Core Certified Exploits

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Subscribe to receive regular updates by email:

 

Browse All Exploits

 

 

Title Description CVE Link Exploit Platform Exploit Type
ProShow Gold PSH Buffer Overflow Exploit The vulnerability is caused due to a boundary error when processing certain overly long entries within slideshow project files (.PSH). Windows Exploits/Client Side
OpenSSH Channel Exploit Update Exploits an off-by-one bug in channel management code in OpenSSH. This update excludes the module from automated attacks launched by the "Network Attack and Penetration" feature, since the module requires credentials of a known account on the vulnerable system, and hence won't work with default parameters. OpenBSD Exploits/Remote
Microsoft Windows Active Directory Remote DoS (MS09-066) This module exploits an error in the Windows Active Directory implementation by sending a specially crafted LDAP request to crash the lsass.exe process, leading to the reboot of the target machine. Windows Denial of Service/Remote
Eureka Mail Client Error Response Buffer Overflow Exploit The vulnerability is caused due to a boundary error in the processing of POP3 responses. This can be exploited to cause a stack-based buffer overflow via an overly long error response. Windows Exploits/Client Side
DAZ Studio Script Exploit This module abuses the scripting functionality in DAZ Studio to trigger remote code execution via a DAZ Script file. Windows Exploits/Client Side
MSRPC CA ARCserve Backup Command Injection Exploit CA BrightStor ARCserve Backup is prone to a command injection vulnerability on the RPC interface that could permit the execution of arbitrary remote code. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer. Windows Exploits/Remote
FreeBSD Dynamic Linker Privilege Escalation Exploit The vulnerability is caused due to the "_rtld()" function in libexec/rtld-elf/rtld.c not correctly clearing certain dangerous environment variables before executing suid root processes, which can be exploited to execute arbitrary code with root privileges. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. FreeBSD Exploits/Remote
Quiksoft EasyMail AddAttachment Method ActiveX Control Buffer Overflow Exploit QuikSoft EasyMail is prone to a buffer overflow. The vulnerability affects the 'AddAttachment()' method of the 'emsmtp.dll'. The issue occurs when the method handles user-input buffer with overly long size. Windows Exploits/Client Side
OracleDB AUTH_SESSKEY Remote Buffer Overflow Exploit This module exploits a vulnerability in the Oracle Database Server. The vulnerability is triggered when the server processes a long string inside the AUTH_SESSKEY property resulting in a stack-based buffer overflow. Windows Exploits/Remote
Microsoft Excel Featheader Record Memory Corruption Vulnerability Exploit (MS09-067) Update A code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files that include a malformed record object. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This version add support for Microsoft Office 2007 SP2. Windows Exploits/Client Side
OpenBSD XMM Exceptions DoS OpenBSD is prone to a local denial-of-service vulnerability. XMM exceptions are not correctly handled, resulting in a kernel panic. OpenBSD Denial of Service/Local
Microsoft Excel Featheader Record Memory Corruption Vulnerability Exploit (MS09-067) A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files that include a malformed record object. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. WARNING: This is an early release module. This is not the final version of this module. Windows Exploits/Remote
MSRPC CA BrightStor ARCserve Backup ReportRemoteExecuteCML Buffer Overflow Exploit CA BrightStor ARCserve Backup is prone to a stack based buffer overflow vulnerability on the RPC interface that could permit the execution of arbitrary remote code. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer. Windows Exploits/Remote
Linux Ptrace-exec Race Condition Exploit Update This update fixes a documentation issue regarding supported platforms. Linux Exploits/Local
Microsoft Office Word File Information Block (FIB) Buffer Overflow Exploit (MS09-068) A vulnerability exists in Microsoft Office Word when handling a specially crafted Word file that includes a malformed File Information Block (FIB). WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Exploits/Client Side
Microsoft Internet Explorer Style Object Remote Code Execution Exploit This module exploits a vulnerability in Microsoft Internet Explorer when handling a specially crafted STYLE HTML tag when accessed via the document.getElementsByTagName JavaScript function. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Exploits/Client Side
HP Power Manager Administration Remote Buffer Overflow Exploit This module exploits a remote buffer overflow in the HP Power Manager Administration Web Server by sending a specially crafted POST request. Windows Exploits/Remote
Microsoft Windows Telnet Credential Reflection Exploit (MS09-042) Update This module exploits a vulnerability on telnet.exe using the SMB relay attack. This update adds support for client-side mode. Windows Exploits/Client Side
SafeNet SoftRemote Policy File Buffer Overflow Exploit The vulnerability is caused due to a boundary error when processing certain sections of .SPD (policy) files. Passing an overly long string to either "TREENAME" or "GROUPNAME" Windows Exploits/Client Side
UltraVNC Client Integer Overflow Exploit UltraVNC client is prone to integer-overflow vulnerabilities because they fail to properly validate data supplied by the VNC server. Windows Exploits/Client Side
Autodesk 3D Studio Max Embedded Maxscript Exploit Autodesk 3D Studio Max allows users to bind script to application callbacks. This functionality could be exploited by an attacker by making a victim open a seemingly innocuous .MAX file with malicious script embedded. Windows Exploits/Client Side
Autodesk Maya ScriptNode Exploit This module abuses the scripting functionality in Autodesk Maya to trigger remote code execution via a specially crafted file. Windows Exploits/Client Side
Autodesk Softimage Embedded Script Exploit This module abuses the scripting functionality in Autodesk Softimage to trigger remote code execution via a project with an embedded script. Linux Exploits/Client Side
Microsoft Windows Web Services on Devices Memory Corruption DoS (MS09-063) The vulnerability is caused due to a WSD message with a long header value, this can lead to memory corruption within the process hosting WSDApi.dll. This can cause the service or application to crash. To be clear, the vulnerability is in the Windows module used to interact with devices that support Web Services on Devices, and does not affect the devices themselves. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Windows Denial of Service/Remote
Symantec ConsoleUtilities ActiveX Control Buffer Overflow Exploit This module exploits a vulnerability in the AeXNSConsoleUtilities.dll control included in the Symantec ConsoleUtilities application. The exploit is triggered when the BrowseAndSaveFile method processes a long string argument resulting in a stack-based buffer overflow. Windows Exploits/Client Side