Core Certified Exploits

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Subscribe to receive regular updates by email:

 

Browse All Exploits

 

 

Title Description CVE Link Exploit Platform Exploit Type
Adobe Flash Player Linux Command Injection Exploit This module exploits a command injection in Adobe Flash Player triggered when processing a specially crafted SWF file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This exploit needs the product Adobe Air (Any version) installed on the vulnerable system. Linux Exploits/Client Side
Microsoft Windows HTTP Services Integer Underflow DoS (MS09-013) This module exploits an integer underflow on "SSDP Discovery Service" Windows service through HTTP response. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Denial of Service/Remote
Easy Chat Server Authentication Request Buffer Overflow Exploit A remote user of vulnerable installations of Easy Chat Server can send a specially crafted password parameter to chat.ghp to trigger a buffer overflow and execute arbitrary code on the target system. Windows Exploits/Remote
MSRPC Server Service Remote Buffer Overflow Exploit (MS08-067) Update 3 This module exploits a vulnerability in the Microsoft Windows Server service by sending a specially crafted RPC request. This update adds support for Windows 2003 Enterprise Edition sp2 with DEP enabled. This update also adds support for XP SP2 and 2003 SP1 as well as improves the reliability of the exploit against all supported platforms. Windows Exploits/Remote
Microsoft WordPad Word97 Converter Stack Overflow Exploit (MS09-010) This module exploits a stack based buffer overflow vulnerability in WordPad when handling a specially crafted Word97 file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Exploits/Client Side
Microsoft Office Excel Malformed Object Exploit (MS09-09) This module exploits an error during processing of Excel files. This is currently being exploited in the wild against Office 2007 systems. Windows Exploits/Client Side
OpenSite 2.1 Weak Authentication Exploit This module exploits an authentication vulnerability in OpenSite 2.1. The function init in origin/libs/user.php checks for a matching origin_hash cookie. However, this cookie can be bruteforced in at most 2^32 tries for a known username. Actually, the number of attempts could be significantly reduced knowing that we do not have to check for time in the future, and long past. This works for OpenSite 2.1 and below. Exploits/Authentication Weakness
pPim Remote File Inclusion Exploit This module exploits a vulnerability in pPIM's upload.php script that allows attackers to upload arbitrary scripts of any type to the target server. Exploits/Remote File Inclusion/Known Vulnerabilities
eZip Wizard Buffer Overflow Exploit A stack-based buffer overflow in eZip Wizard allows an attacker to execute arbitrary code via a crafted zip file with a long name of the internal file. Windows Exploits/Client Side
PeerCast HTTP Server Buffer Overflow exploit PeerCast is prone to a remote buffer overflow vulnerability. This can facilitate a remote compromise due to arbitrary code execution. Linux Exploits/Remote
Adobe PDF getIcon Buffer Overflow Exploit Update This module exploits a stack based buffer overflow vulnerability in Adobe Reader when handling a specially crafted PDF file. This update adds support for Adobe Acrobat Pro Extended 9. Windows Exploits/Client Side
Maya Studio EO Video Playlist Buffer Overflow Exploit Maya Studio EO-Video is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input when handling playlist files. Windows Exploits/Client Side
Microsoft Windows NtGdiFastPolyPolyline memory corruption DoS (MS09-006) This module exploits a kernel memory corruption on NtGdiFastPolyPolyline function via a malformed EMF file. Windows Denial of Service/Client Side
Foxit Reader Open File Buffer Overflow Exploit Update This module exploits a buffer overflow vulnerability in Foxit Reader. If an Open/Execute a file action is defined in the PDF file with an overly long file name argument, when the trigger condition is satisfied it will cause a stack-based buffer overflow, because the application tries to copy the file name argument to a fixed-size buffer in the stack without properly checking that the buffer is large enough to hold the file name string. This update adds support for Windows Vista and Windows Server 2003. Windows Exploits/Client Side
FreeBSD Kernel Protosw Privilege Escalation Exploit The FreeBSD kernel provides support for a variety of different types of communications sockets, including IPv4, IPv6, ISDN, ATM, routing protocol, link-layer, netgraph(4), and bluetooth sockets. Some function pointers for netgraph and bluetooth sockets are not properly initialized. This can be exploited to e.g. read or write to arbitrary kernel memory via a specially crafted "socket()" system call, and allows an unprivileged process to elevate privileges to root or escape a FreeBSD jail. FreeBSD Exploits/Local
POP Peeper UIDL Buffer Overflow Exploit The POP Peeper client is vulnerable to a remote buffer overflow vulnerability. This vulnerability is exploitable as a client side attack. A vulnerable POP Peeper user must connect to a server created by IMPACT Pro and attempt to retrieve mail in order for IMPACT Pro to exploit the vulnerable agent and deploy and agent on the users machine. Windows Exploits/Client Side
Anti Keylogger Elite Privilege Escalation Exploit This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. Windows Exploits/Local
Adobe PDF getIcon Buffer Overflow Exploit This module exploits a stack based buffer overflow vulnerability in Adobe Reader when handling a specially crafted PDF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Exploits/Client Side
Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow Exploit This module exploits a vulnerability in Oracle Secure Backup when sending a specially crafted NDMP_CONNECT_CLIENT_AUTH packet. Windows Exploits/Remote
Moodle Tex Filter Remote Code Execution Exploit Upgrade This update adds Windows (XP) to the supported target systems for this exploit. Windows Exploits/Remote
Orbit Downloader Connecting Log Message Buffer Overflow Exploit The application is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue occurs when the application creates a 'Connecting' log message. An attacker can exploit this issue by enticing a vulnerable user into connecting to a malicious HTTP server or opening a specially crafted URI that contains an excessively long hostname. Windows Exploits/Client Side
WinGate Proxy Server Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the handling of POST requests. This may allow execution of arbitrary code by sending an overly long, specially crafted POST request to the proxy server Windows Exploits/Remote
WebApps Cross-Site Scripting v8.0 rev 1 This package updates WebApps' Cross-Site Scripting features to improve accuracy of detection and reporting of vulnerabilities. Exploits/Cross Site Scripting (XSS)
Microsoft IE CFunctionPointer Memory Corruption Exploit Update This module exploits a memory corruption vulnerability when Internet Explorer attempts to access an object that has been deleted. This update adds support for Windows Vista SP0 and SP1. Windows Exploits/Client Side
XM Easy Personal FTP Server DoS XM Easy Personal FTP Server is prone to multiple remote denial-of- service vulnerabilities because it fails to properly handle user-supplied input. Windows Denial of Service/Remote