This module exploits when sending specially crafted argument to makeMeasurement leaving objects in an inconsistent state. This produces a leak via a call to dumpMeasureData storing a file to a share folder with importante addresses and can later be retrieved .Finally using NSendApprovalToAuthorEnabled method it is possible to bypass the Javascript API restrictions and resend a new crafted PDF to the browser to produce buffer overflow and complete exploitation. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
CVE Link
Exploit Platform
Exploit Type
Product Name