Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
08.22.2012 Linux Kernel IA32 Syscall Emulation Privilege Escalation Exploit This module exploits a vulnerability in Linux for x86-64. The IA32 system call emulation functionality does not zero-extend the EAX register after the 32bit entry path to ptrace is used, which might allow local users to trigger an out-of-bounds access to the system call table using the RAX register and escalate privileges. This vulnerability is a regression of CVE-2007-4573. CVE-2010-3301 Exploits/Local Linux
09.20.2006 Linux suid_dumpable exploit The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions. CVE-2006-2451 Exploits/Local Linux
09.15.2009 Apple Mac OS X HFS Plus Local Privilege Escalation Exploit XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler. This allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls. CVE-2009-1235 Exploits/Local Mac OS X
06.15.2009 Linux Kernel UDEV Local Privilege Escalation Exploit The 'udev' Linux application is prone to a local privilege-escalation vulnerability because it fails to properly handle netlink messages. Local attackers may exploit this issue to gain elevated privileges, which may lead to a complete compromise of the system. CVE-2009-1186 Exploits/Local Linux
02.13.2013 Solaris LD_AUDIT Privilege Escalation Exploit Update This module exploits a vulnerability in the Solaris Runtime Linker using the unsafe environment variable LD_AUDIT. This module exploits the vulnerability and installs an agent with root privileges. This update resolves an issue where the module could erroneously install agents in non-vulnerable systems. CVE-2005-2072 Exploits/Local Solaris
05.23.2012 Microsoft Windows Win32k Keyboard Layout Vulnerability Exploit (MS12-034) Update 4 This update adds support to Microsoft Windows Vista and Microsoft Windows 7 ( only DoS ). This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters. When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption. CVE-2012-0181 Exploits/Local Windows
07.01.2009 Microsoft Windows Token Kidnapping Local Privilege Escalation Exploit (MS09-012) This module exploits a vulnerability in the way that Microsoft Windows manages the RPCSS service and improperly isolates processes running under the NetworkService or LocalService accounts. This can be exploited to execute arbitrary code with System privileges. CVE-2008-1436 Exploits/Local Windows
05.07.2009 Sun xVM VirtualBox Exploit This module exploits a local privilege escalation vulnerability in certain packages shipped with Sun xVM VirtualBox for the Linux platform. CVE-2009-0876 Exploits/Local Linux
01.20.2014 VMware VMCI Privilege Escalation Exploit When the "vmci.sys" driver processes a crafted call from user an array index out of bound is exploited CVE-2013-1406 Exploits/Local Windows
11.14.2010 Microsoft Windows Task Scheduler Service Privilege Escalation Exploit This module exploits a privilege escalation vulnerability in the Microsoft Windows Task Scheduler Service. This vulnerability is currently exploited by the Stuxnet malware. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-3338 Exploits/Local Windows
08.13.2013 Microsoft Windows Win32k Read AV Vulnerability (MS13-053) Update This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk. This update adds support to Windows 2003 64 bits, Windows Vista 64 bits, Windows 2008 64 bits, Windows 2008 R2, Windows 7 64 bits, Windows 8 64 bits and Windows 2012 64 bits. CVE-2013-3660 Exploits/Local Windows
08.23.2010 Microsoft Windows CreateWindow Function Callback Exploit (MS10-032) Update 2 This update adds support to Microsoft Windows Vista and Microsoft Windows 2008. This module exploits a vulnerability in win32k.sys when a "window" is created. CVE-2010-0485 Exploits/Local Windows
05.21.2013 Microsoft Windows Win32k Buffer Overflow Exploit (MS13-046) This module exploits a vulnerability in Windows kernel calling to "DisplayConfigGetDeviceInfo" function with crafted parameters. CVE-2013-1333 Exploits/Local Windows
08.20.2008 Netscape Portable Runtime Environment Log File Overwrite Exploit Update This package updates the Netscape Portable Runtime Environment Log File Overwrite Exploit CVE-2006-4842 Exploits/Local Solaris
09.12.2011 Microsoft Internet Explorer File Integrity Level Protected Mode Bypass Privilege Escalation Exploit (MS11-057) The Protected Mode of Microsoft Internet Explorer can be bypassed by exploiting a logical flaw when checking the Integrity Level of a file. This module allows an agent running in the context of iexplore.exe with Low Integrity Level to install a new agent that will run with Medium Integrity Level. CVE-2011-1347 Exploits/Local Windows
10.21.2008 Microsoft Windows AFD Driver Local Privilege Escalation Exploit (MS08-066) Update This module exploits a vulnerability in Windows Ancillary function driver when the 0x1203F IOCTL in afd.sys is invoked with a specially crafted parameter. The IOCTL 0x1203F handler in the afd.sys function driver allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. This update adds support for Windows 2003. CVE-2008-3464 Exploits/Local Windows
11.03.2013 Microsoft Windows Win32k NULL Page Vulnerability Exploit (MS13-081) Update This module exploits a vulnerability in "win32k.sys" by calling to the "TrackPopupMenuEx" function. This update adds support to Windows 7 64 bits and Windows 2008 R2. CVE-2013-3881 Exploits/Local Windows
08.29.2007 WinPcap NPF.SYS IOCTL Handler Privilege Escalation Exploit This module exploits a vulnerability in WinPcap. The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. CVE-2007-3681 Exploits/Local Windows
01.27.2011 Trend Micro TMTDI.SYS Privilege Escalation Exploit Update This module exploits a privilege escalation vulnerability in the tmtdi.sys driver of Trend Micro Titanium Maximum Security and OfficeScan products. The vulnerable driver trusts a dword passed from user mode via IOCTL 0x220404, and interprets it as a function pointer without performing validations. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. This update adds support for the Trend Micro OfficeScan product, as well as support for Windows Server 2003 and Windows Server 2008 platforms. NOCVE-9999-45910 Exploits/Local Windows
05.25.2010 Linux Kernel UDEV Local Privilege Escalation Exploit Update The 'udev' Linux application is prone to a local privilege-escalation vulnerability because it fails to properly handle netlink messages. Local attackers may exploit this issue to gain elevated privileges, which may lead to a complete compromise of the system. This update fixs a module's bug. CVE-2009-1186 Exploits/Local Linux
01.11.2007 Linux NVIDIA exploit The NVIDIA Binary Graphics Driver for Linux is vulnerable to a buffer overflow that allows an attacker to run arbitrary code as root. CVE-2006-5379 Exploits/Local
03.12.2014 Oracle VirtualBox 3D Acceleration Virtual Machine Escape Exploit The code that implements 3D acceleration for OpenGL graphics in Oracle VirtualBox is prone to multiple memory corruption vulnerabilities. An attacker running code within a Guest operating system can exploit these vulnerabilities in order to escape from the virtual machine and execute arbitrary code on the Host operating system. CVE-2014-0981 Exploits/Local Windows
08.06.2009 FreeBSD mount Local Privilege Escalation Exploit FreeBSD is prone to multiple stack-based buffer-overflow vulnerabilities because the kernel fails to perform adequate boundary checks on user-supplied data. If the system is configured to allow unprivileged users to mount file systems, it is possible for a local adversary to exploit this vulnerability and execute code in the context of the kernel. CVE-2008-3531 Exploits/Local FreeBSD
05.19.2009 IBM Director CIM Server Privilege Escalation Exploit IBM Director is prone to a privilege-escalation vulnerability that affects the CIM server. Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of the CIM server process. CVE-2009-0880 Exploits/Local Windows
08.01.2006 Linux vixie-cron exploit do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf CVE-2006-2607 Exploits/Local Linux
10.28.2008 Novell NetWare Client NWFS.SYS Local Privilege Escalation Exploit This module exploits a vulnerability in Novell NetWare Client when handling a specially crafted IOCTL request. The vulnerability allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. CVE-2008-3158 Exploits/Local Windows
08.27.2012 Linux Kernel compat_alloc_user_space Privilege Escalation Exploit The "compat_alloc_user_space" function, which belongs to the 32-bit compatibility layer for 64-bit versions of Linux, can produce a stack pointer underflow when it's called with an arbitrary length input. This vulnerability can be used by local unprivileged users to corrupt the kernel memory in order to gain root privileges. CVE-2010-3081 Exploits/Local Linux
10.12.2010 Microsoft Windows Desktop Parameter Edit Vulnerability Exploit (MS09-025) This module exploits a stack overflow on kernel mode on win32k.sys via an unspecified desktop parameter. CVE-2009-1126 Exploits/Local Windows
01.13.2015 Microsoft Windows Ancillary Function Driver Double Free Vulnerability Exploit (MS14-040) Update 3 This module exploits a double-free vulnerability in "afd.sys" by calling to "AfdTransmiteFile" function with crafted parameters. This update adds support to Windows 2003, Windows Vista, Windows 2008, Windows 7, Windows 2008 R2, Windows 8 and Windows 2012 (all 64 bit versions). CVE-2014-1767 Exploits/Local Windows
08.29.2007 Symantec SYMTDI.SYS IOCTL Handler Privilege Escalation Exploit This module exploits a vulnerability in Symantec products when the 0x83022323 function is invoked with a specially crafted parameter. The IOCTL 0x83022323 handler in the SYMTDI.SYS device driver in Symantec products allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. CVE-2007-3673 Exploits/Local Windows

Pages