CORE Impact Pro Exploits and Security Updates
When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.
Use the controls below to navigate CORE Impact exploits and other modules.
|07.25.2011||Zend Server Java Bridge Design Flaw Remote Code Execution Exploit||This module exploits a vulnerability in Java Bridge component of Zend Server.||NOCVE-9999-47690||Exploits/Remote||Windows, Linux, Mac OS X|
|07.16.2007||Zenturi ProgramChecker ActiveX Exploit||This module exploits a vulnerability in the sasatl.dll control included in the Zenturi ProgramChecker ActiveX application. The exploit is triggered when the DebugMsgLog() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.||CVE-2007-2987||Exploits/Client Side||Windows|
|02.12.2009||Zinf Audio Player PLS Buffer Overflow Exploit||The vulnerability is caused due to a boundary error within the handling of .PLS files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .PLS file.||CVE-2007-0707||Exploits/Client Side||Windows|
|05.04.2010||ZipScan Archive Processing Buffer Overflow Exploit||The vulnerability is caused due to a boundary error when processing archives containing entries with overly long paths.||NOCVE-9999-42953||Exploits/Client Side||Windows|
|06.06.2010||ZipWrangler Buffer Overflow Exploit||ZipWrangler contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in ZipWrangler when handling .ZIP files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .ZIP file.||CVE-2010-1685||Exploits/Client Side||Windows|
|10.13.2008||ZoneAlarm VSDATANT IOCTL Handler Privilege Escalation Exploit||This module exploits a vulnerability in ZoneAlarm products when the 0x8400000F function is invoked with a specially crafted parameter. The IOCTL 0x8400000F handler in the VSDATANT.SYS device driver in ZoneAlarm products allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain escalated privileges.||CVE-2007-4216||Exploits/Local||Windows|
|10.21.2008||ZoneAlarm VSDATANT IOCTL Handler Privilege Escalation Exploit Update||This module exploits a vulnerability in ZoneAlarm products when the 0x8400000F function is invoked with a specially crafted parameter. The IOCTL 0x8400000F handler in the VSDATANT.SYS device driver in ZoneAlarm products allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain escalated privileges. This update adds support for Windows XP SP3.||CVE-2007-4216||Exploits/Local||Windows|
|06.17.2013||Zoom Player BMP File Processing Buffer Overflow Exploit||Zoom Player is prone to a buffer-overflow via a specially crafted BMP image with an overly large "biClrUsed" value.||CVE-2013-3259||Exploits/Client Side||Windows|
|03.07.2010||Zope standard_error_message Cross-Site Scripting Exploit||Zope is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.||NOCVE-9999-41980||Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities|