CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Date Titlesort descending Description Vulnerabilty Category Platform
03.03.2009 WebApps Exploit Generator Update v8.0 rev 1 Update solving a conflict between new XSS Exploits and XSS Exploit Generator Exploits/Cross Site Scripting (XSS)
04.17.2008 WebApps SQL Injection updates This package updates WebApps' SQL Injection features to improve detection of a SQL Agent's capabilities, fix escaping of SQL statements for Oracle and SQL Server, add a new export command to the SQL Shell and improve its handling of empty result sets. Exploits/SQL Injection
05.15.2008 WebApps SQL Injection updates v2 This package updates WebApps' SQL Injection features to fix an issue when detecting the database's version. Exploits/SQL Injection
04.19.2009 WebApps SQL Injection v8.0 rev 1 This package updates WebApps' SQL Injection features to improve accuracy of detection of vulnerabilities. Exploits/SQL Injection
11.21.2012 WebCalendar Remote Code Execution Exploit This module exploits a command injection vulnerability in WebCalendar prior to 1.2.4 in order to install an agent. CVE-2012-1495 Exploits/Remote Windows, Linux, Mac OS X
12.04.2012 WeBid converter Remote Code Execution Exploit Input passed via the "from" and "to" POST parameters to converter.php is not properly sanitised before being stored in includes/currencies.php. This can be exploited to inject and execute arbitrary PHP code. NOCVE-9999-53406 Exploits/Remote Code Execution Solaris, Linux, Windows, Mac OS X
06.11.2014 WellinTech KingSCADA AEServer Buffer Overflow Exploit The KingSCADA application has a stack-based buffer overflow vulnerability where the application overwrites the structured exception handler (SEH). An attacker could send a specially crafted packet to KingSCADA, and the application would handle the packet incorrectly, causing a stack-based buffer overflow. CVE-2014-0787 Exploits/Remote Windows
05.14.2014 WellinTech KingScada kxClientDownload ActiveX Exploit By properly setting the ProjectURL property, it is possible for an attacker to download an arbitrary dll file from a remote location and run the code in the dll in the context of the target process. CVE-2013-2827 Exploits/Client Side Windows
12.22.2008 WFTPD Server SIZE Command Buffer Overflow Exploit An internal memory buffer may be overrun while handling long "SIZE" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the WFTPD Server process. CVE-2006-4318 Exploits/Remote
12.10.2012 WibuKey Runtime for Windows ActiveX Exploit The vulnerability exists within the WkWin32.dll module when processing the DisplayMessageDialog() method. NOCVE-9999-55893 Exploits/Client Side Windows
01.04.2011 win32api update Update for win32api module which adds 2 new wrappers. Exploits/Local
01.31.2006 Winamp Computer Name Handling Buffer Overflow Exploit This module exploits a vulnerability in Winamp 5.12 WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. This update can be downloaded and installed by selecting 'Modules' -> 'Update modules' from IMPACT's main menu. A workspace must be opened for the operation to succeed. CVE-2006-0476 Exploits/Client Side Windows
09.22.2009 Winamp Computer Name Handling Buffer Overflow Exploit Update This module exploits a vulnerability in Winamp 5.12. This Update adds support for Impact v9 and Windows XP SP3. CVE-2006-0476 Exploits/Client Side Windows
09.27.2010 Winamp dwmapi DLL Hijacking Exploit Winamp is prone to a vulnerability that may allow execution of dwmapi.dll if this dll is located in the same folder than .CDA file. NOCVE-9999-44965 Exploits/Client Side Windows
07.02.2009 Winamp gen_ff DLL Buffer Overflow Exploit Winamp is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. CVE-2009-1831 Exploits/Client Side Windows
09.23.2009 Winamp gen_ff DLL Buffer Overflow Exploit Update Winamp is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. This update enhances support for the Impact 9. CVE-2009-1831 Exploits/Client Side Windows
03.17.2010 Winamp Impulse Tracker Sample Parsing Buffer Overflow Exploit The vulnerability is caused by a boundary error in the Module Decoder Plug-in (IN_MOD.DLL) when parsing samples and can be exploited to cause a heap-based buffer overflow via a specially crafted Impulse Tracker file. CVE-2009-3995 Exploits/Client Side Windows
01.03.2011 Winamp in_midi DLL MIDI Timestamp Buffer Overflow Exploit Winamp is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .MID file. CVE-2010-4370 Exploits/Client Side Windows
06.13.2010 Winamp MP4 Processing Integer Overflow Exploit An integer overflow error exists in the processing of MP4 files. This can be exploited to cause a heap-based buffer overflow via e.g. an MP4 file containing a specially crafted "ctts" box. NOCVE-9999-43620 Exploits/Client Side Windows
01.24.2008 Winamp Ultravox Streaming Buffer Overflow Exploit This module exploits a vulnerability in Winamp Player when parsing the Ultravox Streaming metadata. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. CVE-2008-0065 Exploits/Client Side Windows
10.02.2011 WinComLPD Remote Administration Buffer Overflow Exploit A buffer overflow in WinComLPD is triggered by sending an overly long authentication packet to the remote administration service. CVE-2008-5159 Exploits/Remote Windows
04.16.2008 Windows .ANI file parsing Exploit Update An integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .BMP, .CUR, .ICO or .ANI file with a large image size field. You can force vulnerable clients to connect to the web server automatically by using this module to send them a specially designed e-mail to exploit this vulnerability by open it with Outlook or Outlook Express. When the victim reads the HTML message a .ANI file is requested to the exploit's web server. If the system is vulnerable an agent is installed exploiting a buffer overflow in the function that parses such file. CVE-2004-1049 Exploits/Client Side Windows
01.03.2006 Windows .WMF file parsing exploit This module exploits a vulnerability in the way WMF metafile images are handled by Microsoft Window's graphic rendering engine. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. This update can be downloaded and installed by selecting 'Modules' -> 'Update modules' from IMPACT's main menu. A workspace must be opened for the operation to succeed. CVE-2005-4560 Exploits/Client Side Windows
02.26.2006 Windows .WMF file parsing exploit update This module exploits a vulnerability in the way WMF metafile images are handled by Microsoft Windows Graphics Rendering Engine. In this new version, the generated metafile is much more random and fully compliant with the file format. Additionally, the payload tries to escape to another process, then returns from the callback transferring the execution flow back to the host application, hiding exploitation from the user's perception. Note that the exploit will be moved to the Exploits/Client Side category after applying this update. CVE-2005-4560 Exploits/Client Side Windows
04.02.2007 Windows Animated Cursor Buffer Overflow Exploit A remote code execution vulnerability exists in the way that Windows handles cursor, animated cursor, and icon formats. An attacker could try to exploit the vulnerability by constructing a malicious cursor or icon file that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message (MS07-017) CVE-2007-0038 Exploits/Client Side Windows
12.05.2007 Windows Animated Cursor Buffer Overflow Exploit Update A remote code execution vulnerability exists in the way that Windows handles cursor, animated cursor, and icon formats. An attacker could try to exploit the vulnerability by constructing a malicious cursor or icon file that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message (MS07-017). This update adds support for default installs of Windows XP from sp0 to sp2, Windows Vista and Windows 2003 from sp0 to sp2. CVE-2007-0038 Exploits/Client Side Windows
09.28.2009 Windows Debugging Subsystem Exploit Update There is an authentication vulnerability in the Windows debugging subsystem (smss). This allows any user to obtain a handle with any access of any process running. With this handle an agent is injected in a SYSTEM process. The update fixes an issue using Import * CVE-2002-0367 Exploits/Local Windows
07.23.2008 Windows I2O Utility Filter Driver Privilege Escalation Exploit This module exploits a vulnerability in Windows I2O Utility Filter Driver when the 0x222F80 IOCTL in i2omgmt.sys is invoked with a specially crafted parameter. The IOCTL 0x222F80 handler in the i2omgmt.sys device driver in Windows I2O Utility Filter Driver allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (IRP) parameters. CVE-2008-0322 Exploits/Local Windows
03.20.2006 Windows ICC buffer overflow exploit This module exploits a buffer overflow in the Microsoft Color Management Module via a jpeg image with crafted ICC profile format tags and installs an agent. CVE-2005-1219 Exploits/Client Side Windows
04.09.2006 Windows ICC buffer overflow exploit update This module exploits a buffer overflow in the Microsoft Color Management Module via a jpeg image with crafted ICC profile format tags and installs an agent. This update adds support for browser URL redirection. CVE-2005-1219 Exploits/Client Side Windows

Pages