Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Datesort descending Title Description Vulnerabilty Category Platform
06.03.2013 HP Intelligent Management FaultDownloadServlet Directory Traversal Exploit This module exploits a directory traversal vulnerability in HP Intelligent Management Center. Due to a lack of authentication and a directory traversal vulnerability in the FaultDownloadServlet component, an attacker can retrieve arbitrary files. CVE-2012-5202 Exploits/Remote File Disclosure Windows
06.03.2013 HP Intelligent Management IctDownloadServlet Directory Traversal Exploit This module exploits a directory traversal vulnerability in HP Intelligent Management Center. Due to a lack of authentication and a directory traversal vulnerability in the IctDownloadServlet component, an attacker can retrieve arbitrary files. CVE-2012-5204 Exploits/Remote File Disclosure Windows
06.03.2013 Apple Mac OS X DirectoryService AllocFromProxyStruct Buffer Underflow DoS This module exploits a vulnerability in the Mac OS X DirectoryService by sending a specially crafted packet to the 625/TCP port. CVE-2013-0984 Denial of Service/Remote Mac OS X
06.05.2013 Serva TFTPD Service Large Read Requests Parsing DoS The Serva32 TFTPD service is vulnerable to a buffer overflow vulnerability when parsing large read requests. When the application reads in a large buffer the application crashes. CVE-2013-0145 Denial of Service/Remote Windows
06.05.2013 Wordpress W3 Total Cache PHP Remote Code Execution Exploit This module exploits a vulnerability in W3 Total Cache plugin for Wordpress. Certain macros such as mfunc allow to inject PHP code into comments. By injecting a crafted comment into a valid post an attacker can execute arbitrary PHP code on systems running vulnerable installations of W3 Total Cache. CVE-2013-2010 Exploits/Remote Linux
06.09.2013 MongoDB nativeHelper Remote Code Execution Exploit This module exploits a vulnerability in MongoDB server. An arbitrary value passed as a parameter to the nativeHelper function in MongoDB server allows an attacker to control the execution flows to achieve remote code execution. CVE-2013-1892 Exploits/Remote Linux
06.10.2013 Oracle Java Driver Manager Remote Code Execution Exploit This module exploits a vulnerability in Oracle Java taking advantages of the java.sql.DriverManager class. The specific flaw exists within the usage of java.sql.DriverManager. The issue lies in an implicit call to toString() that is made within a doPrivileged block. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user. This vulnerability was one of the 2013's Pwn2Own challenges. CVE-2013-1488 Exploits/Client Side Windows, Linux, Mac OS X
06.11.2013 IntraSrv Simple Web Server Buffer Overflow Exploit IntraSrv is prone to a buffer overflow within GET requests with an overly long HOST parameter. NOCVE-9999-58319 Exploits/Remote Windows
06.11.2013 Microsoft Windows Win32k pprFlattenRec Vulnerability Exploit This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk. CVE-2013-3660 Exploits/Local Windows
06.13.2013 Artweaver JPG Image Processing Buffer Overflow Exploit The vulnerability is caused due to a boundary error when processing JPG image files and can be exploited to cause a stack-based buffer overflow via a specially crafted JPG image file. CVE-2013-3481 Exploits/Client Side Windows
06.14.2013 Sketchup MAC Pict Material Palette Stack Corruption Exploit Sketchup fails to validate the input when parsing an embedded MAC Pict texture, leading to an arbitrary stack offset overwrite and finally to an arbitrary code execution. CVE-2013-3664 Exploits/Client Side Windows
06.16.2013 XnView XCF Processing Image Layer Buffer Overflow Exploit Xnview is prone to a stack based buffer overflow which can be exploited through a specially crafted image layer within an XCF file. CVE-2013-3246 Exploits/Client Side Windows
06.17.2013 Zoom Player BMP File Processing Buffer Overflow Exploit Zoom Player is prone to a buffer-overflow via a specially crafted BMP image with an overly large "biClrUsed" value. CVE-2013-3259 Exploits/Client Side Windows
06.18.2013 Mozilla Firefox plugin objects Privileged Code Execution Exploit This module exploits a remote code injection in Mozilla Firefox by using vulnerabilities CVE-2013-0758 and CVE-2013-0757. CVE-2013-0758 Exploits/Client Side Windows
06.18.2013 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow Exploit (MS13-037) This module exploits an integer overflow vulnerability in the Vector Markup Language (VML) on Internet Explorer. The vulnerability exists in the handling of the dashstyle.array length for VML shapes on the vgx.dll module. This vulnerability was one of the 2013's Pwn2Own challenges. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2013-2551 Exploits/Client Side Windows
06.18.2013 Microsoft Office PNG File Buffer Overflow Exploit Buffer overflow in Microsoft Office allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation. CVE-2013-1331 Exploits/Client Side Windows
06.24.2013 Microsoft Windows Win32k pprFlattenRec Vulnerability Exploit Update This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk. This update adds support to Microsoft Windows 8. CVE-2013-3660 Exploits/Local Windows
06.24.2013 FreeBSD mmap ptrace Privilege Escalation Exploit This module exploits a vulnerability in FreeBSD. The FreeBSD virtual memory system allows files to be memory-mapped. All or parts of a file can be made available to a process via its address space. The process can then access the file using memory operations rather than filesystem I/O calls. Due to insufficient permission checks in the virtual memory system, a tracing process (such as a debugger) may be able to modify portions of the traced process's address space to which the traced process itself does not have write access. CVE-2013-2171 Exploits/Local FreeBSD
06.25.2013 Linux Kernel perf_swevent_init Privilege Escalation Exploit This module exploits a vulnerability in the Linux kernel. The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call. CVE-2013-2094 Exploits/Local Linux
06.26.2013 Google Sketchup MAC Pict Stack Corruption Exploit Google Sketchup fails to validate the input when parsing an crafted skp file with Pict texture, leading to an arbitrary stack offset overwrite and finally to an arbitrary code execution. CVE-2013-3662 Exploits/Client Side Windows
06.26.2013 AudioCoder M3U Buffer Overflow Exploit AudioCoder contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in AudioCoder when handling .m3u files beginning with http://, when the application tries to obtain a stream from an url. This can be exploited to cause a stack-based buffer overflow via a specially crafted .m3u file. NOCVE-9999-58469 Exploits/Client Side Windows
06.27.2013 Microsoft Windows Win32k pprFlattenRec Vulnerability Exploit Update 2 This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk. This update adds support to Windows 2003, Windows 2008 and Windows Vista CVE-2013-3660 Exploits/Local Windows
07.02.2013 MediaCoder LST File Buffer Overflow Exploit A Buffer Overflow exist in Mediacoder when parsing .LST files. The vulnerability is caused due to a boundary error in Mediacoder when handling .LST files beginning with http://, when the application tries to obtain a stream from an url. This can be exploited to cause a stack-based buffer overflow via a specially crafted .LST file. NOCVE-9999-58662 Exploits/Client Side Windows
07.04.2013 HP System Management Homepage ginkgosnmp.inc Command Injection Exploit The ginkgosnmp.inc PHP script in HP System Management Homepage is vulnerable to OS command injection. This vulnerability allows remote authenticated attackers to execute arbitrary code on the affected machine with SYSTEM privileges. CVE-2013-3576 Exploits/Remote Windows
07.04.2013 ASN.1 Bit String SPNEGO exploit Update Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 encodings that cause arbitrary heap data to be overwritten. This update modifies the runtime value for this exploit. CVE-2003-0818 Exploits/Remote Windows
07.04.2013 Oracle Java Dynamic Binding Remote Code Execution Exploit Update An error in the way that Java implements dynamic binding can be abused to overwrite public final fields. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user. This update adds the CVE number to the exploit. CVE-2013-2423 Exploits/Client Side Windows, Linux, Mac OS X
07.07.2013 Adrenalin Player WAX Buffer Overflow Exploit This module exploits a vulnerability in Adrenalin Player .WAX files. The vulnerability is caused due to lack of boundary checks in exporting a WAX file witch causes an Buffer Overflow of the stack and a SEH attack is possible due to a vulnerable DLL included in the software. NOCVE-9999-58661 Exploits/Client Side Windows
07.10.2013 Adrenalin Player ASX Buffer Overflow Exploit This module exploits a vulnerability in Adrenalin Player .ASX files. The vulnerability is caused due to lack of boundary checks in exporting an ASX file witch causes an Buffer Overflow of the stack and a SEH attack is possible due to a vulnerable DLL included in the software. NOCVE-9999-58660 Exploits/Client Side Windows
07.11.2013 HP Data Protector Cell Manager Opcode 259 Remote Code Execution Exploit The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing different opcodes, the process blindly copies user supplied data into a fixed-length stack buffer. A remote attacker can abuse this to execute remote code under the context of the SYSTEM user. CVE-2013-2329 Exploits/Remote Windows
07.16.2013 Microsoft Silverlight Double Dereference Exploit (MS13-022) A remote code execution vulnerability exists in Microsoft Silverlight that can allow a specially crafted Silverlight application to access memory in an unsafe manner. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the current user. CVE-2013-0074 Exploits/Client Side Windows

Pages