We are pleased to announce the official release of Core Impact Pro 2014 R1.4. More than 30 updates have been added, and they are all are available through the regular update channel for all Core Impact customers who have upgraded to the latest version. This will be the last 'dot release' for 2014 R1, as we will be releasing Core Impact Pro 2014 R2 by late September.

 What’s New? We have added new modules and made enhancements to existing ones. For example:

  • Support for integration with Metasploit 4.10
  • 10 remote exploits, including some for Apache Struts and Adobe ColdFusion
  • 5 client side exploits, including some for IE
  • 5 local exploits for Windows, plus exploits for linux and OpenBSD
  • 1 denial-of-service module for Windows

Here is the complete list of published modules. Remote exploits Apache Struts 2 devMode OGNL Remote Code Execution Exploit Update Adobe ColdFusion l10n.cfm Remote Code Execution Exploit HP AutoPass License Server Remote Code Execution Exploit MayGion IP Camera Path Traversal Vulnerability Exploit Yokogawa CS3000 BKFSim vhfd Buffer Overflow Exploit Easy File Sharing Web Server UserID Cookie Handling Buffer Overflow Exploit Easy File Management Web Server UserID Cookie Handling Buffer Overflow Exploit Atlassian JIRA Issue Collector Plugin Path Traversal Vulnerability Exploit Symantec Workspace Streaming Agent XMLRPC Request putFile Method Remote Code Execution Vulnerability Exploit Iconics Genesis SCADA HMI Genbroker Server Exploit Update SolidWorks Workgroup PDM 2014 Opcode 2001 Remote Code Execution Exploit Openfiler Remote Code Execution Exploit Local exploits Linux Kernel n_tty_write Privilege Escalation Exploit FreeBSD X.Org libXfont BDF Privilege Escalation Exploit Microsoft Windows Administrator UAC Elevation Bypass Microsoft Windows On-Screen Keyboard Mouse Input Privilege Escalation Exploit (MS14-039) Microsoft Windows Ancillary Function Driver Double Free Vulnerability Exploit (MS14-040) Microsoft Windows MQAC.sys Arbitrary Write Local Privilege Escalation Exploit Microsoft Internet Explorer IESetProtectedModeRegKeyOnly Protected Mode Escape Exploit (MS13-097) Oracle VirtualBox Guest Additions Arbitrary Write Local Privilege Escalation Exploit Client Side Microsoft Internet Explorer CMarkup Object Use-After-Free Exploit (MS14-021) Update 2 Microsoft Internet Explorer Tabular Data Control ActiveX Exploit Reliability Enhancement Update v3 mIRC Buffer Overflow Exploit update 2 Advantech WebAccess dvs GetColor Stack Buffer Overflow Exploit Samsung iPOLiS Device Manager XnsSdkDeviceIpInstaller DeleteDeviceProfile Method Stack Buffer Overflow Exploit SolarWinds Network Configuration Manager Pesgo32c PEstrarg1 Heap Overflow Exploit Denial of Service Microsoft Windows TCP TimeStamp Option Vulnerability DoS (MS14-031) Update Misc Setup Metasploit Integration Update Metasploit Framework CVE Update Supported services list update Maintenance of modules using SSL