CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Date Titlesort descending Description Vulnerabilty Category Platform
07.25.2011 Zend Server Java Bridge Design Flaw Remote Code Execution Exploit This module exploits a vulnerability in Java Bridge component of Zend Server. NOCVE-9999-47690 Exploits/Remote Windows, Linux, Mac OS X
07.16.2007 Zenturi ProgramChecker ActiveX Exploit This module exploits a vulnerability in the sasatl.dll control included in the Zenturi ProgramChecker ActiveX application. The exploit is triggered when the DebugMsgLog() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. CVE-2007-2987 Exploits/Client Side Windows
02.12.2009 Zinf Audio Player PLS Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the handling of .PLS files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .PLS file. CVE-2007-0707 Exploits/Client Side Windows
05.04.2010 ZipScan Archive Processing Buffer Overflow Exploit The vulnerability is caused due to a boundary error when processing archives containing entries with overly long paths. NOCVE-9999-42953 Exploits/Client Side Windows
06.06.2010 ZipWrangler Buffer Overflow Exploit ZipWrangler contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in ZipWrangler when handling .ZIP files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .ZIP file. CVE-2010-1685 Exploits/Client Side Windows
10.13.2008 ZoneAlarm VSDATANT IOCTL Handler Privilege Escalation Exploit This module exploits a vulnerability in ZoneAlarm products when the 0x8400000F function is invoked with a specially crafted parameter. The IOCTL 0x8400000F handler in the VSDATANT.SYS device driver in ZoneAlarm products allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain escalated privileges. CVE-2007-4216 Exploits/Local Windows
10.21.2008 ZoneAlarm VSDATANT IOCTL Handler Privilege Escalation Exploit Update This module exploits a vulnerability in ZoneAlarm products when the 0x8400000F function is invoked with a specially crafted parameter. The IOCTL 0x8400000F handler in the VSDATANT.SYS device driver in ZoneAlarm products allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain escalated privileges. This update adds support for Windows XP SP3. CVE-2007-4216 Exploits/Local Windows
06.17.2013 Zoom Player BMP File Processing Buffer Overflow Exploit Zoom Player is prone to a buffer-overflow via a specially crafted BMP image with an overly large "biClrUsed" value. CVE-2013-3259 Exploits/Client Side Windows
03.07.2010 Zope standard_error_message Cross-Site Scripting Exploit Zope is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. NOCVE-9999-41980 Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities

Pages