CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Date Titlesort descending Description Vulnerabilty Category Platform
02.21.2007 Windows Image Acquisition CmdLine exploit The Window Image Acquisition (WIA) Service in Microsoft Windows XP allows local users to gain privileges via a stack overflow when processing the bsCmdLine parameter of the IWiaDevMgr::RegisterEventCallbackProgram function. CVE-2007-0210 Exploits/Local Windows
02.10.2011 Windows Live Mail dwmapi DLL Hijacking Exploit Windows Live Mail is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder as an .EML file. NOCVE-9999-46918 Exploits/Client Side Windows
10.18.2007 Windows Macrovision (SECDRV.SYS) Memory Corruption Exploit This module exploits a vulnerability in Windows XP when the 0xCA002813 function is invoked with a specially crafted parameter. The IOCTL 0xCA002813 handler in the SECDRV.SYS device driver in Macrovision products, installed by default in Windows XP and Windows 2003, allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. CVE-2007-5587 Exploits/Local Windows
10.22.2007 Windows Macrovision (SECDRV.SYS) Memory Corruption Exploit Update This module exploits a vulnerability in Windows XP and Windows 2003 when the 0xCA002813 function is invoked with a specially crafted parameter. The IOCTL 0xCA002813 handler in the SECDRV.SYS device driver in Macrovision products, installed by default in Windows XP and Windows 2003, allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. This update corrects the CVE number and adds Windows 2003 as Supported System. CVE-2007-5587 Exploits/Local Windows
07.11.2006 Windows Mailslot (MS06-035) DoS This module exploits a remote vulnerability that could allow an attacker to send a specially crafted SMB message to an affected system causing a denial of service (MS06-035). WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2006-3942 Denial of Service/Remote Windows
08.17.2006 Windows Mailslot DoS Update The server driver (srv.sys) in Microsoft Windows 2000 SP4, Server 2003 SP1 and earlier, and XP SP2 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet on an SMB PIPE that triggers a null dereference. While investigating the Microsoft Server Service Mailslot heap overflow vulnerability reported in Microsoft Security Bulletin MS06-035 we discovered a second bug in the server service. This module exploits this vulnerability. For more info go to http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10 CVE-2006-3942 Exploits/Remote Windows
03.09.2010 Windows Movie Maker MSWMM Buffer Overflow Exploit (MS10-016) This module exploits a buffer overflow in Windows Movie Maker by sending a specially crafted .MSWMM file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0265 Exploits/Client Side Windows
07.15.2010 Windows Movie Maker MSWMM Buffer Overflow Exploit (MS10-016) Update This module exploits a heap-based buffer overflow in the Microsoft Windows Movie Maker application by sending a specially crafted .MSWMM file. This update adds support for Windows Movie Maker 2.6. CVE-2010-0265 Exploits/Client Side Windows
03.20.2007 Windows Shell Hardware Detection exploit This module exploits a vulnerability in the 'detection and registration of new hardware' function of the Windows Shell; the vulnerability is exposed by a parameter that is not properly validated. The exploit allows a local user to escalate their privileges on a compromised Windows XP or Windows 2003 system. CVE-2007-0211 Exploits/Local Windows
03.17.2009 WinGate Proxy Server Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the handling of POST requests. This may allow execution of arbitrary code by sending an overly long, specially crafted POST request to the proxy server CVE-2006-2926 Exploits/Remote Windows
02.09.2011 WinHex hash DLL Hijacking Exploit WinHex is prone to a vulnerability that may allow the execution of any library file named hash.dll, if this dll is located in the same folder as a .WHX file. NOCVE-9999-45898 Exploits/Client Side Windows
08.29.2007 WinPcap NPF.SYS IOCTL Handler Privilege Escalation Exploit This module exploits a vulnerability in WinPcap. The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. CVE-2007-3681 Exploits/Local Windows
09.10.2007 WinPcap NPF.SYS IOCTL Handler Privilege Escalation Exploit Windows 2003 Support This module exploits a vulnerability in WinPcap. The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. This update adds support for Windows 2003. CVE-2007-3681 Exploits/Local Windows
08.28.2006 WinRAR LHA-LZH exploit This module exploits a stack buffer overflow in WinRAR 3.60 beta6 and prior to install a level0 agent. CVE-2006-3845 Exploits/Client Side Windows
09.03.2006 WinRAR LHA-LZH exploit update This module exploits a stack buffer overflow in WinRAR 3.60 beta6 and prior to install a level0 agent. This update adds support to register the exploit into the IMPACT webserver. CVE-2006-3845 Exploits/Client Side Windows
09.25.2007 WinVNC Client exploit update This package updates the WinVNC Client exploit. CVE-2001-0167 Exploits/Client Side Windows
01.25.2007 WinZip 10.x FileView ActiveX Exploit This module exploits a vulnerability in the FileView ActiveX control installed by WinZip v10.0 series prior to build 7245, and will install a Level0 agent. CVE-2006-3890 Exploits/Client Side Windows
09.05.2010 Wireshark airpcap DLL Hijacking Exploit Wireshark is prone to a vulnerability that may allow execution of airpcap.dll if this dll is located in the same folder than .PCAP file. CVE-2010-3133 Exploits/Client Side Windows
05.20.2013 Wireshark DRDA Dissector DoS The DRDA protocol dissector in Wireshark can enter an infinite loop when processing an specially crafted DRDA packet with the iLength field set to 0, causing Wireshark to stop responding. CVE-2012-3548 Denial of Service/Remote Windows, Linux
01.30.2011 Wireshark ENTTEC Dissector DoS This module exploits a vulnerability in the WireShark ENTTEC dissector by sending a specially crafted UDP packet. CVE-2010-4538 Denial of Service/Remote Linux, Windows
04.28.2008 WireShark LDAP Dissector DoS This module exploits a vulnerability in the WireShark LDAP dissector, sending a specially crafted LDAP packet, causing WireShark to crash. CVE-2008-1562 Denial of Service/Remote Windows
10.16.2011 WireShark LUA Script File Code Execution Exploit This module exploits a vulnerability to make WireShark run an arbitrary LUA script using a method similar to DLL hijacking when opening a .PCAP file. CVE-2011-3360 Exploits/Client Side Windows
02.07.2010 WireShark LWRES Dissector Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the WireShark LWRES dissector by sending a specially crafted LWRES packet. CVE-2010-0304 Exploits/Remote Windows
02.08.2010 WireShark LWRES Dissector Buffer Overflow Exploit Update This module exploits a stack-based buffer overflow in the WireShark LWRES dissector by sending a specially crafted LWRES packet. This update adds support for more WireShark versions. CVE-2010-0304 Exploits/Remote Windows
10.16.2011 WireShark openSAFETY Dissector DoS This module exploits a vulnerability in the WireShark openSAFETY dissector, sending a specially crafted openSAFETY packet over UDP, causing WireShark to crash. CVE-2011-3484 Denial of Service/Remote Windows
04.26.2011 Wireshark packet dect Remote Stack Buffer Overflow Exploit A heap-based buffer overflow was found in the DECT dissector of Wireshark. A remote attacker could use this flaw to cause the Wireshark executable to crash or potentially to execute arbitrary code with the privileges of the user running Wireshark. CVE-2011-1591 Exploits/Remote Windows
04.25.2011 Wireshark packet dect Stack Buffer Overflow Exploit This module exploits a stack buffer overflow in Wireshark when opening a crafted .PCAP file, resulting in arbitrary code execution. This module bypass DEP using ROP techniques. CVE-2011-1591 Exploits/Client Side Windows
07.28.2009 Wireshark PROFINET Dissector Format String Exploit Wireshark is prone to a format-string vulnerability. Attackers can leverage this issue to execute arbitrary code within the context of the vulnerable application. Failed attacks will likely cause denial-of-service conditions. CVE-2009-1210 Exploits/Remote Windows
02.09.2011 Wireshark PROFINET Dissector Format String Exploit Update Wireshark is prone to a format-string vulnerability. Attackers can leverage this issue to execute arbitrary code within the context of the vulnerable application. Failed attacks will likely cause denial-of-service conditions. This update adds windows 7 support. CVE-2009-1210 Exploits/Remote Windows
03.11.2008 WireShark SNMP Dissector DoS This module exploits a vulnerability in the WireShark SNMP dissector, sending a specially crafted SNMP packet, causing WireShark to crash. CVE-2008-1071 Denial of Service/Remote Windows

Pages