This module exploits a buffer overflow in SurgeMail Mail Server and installs an agent into the target host. A buffer overflow vulnerability is located in the function which handles the real CGI executables. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to this module. This exploit perform three attempts to disable DEP in XP SP2 and Windows 2003. CVE-2008-1054 Exploits/Remote Windows
09.18.2007 Surgemail Search Exploit This module exploits a stack-based buffer overflow in the Surgemail Server 3.x and deploys an agent when successful. The exploit triggers a buffer-overflow vulnerability due to insufficient bounds checking of user supplied input allowing remote attackers to execute arbitrary code on the remote machine. CVE-2007-4377 Exploits/Remote Windows
12.27.2005 SuSE Linux chfn exploit This module exploits a vulnerability in SuSE chfn command and escalates privileges to root. CVE-2005-3503 Exploits/Local Linux
12.02.2010 SWiSH Max dwmapi DLL Hijacking Exploit SWiSH Max is prone to a vulnerability that may allow execution of dwmapi.dll if this dll is located in the same folder than .SWI file. NOCVE-9999-45990 Exploits/Client Side Windows
10.28.2009 Symantec Altiris Deployment Solution ActiveX Exploit This module exploits an arbitrary file download and execute vulnerability in the Altiris.AeXNSPkgDL.1 ActiveX Control included in Symantec Altiris Deployment Solution. CVE-2009-3179 Exploits/Client Side Windows
02.03.2010 Symantec Altiris Deployment Solution RunCmd Buffer Overflow Exploit This module exploits a vulnerability in the AeXNSConsoleUtilities.dll control included in the Symantec ConsoleUtilities application. The vulnerability is triggered when the RunCmd method processes a long string argument resulting in a stack-based buffer overflow. CVE-2009-3033 Exploits/Client Side Windows

Pages