We are pleased to announce the official release of Core Impact Pro 2015 R1.2 today, December 10. More than 20 updates have been added thus far, and are available through the regular update channel for all Core Impact customers who have upgraded to the latest version. The team has been working on producing exploits for the vulnerability in the commons-collections Java library (CVE-2015-4852) and they've created attacks for five (!) different widespread applications: Oracle WebLogic, Symantec Endpoint Protection Manager, IBM WebSphere, JBoss and Jenkins. This release also includes:

  • 11 remote exploits including one for ElasticSearch and HP Client Automation
  • 4 client-side including one for Kaspersky antivirus
  • 4 local exploits including one for Linux
  • Several general updates, including fixes to the SMB library, enhancements for numerous exploits, and improvements to the web browser agent

Here is the complete list of published modules:

Remote Exploits
Oracle WebLogic Server commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit Symantec Endpoint Protection Manager Java Library Deserialization Vulnerability Remote Code Execution Exploit IBM WebSphere commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit JBoss commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit Jenkins commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit Borland AccuRev Reprise License Server activate_doit Command actserver Parameter Buffer Overflow Exploit Borland AccuRev Reprise License Server edit_lf_process Write Arbitrary Files Exploit ElasticSearch Search Groovy Sandbox Bypass Remote Execution Exploit HP Client Automation Remote Code Execution Exploit ManageEngine EventLog Analyzer Exploit AVG Remote Administration StoreServerConfig Command Remote Code Execution Exploit Update

Client Side Exploits
Adobe Flash Player Exploits Improvements HP LoadRunner Controller Scenario File Buffer Overflow Exploit Kaspersky Antivirus ThinApp Parser Exploit Moxa VPort SDK Plus ActiveX Exploit Microsoft Windows Media Center MCL URL File Disclosure Exploit (MS15-134)

Local Exploits
Linux fusermount Environment Variable Privilege Escalation Exploit Microsoft Windows MS-DOS Device Name Privilege Escalation Exploit (MS15-038) Microsoft Windows OpenType Font Driver Vulnerability Exploit (MS15-078) Update 2 Symantec Endpoint Protection Kernel Pool Overflow Privilege Escalation Exploit Update

Maintenance
SMB library fixes Web Browser Agent Improvements CVE Database Update