Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
10.23.2007 Linux X.org composite exploit This module exploits a buffer overflow condition on local X.org servers with the composite extension activated. CVE-2007-4730 Exploits/Local Linux
11.25.2010 Microsoft Windows SystemDefaultEUDCFont Privilege Escalation Exploit This module exploits a privilege escalation vulnerability in Microsoft Windows by setting a specially crafted SystemDefaultEUDCFont value in the HKEY_CURRENT_USER\EUDC Registry key, and then calling EnableEUDC() function in GDI32 library. It will enable local unprivileged users to gain SYSTEM privileges. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-4398 Exploits/Local Windows
05.30.2006 Microsoft Windows Telephony Service exploit This module connects to Telephony Service and sends a message via lineSetAppPriorityW winapi32 producing a buffer overflow and installs an agent. CVE-2005-0058 Exploits/Local Windows
08.19.2010 Linux Kernel Ext4 Move Extents IOCTL Privilege Escalation Exploit Linux kernel is prone to a local privilege-escalation vulnerability because the software fails to verify access permissions. A local user can invoke the Ext4 'move extents' ioctl call, with certain options to execute arbitrary code and gain privileged access. Successful exploits will result in the complete compromise of affected computers. CVE-2009-4131 Exploits/Local Linux
08.12.2011 Microsoft Internet Explorer XBAP Protected Mode Bypass Privilege Escalation Exploit The Protected Mode feature of Microsoft Internet Explorer can be bypassed by running an XBAP application from the local filesystem. This module allows an agent running with Low Integrity Level to install a new agent that will run with Medium Integrity Level. NOCVE-9999-49066 Exploits/Local Windows
10.01.2013 CSRSS facename exploit Update 2 This module exploits a stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process. Allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value. This update fixes a bug that occurs when this module is launched by RPT, with a newer Windows platform such as Windows Seven as target. CVE-2005-0551 Exploits/Local Windows
05.28.2009 AIX Setlocale Function Local Privilege Escalation Exploit The AIX Setlocale Function is prone to a local privilege-escalation vulnerability. A local attacker may be able to exploit this issue to gain elevated privileges on the affected computer. A successful exploit will lead to the complete compromise of the affected computer. CVE-2006-4254 Exploits/Local AIX
10.31.2006 Netscape Portable Runtime Environment log file overwrite exploit This module exploits a design error vulnerability in version 4.6.1 of NSPR, as included with Sun Microsystems Solaris 10, and allows attackers to create or overwrite arbitrary files on the system. CVE-2006-4842 Exploits/Local Solaris
06.27.2013 Microsoft Windows Win32k pprFlattenRec Vulnerability Exploit Update 2 This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk. This update adds support to Windows 2003, Windows 2008 and Windows Vista CVE-2013-3660 Exploits/Local Windows
07.31.2005 Solaris LD_AUDIT exploit This module exploits a vulnerability in the Solaris Runtime Linker using the unsafe environment variable LD_AUDIT. CVE-2005-2072 Exploits/Local Solaris
06.10.2014 Microsoft Windows Shell File Association Vulnerability Exploit (MS14-027) When the "HKEY_CURRENT_USER\Software\Classes\exefile" registry key is modified by this exploit and a Windows or third party service calls to the "ShellExecute" function, an invalid association file is produced, finalizing the attack with the execution of a crafted program instead of the original program. CVE-2014-1807 Exploits/Local Windows
12.05.2010 Microsoft Windows SystemDefaultEUDCFont Privilege Escalation Exploit Update This module exploits a privilege escalation vulnerability in Microsoft Windows by setting a specially crafted SystemDefaultEUDCFont value in the HKEY_CURRENT_USER\EUDC Registry key, and then calling EnableEUDC() function in GDI32 library. It will enable local unprivileged users to gain SYSTEM privileges. This update adds support for Windows Vista and Windows Server 2008. CVE-2010-4398 Exploits/Local Windows
09.28.2009 Windows Debugging Subsystem Exploit Update There is an authentication vulnerability in the Windows debugging subsystem (smss). This allows any user to obtain a handle with any access of any process running. With this handle an agent is injected in a SYSTEM process. The update fixes an issue using Import * CVE-2002-0367 Exploits/Local Windows
03.05.2013 Microsoft Windows Win32k Improper Message Handling Vulnerability Exploit (MS13-005) An elevation of privilege vulnerability exists when the Windows kernel improperly handles window broadcast messages. An attacker who successfully exploited this vulnerability could take complete control of an affected system. CVE-2013-0008 Exploits/Local Windows
01.19.2010 Microsoft Windows GP Trap Handler Privilege Escalation Exploit Incorrect assumptions in the support code of legacy 16bit applications in Microsoft Windows operating systems allows local users to gain system privileges via the "NtVdmControl" system call. This module exploits the vulnerability and installs an agent with system privileges. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0232 Exploits/Local Windows
07.16.2014 Microsoft Windows Administrator UAC Elevation Bypass This module abuses a design flaw in the way Microsoft Windows implements a UAC whitelist. The flaw could allow a process running with Medium Integrity to elevate itself to High Integrity without a UAC prompt when the process is run from an account in the administrators group. NOCVE-9999-64489 Exploits/Local Windows
03.20.2007 Windows Shell Hardware Detection exploit This module exploits a vulnerability in the 'detection and registration of new hardware' function of the Windows Shell; the vulnerability is exposed by a parameter that is not properly validated. The exploit allows a local user to escalate their privileges on a compromised Windows XP or Windows 2003 system. CVE-2007-0211 Exploits/Local Windows
11.07.2011 Trend Micro InterScan Web Security Suite Privilege Escalation Exploit This module exploits a local vulnerability in Trend Micro IWSS to gain elevated privileges on the affected computer. NOCVE-9999-50131 Exploits/Local Solaris, Linux
11.15.2007 Xen Pygrub Command Injection exploit for Impact 7.5 This module exploits a command injection error in tools/pygrub/src/GrubConf.py. This can be exploited by "root" users of a guest domain to execute arbitrary commands in domain 0 via specially crafted entries in grub.conf when the guest system is booted. CVE-2007-4993 Exploits/Local Linux
11.25.2010 Microsoft Windows Task Scheduler Service Privilege Escalation Exploit Update This module exploits a privilege escalation vulnerability in the Microsoft Windows Task Scheduler Service. This vulnerability is currently exploited by the Stuxnet malware. This update adds support for Windows 7 and Windows 2008 x64. CVE-2010-3338 Exploits/Local Windows
05.08.2012 Microsoft Windows Win32k Keyboard Layout Vulnerability Exploit (MS12-034) Update 2 This update adds support to Microsoft Windows 2008. This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters. When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption. CVE-2012-0181 Exploits/Local Windows
11.07.2011 Microsoft Windows AFD AfdJoinLeaf Privilege Escalation Exploit Update (MS11-080) The Ancillary Function Driver (AFD.sys) present in Microsoft Windows is vulnerable to an arbitrary pointer overwrite. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by sending a specially crafted IOCTL to the vulnerable driver. This update adds support for Windows 2003. CVE-2011-2005 Exploits/Local Windows
05.14.2012 Microsoft Windows Win32k Keyboard Layout Vulnerability Exploit (MS12-034) Update 3 This update adds support to Microsoft Windows XP with the MS12-034 patch installed. This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters. When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption. CVE-2012-0181 Exploits/Local Windows
05.07.2008 Microsoft IIS MS08-006 Exploit update This module exploits a stack buffer overflow vulnerability in Microsoft Internet Information Server 5.1 through 6.0. This update adds support for 2003 Enterprise Sp1 and bypasses DEP in already supported platforms. CVE-2008-0075 Exploits/Local Windows
09.10.2007 WinPcap NPF.SYS IOCTL Handler Privilege Escalation Exploit Windows 2003 Support This module exploits a vulnerability in WinPcap. The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. This update adds support for Windows 2003. CVE-2007-3681 Exploits/Local Windows
12.25.2006 Mac OS X Mach Exception Handling exploit update An error handling mechanism in the kernel of Mac OS X, provides the ability to control programs when certain types of errors are encountered. This module uses this mechanism to execute arbitrary code in privileged programs if an error is encountered. This update adds support for Mac OS X (i386) CVE-2006-4392 Exploits/Local
10.19.2010 GNU Glibc ld.so ORIGIN Privilege Escalation Exploit The GNU C library (GNU glibc) is prone to a local privilege-escalation vulnerability. This module exploits the vulnerability to install an agent with root privileges. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-3847 Exploits/Local Linux
01.16.2011 Microsoft Windows Win32k Keyboard Layout Vulnerability Exploit (MS10-073) Update 2 This update adds support to Microsoft Windows 2003, Vista and 2008. This module exploits a vulnerability on "win32k.sys" when a keyboard layout is loaded by the kernel. CVE-2010-2743 Exploits/Local Windows
03.28.2007 IIS ASP Server-Side Include exploit update This update improves the reliability of the 'ISS ASP Server-Side Include exploit'. The module exploits a buffer overflow vulnerability in the SSINC.DLL file used by Microsoft IIS 5.0. The exploit is triggered by including long enough filenames in any ASP file. CVE-2002-0149 Exploits/Local Windows
11.08.2010 Trend Micro Titanium Maximum Security TMTDI.SYS Privilege Escalation Exploit This module exploits a privilege escalation vulnerability in Trend Micro Titanium Maximum Security tmtdi.sys driver. The vulnerable driver trusts a dword passed from user mode via IOCTL 0x220404, and interprets it as a function pointer without performing validations. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. NOCVE-9999-45910 Exploits/Local Windows

Pages