CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Date Titlesort descending Description Vulnerabilty Category Platform
01.03.2006 Windows .WMF file parsing exploit This module exploits a vulnerability in the way WMF metafile images are handled by Microsoft Window's graphic rendering engine. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. This update can be downloaded and installed by selecting 'Modules' -> 'Update modules' from IMPACT's main menu. A workspace must be opened for the operation to succeed. CVE-2005-4560 Exploits/Client Side Windows
02.26.2006 Windows .WMF file parsing exploit update This module exploits a vulnerability in the way WMF metafile images are handled by Microsoft Windows Graphics Rendering Engine. In this new version, the generated metafile is much more random and fully compliant with the file format. Additionally, the payload tries to escape to another process, then returns from the callback transferring the execution flow back to the host application, hiding exploitation from the user's perception. Note that the exploit will be moved to the Exploits/Client Side category after applying this update. CVE-2005-4560 Exploits/Client Side Windows
04.02.2007 Windows Animated Cursor Buffer Overflow Exploit A remote code execution vulnerability exists in the way that Windows handles cursor, animated cursor, and icon formats. An attacker could try to exploit the vulnerability by constructing a malicious cursor or icon file that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message (MS07-017) CVE-2007-0038 Exploits/Client Side Windows
12.05.2007 Windows Animated Cursor Buffer Overflow Exploit Update A remote code execution vulnerability exists in the way that Windows handles cursor, animated cursor, and icon formats. An attacker could try to exploit the vulnerability by constructing a malicious cursor or icon file that could potentially allow remote code execution if a user visited a malicious Web site or viewed a specially crafted e-mail message (MS07-017). This update adds support for default installs of Windows XP from sp0 to sp2, Windows Vista and Windows 2003 from sp0 to sp2. CVE-2007-0038 Exploits/Client Side Windows
09.28.2009 Windows Debugging Subsystem Exploit Update There is an authentication vulnerability in the Windows debugging subsystem (smss). This allows any user to obtain a handle with any access of any process running. With this handle an agent is injected in a SYSTEM process. The update fixes an issue using Import * CVE-2002-0367 Exploits/Local Windows
07.23.2008 Windows I2O Utility Filter Driver Privilege Escalation Exploit This module exploits a vulnerability in Windows I2O Utility Filter Driver when the 0x222F80 IOCTL in i2omgmt.sys is invoked with a specially crafted parameter. The IOCTL 0x222F80 handler in the i2omgmt.sys device driver in Windows I2O Utility Filter Driver allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (IRP) parameters. CVE-2008-0322 Exploits/Local Windows
03.20.2006 Windows ICC buffer overflow exploit This module exploits a buffer overflow in the Microsoft Color Management Module via a jpeg image with crafted ICC profile format tags and installs an agent. CVE-2005-1219 Exploits/Client Side Windows
04.09.2006 Windows ICC buffer overflow exploit update This module exploits a buffer overflow in the Microsoft Color Management Module via a jpeg image with crafted ICC profile format tags and installs an agent. This update adds support for browser URL redirection. CVE-2005-1219 Exploits/Client Side Windows
10.03.2006 Windows IE Webview Setslice exploit This module exploits a buffer overflow in WebViewFolderIcon ActiveX control of Microsoft Internet Explorer and installs an agent. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2006-3730 Exploits/Client Side Windows
10.08.2006 Windows IE Webview Setslice exploit update This module exploits a buffer overflow in WebViewFolderIcon ActiveX control of Microsoft Internet Explorer and installs an agent. This update adds support for more platforms. CVE-2006-3730 Exploits/Client Side Windows
10.22.2006 Windows IE Webview Setslice exploit update 2 This module exploits a buffer overflow in WebViewFolderIcon ActiveX control of Microsoft Internet Explorer and installs an agent. This update fixes a bug introduced by Mach Exception Handling exploit. CVE-2006-3730 Exploits/Client Side Windows
02.14.2006 Windows IGMPv3 IP Options parsing Remote DoS Some Windows kernel versions are susceptible to a remote denial-of-service vulnerability. This issue allows remote attackers to crash affected kernels, denying further network service to legitimate users (MS06-007). CVE-2006-0021 Denial of Service/Remote Windows
02.21.2007 Windows Image Acquisition CmdLine exploit The Window Image Acquisition (WIA) Service in Microsoft Windows XP allows local users to gain privileges via a stack overflow when processing the bsCmdLine parameter of the IWiaDevMgr::RegisterEventCallbackProgram function. CVE-2007-0210 Exploits/Local Windows
02.10.2011 Windows Live Mail dwmapi DLL Hijacking Exploit Windows Live Mail is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder as an .EML file. NOCVE-9999-46918 Exploits/Client Side Windows
10.18.2007 Windows Macrovision (SECDRV.SYS) Memory Corruption Exploit This module exploits a vulnerability in Windows XP when the 0xCA002813 function is invoked with a specially crafted parameter. The IOCTL 0xCA002813 handler in the SECDRV.SYS device driver in Macrovision products, installed by default in Windows XP and Windows 2003, allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. CVE-2007-5587 Exploits/Local Windows
10.22.2007 Windows Macrovision (SECDRV.SYS) Memory Corruption Exploit Update This module exploits a vulnerability in Windows XP and Windows 2003 when the 0xCA002813 function is invoked with a specially crafted parameter. The IOCTL 0xCA002813 handler in the SECDRV.SYS device driver in Macrovision products, installed by default in Windows XP and Windows 2003, allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. This update corrects the CVE number and adds Windows 2003 as Supported System. CVE-2007-5587 Exploits/Local Windows
07.11.2006 Windows Mailslot (MS06-035) DoS This module exploits a remote vulnerability that could allow an attacker to send a specially crafted SMB message to an affected system causing a denial of service (MS06-035). WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2006-3942 Denial of Service/Remote Windows
08.17.2006 Windows Mailslot DoS Update The server driver (srv.sys) in Microsoft Windows 2000 SP4, Server 2003 SP1 and earlier, and XP SP2 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet on an SMB PIPE that triggers a null dereference. While investigating the Microsoft Server Service Mailslot heap overflow vulnerability reported in Microsoft Security Bulletin MS06-035 we discovered a second bug in the server service. This module exploits this vulnerability. For more info go to http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10 CVE-2006-3942 Exploits/Remote Windows
03.09.2010 Windows Movie Maker MSWMM Buffer Overflow Exploit (MS10-016) This module exploits a buffer overflow in Windows Movie Maker by sending a specially crafted .MSWMM file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0265 Exploits/Client Side Windows
07.15.2010 Windows Movie Maker MSWMM Buffer Overflow Exploit (MS10-016) Update This module exploits a heap-based buffer overflow in the Microsoft Windows Movie Maker application by sending a specially crafted .MSWMM file. This update adds support for Windows Movie Maker 2.6. CVE-2010-0265 Exploits/Client Side Windows
03.20.2007 Windows Shell Hardware Detection exploit This module exploits a vulnerability in the 'detection and registration of new hardware' function of the Windows Shell; the vulnerability is exposed by a parameter that is not properly validated. The exploit allows a local user to escalate their privileges on a compromised Windows XP or Windows 2003 system. CVE-2007-0211 Exploits/Local Windows
03.17.2009 WinGate Proxy Server Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the handling of POST requests. This may allow execution of arbitrary code by sending an overly long, specially crafted POST request to the proxy server CVE-2006-2926 Exploits/Remote Windows
02.09.2011 WinHex hash DLL Hijacking Exploit WinHex is prone to a vulnerability that may allow the execution of any library file named hash.dll, if this dll is located in the same folder as a .WHX file. NOCVE-9999-45898 Exploits/Client Side Windows
08.29.2007 WinPcap NPF.SYS IOCTL Handler Privilege Escalation Exploit This module exploits a vulnerability in WinPcap. The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. CVE-2007-3681 Exploits/Local Windows
09.10.2007 WinPcap NPF.SYS IOCTL Handler Privilege Escalation Exploit Windows 2003 Support This module exploits a vulnerability in WinPcap. The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. This update adds support for Windows 2003. CVE-2007-3681 Exploits/Local Windows
05.28.2014 WinRAR Filename Spoofing Exploit The file names showed in WinRAR when opening a ZIP file come from the central directory, but the file names used to extract and open contents come from the Local File Header. This allows to spoof file names when opening ZIP files and can be abused to execute arbitrary code. NOCVE-9999-63311 Exploits/Client Side Windows
08.28.2006 WinRAR LHA-LZH exploit This module exploits a stack buffer overflow in WinRAR 3.60 beta6 and prior to install a level0 agent. CVE-2006-3845 Exploits/Client Side Windows
09.03.2006 WinRAR LHA-LZH exploit update This module exploits a stack buffer overflow in WinRAR 3.60 beta6 and prior to install a level0 agent. This update adds support to register the exploit into the IMPACT webserver. CVE-2006-3845 Exploits/Client Side Windows
09.25.2007 WinVNC Client exploit update This package updates the WinVNC Client exploit. CVE-2001-0167 Exploits/Client Side Windows
01.25.2007 WinZip 10.x FileView ActiveX Exploit This module exploits a vulnerability in the FileView ActiveX control installed by WinZip v10.0 series prior to build 7245, and will install a Level0 agent. CVE-2006-3890 Exploits/Client Side Windows

Pages