Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Datesort descending Title Description Vulnerabilty Category Platform
12.10.2013 Adobe Reader ToolButton Use-After-Free Exploit This module exploits a Use-After-Free vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2013-3346 Exploits/Client Side Windows
12.11.2013 Microsoft Windows Win32k Integer Overflow DoS (MS13-101) This module exploits a vulnerability in win32k.sys by calling to "NtGdiGetTextExtent" function with crafted parameters. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2013-5058 Denial of Service/Local Windows
12.11.2013 HP Data Protector Cell Manager Opcode 211 Buffer Overflow Exploit A buffer overflow vulnerability in crs.exe when handling requests with opcode 211. CVE-2013-2333 Exploits/Remote Windows
12.11.2013 HP SiteScope Remote Code Execution Exploit Update This module exploits two vulnerabilities in HP SiteScope to gain remote code execution. The first vulnerability is an authentication bypass in the getSiteScopeConfiguration operation available through the APISiteScopeImpl AXIS service to grab the administrator credentials from the server running HP SiteScope. The second vulnerability is a directory traversal in the UploadFileHandler url that allows to upload files to the server into a directory that allows for scripting. This update only adds CVE number. CVE-2013-2367 Exploits/Remote Windows
12.12.2013 ABB MicroSCADA Wserver Buffer Overflow Exploit This vulnerability is a buffer overflow and allows remote attackers to execute arbitrary code on vulnerable installations of ABB MicroSCADA Wserver without authentication. The specific flaw exists within the wserver.exe component which listens on TCP port 12221. This component performs insufficient bounds checking on user-supplied data which results in stack buffer ovreflow. NOCVE-9999-61094 Exploits/Remote Windows
12.12.2013 TP-Link Camera Unauthenticated Remote Firmware Upgrade Exploit The /cgi-bin/firmwareupgrade file in TP-Link IP cameras allows remote unauthenticated attackers to perform firmware upgrades. This module tries to verify if the vulnerability is present in the target device without actually upgrading its firmware. CVE-2013-2581 Exploits/Remote
12.15.2013 PDFCool Studio Buffer Overflow Exploit PDFCool Studio Suite is prone to a security vulnerability when processing PDF files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing users to open a specially crafted PDF file. CVE-2013-4986 Exploits/Client Side Windows
12.15.2013 Microsoft Internet Explorer CCaret Use-After-Free Exploit (MS13-069) Use after free in Internet Explorer when handling the caret (text cursor) object. Successful control of the freed memory may leverage arbitrary code execution under the context of the user. CVE-2013-3205 Exploits/Client Side Windows
12.17.2013 RealPlayer TRACKID tag handling RMP Buffer Overflow Exploit Real Media Player are vulnerable to a heap buffer overflow when provided with a specially crafted .rmp file with malformed TRACKID tags. CVE-2013-6877 Exploits/Client Side Windows
12.19.2013 Microsoft Windows Win32k Integer Overflow DoS (MS13-101) Update This module exploits a vulnerability in win32k.sys by calling to "NtGdiGetTextExtent" function with crafted parameters. This update adds support to Windows 2003 (32 and 64 bits), Windows Vista (32 and 64 bits), Windows 2008 (32 and 64 bits), Windows 7 64 bits, Windows 2008 R2, Windows 8 ( 32 and 64 bits) and Windows 2012. CVE-2013-5058 Denial of Service/Local Windows
12.19.2013 IBM Forms Viewer XFDL Buffer Overflow Exploit IBM Forms Viewer is prone to a buffer overflow when handling a specially crafted XFDL file. CVE-2013-5447 Exploits/Client Side Windows
01.05.2014 Vortex Light Alloy M3U Playlist Buffer Overflow Exploit A Buffer Overflow exist in Vortex Light Alloy when parsing .M3U files. The vulnerability is caused due to a boundary error in Vortex Light Alloy when handling .M3U files beginning with "http://", when the application tries to obtain a stream from an url. This can be exploited to cause a stack-based buffer overflow via a specially crafted .M3U file. CVE-2013-6874 Exploits/Client Side Windows
01.07.2014 MongoDB mongoFind Uninitialized Memory Exploit The mongo::mongoFind method in MongoDB makes use of uninitialized memory. A remote attacker can fill that memory address with controlled data and then call the vulnerable function in order to execute arbitrary code on the affected server. NOCVE-9999-58919 Exploits/Remote Linux
01.16.2014 MongoDB mongoFind Uninitialized Memory Exploit Update The mongo::mongoFind method in MongoDB makes use of uninitialized memory. A remote attacker can fill that memory address with controlled data and then call the vulnerable function in order to execute arbitrary code on the affected server. This update adds the CVE number. CVE-2013-3969 Exploits/Remote Linux
01.16.2014 Microsoft Windows Win32k IsHandleEntrySecure Null Pointer Dereference DoS This module exploits a vulnerability in win32k.sys calling win32k!IsHandleEntrySecure function with crafted parameters. NOCVE-9999-60893 Denial of Service/Local Windows
01.16.2014 Adobe Reader ToolButton Use-After-Free Exploit Update This module exploits a Use-After-Free vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This update adds Javascript obfuscation to the PDF document and fixes some documentation issues. CVE-2013-3346 Exploits/Client Side Windows
01.20.2014 VMware VMCI Privilege Escalation Exploit When the "vmci.sys" driver processes a crafted call from user an array index out of bound is exploited CVE-2013-1406 Exploits/Local Windows
01.20.2014 Microsoft Windows Hyper-V Address Corruption Vulnerability DoS (MS13-092) This module exploits a vulnerability in the hypervisor of Hyper-V by sending a crafted hypercall from the "guest OS" to the "host OS". CVE-2013-3898 Denial of Service/Local Windows
01.29.2014 Watermark Master Buffer Overflow Exploit Watermark Master is prone to a buffer overflow vulnerability when handling WCF files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing users to open a specially crafted WCF file. NOCVE-9999-60773 Exploits/Client Side Windows
02.04.2014 Trojan Agents Enhancements Rev 02 This update improves the reliability and AV Evasion of Agents generated with modules: . Package and Register Agent . Send Agent by E-Mail . Serve Agent in Web Server Exploits/Remote
02.05.2014 Novell iPrint Client IPP Response URI Handling Buffer Overflow Exploit A buffer overflow vulnerability within the handling of functions that take a URI as a parameter allows arbitrary command execution when a user loads a specially crafted web page. CVE-2013-1091 Exploits/Client Side Windows
02.05.2014 HP ProCurve Manager SNAC UpdateCertificatesServlet Exploit This module exploits a path traversal vulnerability in HP ProCurve Manager. The specific flaw exists within the UpdateCertificatesServlet. This servlet improperly sanitizes the fileName argument allowing the remote attacker could upload a .jsp file and execute arbitrary code. Authentication is not required to exploit this vulnerability. CVE-2013-4812 Exploits/Remote Windows
02.06.2014 Zavio Camera RTSP Video Stream Unauthenticated Access Exploit The RTSP protocol authentication in the Zavio F3105 IP camera is disabled by default. This configuration error allows remote attackers to access the live video stream without being asked for credentials. CVE-2013-2569 Exploits/Remote
02.10.2014 HP ProCurve Manager SNAC UpdateDomainControllerServlet Exploit This module exploits a path traversal vulnerability in HP ProCurve Manager. The specific flaw exists within the UpdateDomainControllerServlet. This servlet improperly sanitizes the adCert argument allowing the remote attacker could upload a .jsp file and execute arbitrary code. Authentication is not required to exploit this vulnerability. CVE-2013-4811 Exploits/Remote Windows
02.11.2014 Panda Security for Business Pagent MESSAGE_FROM_REMOTE Path Traversal Exploit The Pagent service component of Panda Security for Business is prone to a path traversal vulnerability when handling MESSAGE_FROM_REMOTE packets. This vulnerability can be exploited by remote unauthenticated attackers to drop arbitrary files in the vulnerable machine in order to gain remote code execution with SYSTEM privileges. NOCVE-9999-62132 Exploits/Remote Windows
02.16.2014 IBM Director CIM Server Remote Code Execution Exploit update This update resolves an issue related to the use of Impact's WebDAV server by this module. Exploits/Remote
02.18.2014 Linux Kernel CONFIG_X86_X32 Privilege Escalation Exploit This module exploits a privilege escalation vulnerability in the Linux Kernel. The X86_X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace and allows a local attacker to escalate privileges. CVE-2014-0038 Exploits/Local Linux
02.19.2014 Microsoft Internet Explorer CardSpaceClaimCollection ActiveX Exploit (MS13-090) An integer overflow in the ActiveX control icardie.dll in Internet Explorer allows remote attackers to execute arbitrary code. CVE-2013-3918 Exploits/Client Side Windows
02.20.2014 HP Data Protector Cell Manager Opcode 263 Buffer Overflow Exploit The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcodes 214, 215, 216, 219, 257, and 263, the process blindly copies user supplied data into a fixed-length stack buffer. CVE-2013-6195 Exploits/Remote Windows
02.24.2014 Microsoft Internet Explorer MSHTML CMarkup Use-After-Free Exploit Use-after-free vulnerability in Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code. CVE-2014-0322 Exploits/Client Side Windows

Pages