Core-HQ-bldg-300x139 Our August efforts were mainly focused on delivering new exploits and new modules requested by customers while finalizing the additions for CORE Impact 2013 R2. The exploits released during August are listed below: Updates for August 2013 (excluding five maintenance updates) include: Tools UPnP Vulnerability Checker Remote Code Execution Apache Struts 2 DefaultActionMapper redirect Remote Code Execution Exploit Client Side HP LoadRunner micWebAjax ActiveX Control NotifyEvent Exploit HP LoadRunner lrFileIOService ActiveX Control WriteFileBinary Exploit Oracle Document Capture BlackIceDevMode ActiveX Buffer Overflow Exploit Oracle WebCenter Content CheckOutAndOpen ActiveX openWebdav Arbitrary File Code Execution Exploit VLC Media Player ABC File Parsing Exploit Triologic Player M3U Unicode SEH Buffer Overflow Exploit GSM SIM Utility SEH Buffer Overflow Exploit Super Player 3500 M3U Local Stack Buffer Overflow Exploit Elecard MPEG Player SEH Buffer Overflow Exploit Core Player M3U Playlist Buffer Overflow Exploit Chasys Draw IES BMP Image Processing Buffer Overflow Exploit ABBS Audio Media Player Buffer Overflow Exploit Local & DoS Agnitum Outpost Security Suite Privilege Escalation Exploit In addition to the above we also published four new advisories (http://www.coresecurity.com/grid/advisories) that could be interesting for you. Your feedback and questions are greatly appreciated. Please send us your questions and suggestions that will help us to deliver an even better solution to you. Flavio de Cristofaro – Vice President of Engineering for Professional Products