Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Datesort descending Title Description Vulnerabilty Category Platform
08.21.2013 Super Player 3500 M3U Local Stack Buffer Overflow Exploit Super Player 3500 contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Super Player when handling long .m3u files. NOCVE-9999-59277 Exploits/Client Side Windows
08.25.2013 GSM SIM Utility SEH Buffer Overflow Exploit GSM SIM Utility contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in GSM SIM Editor when handling misleading .sms files. When opening such files an error message is shown and then a buffer overflow occurs. This situation allows an attacker to overwrite an SEH Pointer and control the execution flow. NOCVE-9999-59322 Exploits/Client Side Windows
08.28.2013 Triologic Player M3U Unicode SEH Buffer Overflow Exploit Triologic Media Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Triologic Player when handling misleading m3u files. This situation leads to a buffer overflow and allows an attacker to overwrite an SEH Pointer and get control of execution. This is an UNICODE overflow so special shellcode must be considered. This vulnerability can be exploited via a specially crafted .m3u file. CVE-2009-0266 Exploits/Client Side Windows
08.28.2013 Agnitum Outpost Security Suite Privilege Escalation Exploit This module exploits a vulnerability in Agnitum Outpost Security Suite acs.exe service server when handling a specially crafted request, sent to the acsipc_server named pipe. Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of the acs.exe server process. NOCVE-9999-59314 Exploits/Local Windows
08.29.2013 HP LoadRunner micWebAjax ActiveX Control NotifyEvent Exploit The specific flaw exists within the micWebAjax.dll ActiveX control. The control exposes the NotifyEvent method. The method performs insufficient bounds checking on user-supplied data which results in stack corruption. CVE-2013-2368 Exploits/Client Side Windows
09.01.2013 Kingsoft Writer WPS Font Names Buffer Overflow Exploit Kingsoft Writer is prone to a Buffer Overflow when handling font names via a specially crafted WPS file with an overly long font name. CVE-2013-3934 Exploits/Client Side Windows
09.04.2013 Graphite Pickle Remote Code Execution Exploit This module exploits an unsafe pickle operation of Graphite in order to install an agent. CVE-2013-5093 Exploits/Remote Linux
09.04.2013 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free (MS13-059) Use after free in Internet Explorer when an invalid reference to CFlatMarkupPointer is used. Successful control of the freed memory may leverage arbitrary code execution under the context of the user. CVE-2013-3184 Exploits/Client Side Windows
09.05.2013 SIEMENS Solid Edge SEListCtrlX ActiveX Memory Write Exploit Siemens Solid Edge SEListCtrlX ActiveX control is prone to an arbitrary memory write vulnerability because the application fails to perform adequate boundary checks on user-supplied data. NOCVE-9999-58736 Exploits/Client Side Windows
09.06.2013 Sophos Web Protection Appliance sblistpack Command Injection Exploit The /opt/ws/bin/sblistpack Perl script in Sophos Web Protection Appliance, which can be reached from the web interface, is vulnerable to OS command injection because its get_referers() function does not escape the first argument of the script before using it within a string that will be executed as a command by using backticks. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code in the affected appliance with the privileges of the "spiderman" operating system user. A second vulnerability in the Sophos Web Protection Appliance (an OS command injection in the /opt/cma/bin/clear_keys.pl script, which can be executed by the "spiderman" user with the sudo command without password) allows an attacker who successfully compromised the appliance to escalate privileges from "spiderman" to root. CVE-2013-4983 Exploits/Remote Linux
09.12.2013 Microsoft Windows Theme File Handling Exploit (MS13-071) The vulnerability is caused due to an error when handling theme and screensaver files. CVE-2013-0810 Exploits/Client Side Windows
09.15.2013 freeSSHd SSH Server Authentication Bypass Remote Code Execution Exploit Update V2 This update modifies the application version displayed in Quick Information. CVE-2012-6066 Exploits/Remote Windows
09.15.2013 Microsoft Windows Print Spooler Service Format String Vulnerability DoS (MS12-054) Update V3 This update provides a better documentation for this module. CVE-2012-1851 Denial of Service/Remote Windows
09.15.2013 SNMP OS Detect and Identity Verifier Update V2 This update extends the information gathered to include CVE-1999-0516 and CVE-1999-0517 when present in the target. Exploits/Remote
09.15.2013 FreeFTPd PASS Command Buffer Overflow Exploit FreeFTPd is prone to a buffer overflow when handling an overly long PASS command. NOCVE-9999-59669 Exploits/Remote Windows
09.15.2013 Music Animation Machine MIDI SEH Buffer Overflow Exploit Music Animation Machine MIDI Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in MAM Player when handling misleading MIDI files. This situation leads to a buffer overflow and allows an attacker to overwrite an SEH Pointer and get control of execution. This vulnerability can be exploited via a specially crafted .mamx file. CVE-2011-0502 Exploits/Client Side Windows
09.15.2013 Firefox XMLSerializer Use After Free Exploit This module exploits a vulnerability in Mozilla Firefox when serializing XML to a DOM object. A certain method used during this process is likely to create a dangling pointer. Remote attackers can take advantage of this memory and use it to execute arbitrary code. CVE-2013-0753 Exploits/Client Side Windows
09.17.2013 Microsoft Windows Win32k Divided Error Exception DoS (MS13-046) Update This module exploits a Windows kernel vulnerability calling to "NtGdiScaleViewportExtEx" function by using crafted parameters. This update adds support for all 32 bit Windows versions. CVE-2013-1334 Denial of Service/Local Windows
09.18.2013 Microsoft Office Access Database Processing Pointers Exploit (MS13-074) Microsoft Access contains a vulnerability in the way it handles compiled queries that are stored in .aacdb files. It mistakenly interprets certain fields in the file as pointers and produce memory corruption. CVE-2013-3155 Exploits/Client Side Windows
09.29.2013 Bifrost Server Buffer Overflow Exploit Bifrost Server is prone to a buffer overflow vulnerability which can be exploited remotely by sending a specially crafted packet to port TCP/81. NOCVE-9999-58713 Exploits/Remote Windows
09.29.2013 Adobe ColdFusion APSB13-03 Remote Code Execution Exploit Adobe ColdFusion is vulnerable to a remote authentication-bypass, allowing the attacker to upload an agent and execute it. The agent may have SYSTEM privileges if ColdFusion is installed as a service in Windows. CVE-2013-0625 Exploits/Remote Windows
09.30.2013 Microsoft Windows Class Name String Atom Privilege Escalation Exploit (MS12-041) An error in the way that the Windows kernel handles string atoms when registering a new window class allows unprivileged users to re-register atoms of privileged applications. This vulnerability can be exploited by local unprivileged users to execute arbitrary code with SYSTEM privileges. CVE-2012-1864 Exploits/Local Windows
09.30.2013 Exim With Dovecot LDA Remote Code Execution Exploit The Dovecot documentation contains an example using a dangerous configuration option for Exim, which leads to a remote command execution vulnerability. NOCVE-9999-59209 Exploits/Remote Linux
10.01.2013 Openftpd Server Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error within the authentication process. This can be exploited to cause a stack-based buffer overflow by sending an overly long, specially-crafted password to the affected server. This update adds CVE Number. CVE-2010-2620 Exploits/Remote Windows
10.01.2013 CSRSS facename exploit Update 2 This module exploits a stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process. Allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value. This update fixes a bug that occurs when this module is launched by RPT, with a newer Windows platform such as Windows Seven as target. CVE-2005-0551 Exploits/Local Windows
10.02.2013 Micorosft Internet Explorer SetMouseCapture Use-After-Free Exploit This module exploits a use after free in Internet Explorer by using a SetMouseCapture vulnerability in MSHTML. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2013-3893 Exploits/Client Side Windows
10.02.2013 Microsoft Internet Explorer SetMouseCapture Use-After-Free Exploit Update This module exploits a use after free in Internet Explorer by using a SetMouseCapture vulnerability in MSHTML. This update fixes a typo in the name of the module. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2013-3893 Exploits/Client Side Windows
10.06.2013 Oracle Java IntegerInterleavedRaster Signed Integer Overflow Exploit This module exploits a vulnerability in Oracle Java. The vulnerability is an invalid array indexing that exists within the native IntegerInterleavedRaster.verify() function inside jre/bin/awt.dll CVE-2013-2471 Exploits/Client Side Windows, Linux
10.06.2013 Oracle Java storeImageArray Invalid Array Indexing Exploit This module exploits a vulnerability in Oracle Java. The vulnerability is an invalid array indexing that exists within the native storeImageArray() function inside jre/bin/awt.dll. CVE-2013-2465 Exploits/Client Side Windows, Linux
10.06.2013 Microsoft Windows Telephony Service exploit Update This module connects to Telephony Service and sends a message via lineSetAppPriorityW winapi32 producing a buffer overflow and installs an agent. This update fixes a bug that occurs when this module is launched by RPT, with a newer Windows platform such as Windows Seven as target. CVE-2005-0058 Exploits/Local Windows

Pages