Core Certified Exploits

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Subscribe to receive regular updates by email:

 

Browse All Exploits

 

 

Title Description CVE Link Exploit Platform Exploit Type
Adobe Reader and Acrobat PDF subroutine pointer exploit update 2 This package updates the Adobe Reader and Acrobat PDF subroutine pointer exploit module. Windows Exploits/Client Side
Adobe Reader authplay AVM2 newfunction Exploit Update This module exploits a vulnerability in Adobe Reader when parsing .PDF files. The vulnerability is caused due to a boundary error in authplay.dll when handling crafted malicious Flash (.SWF) file or by embedding a malicious Flash application in a .PDF file. This version add Windows Vista support. Windows Exploits/Client Side
Adobe Reader authplay Flash Exploit This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed flash file embedded. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Exploits/Client Side
Adobe Reader authplay Flash Exploit Update This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed Flash file embedded. This update fixes an issue in the agent connector. Windows Exploits/Client Side
Adobe Reader Font Parsing Exploit This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed font embedded. WARNING: This is an early release module.This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Exploits/Client Side
Adobe Reader Font Parsing Exploit Update This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed font embedded. This update adds support for several versions of Adobe Reader and corrects the CVE Number of the vulnerability. Windows Exploits/Client Side
Adobe Reader Font SING Table Buffer Overflow Exploit Adobe Acrobat and Reader have a buffer overflow error in the "CoolType.dll" module when processing a .PDF document containing an overly long field in a SING (Smart Independent Glyphlets) table within a TrueType font. Windows Exploits/Client Side
Adobe Reader Font SING Table Buffer Overflow Exploit Update This update fixes an error which made the module abort. Windows Exploits/Client Side
Adobe Reader ICC Chunk Parsing Integer Overflow Exploit An integer overflow occurs when Adobe Reader parses some crafted ICC chunks. Windows Exploits/Client Side
Adobe Reader Import Tiff Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in Adobe Reader products when a malformed .TIFF file is parsed. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Exploits/Client Side
Adobe Reader Import Tiff Buffer Overflow Exploit Update This module exploits a buffer overflow vulnerability in Adobe Reader products when a malformed .TIFF file is parsed. This update add support for Windows Vista and Windows 7 trying to bypass DEP and ASRL protections. Windows Exploits/Client Side
Adobe Reader JBIG2Decode Memory Corruption Exploit This module exploits an array indexing vulnerability in Adobe Reader when handling a specially crafted PDF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Exploits/Client Side
Adobe Reader JBIG2Decode Memory Corruption Exploit update This module exploits an array indexing vulnerability in Adobe Reader when handling a specially crafted PDF file. This update adds support for Windows XP SP2, Windows 2000 Professional SP4 and improves reliability when exploiting from browsers. Windows Exploits/Client Side
Adobe Reader printf Buffer Overflow Exploit The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the util.printf() JavaScript function. Windows Exploits/Client Side
Adobe Reader printf Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the util.printf() JavaScript function. This update improves exploit reliability and fixes a cookie handling bug. Windows Exploits/Client Side
Adobe Reader ToolButton Use-After-Free Exploit This module exploits a Use-After-Free vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Windows Exploits/Client Side
Adobe Reader ToolButton Use-After-Free Exploit Update This module exploits a Use-After-Free vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This update adds Javascript obfuscation to the PDF document and fixes some documentation issues. Windows Exploits/Client Side
Adobe Reader U3D Memory Corruption Exploit The vulnerability is a memory corruption in the U3D component in Adobe Reader when handling a specially crafted PDF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Exploits/Client Side
Adobe Reader X AdobeCollabSync Buffer Overflow Sandbox Bypass Exploit This module allows an agent running in the context of AcroRd32.exe with Low Integrity Level/AppContainer Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level. Windows Exploits/Local
Adobe Reader X AdobeCollabSync Buffer Overflow Sandbox Bypass Exploit Update This module allows an agent running in the context of AcroRd32.exe with Low Integrity Level/AppContainer Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level. This update fixes an issue related to highlight preconditions when running against x86-64 targets. Windows Exploits/Local
Adobe Reader X XFA BMP RLE Heap Corruption Exploit This module exploits a heap based buffer overflow vulnerability in Adobe Reader X when handling a specially crafted PDF file. Windows Exploits/Client Side
Adobe RoboHelp Server File Upload Code Execution Exploit This module exploits a remote .JSP code injection in Adobe RoboHelp Server by sending a specially crafted HTTP request to the affected service. Windows Exploits/Remote
Adobe Shockwave rcsL Buffer Overflow Exploit This module exploits a vulnerability in Adobe Shockwave triggered when processing a specially crafted .DIR file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Windows Exploits/Client Side
Adrenalin Player ASX Buffer Overflow Exploit This module exploits a vulnerability in Adrenalin Player .ASX files. The vulnerability is caused due to lack of boundary checks in exporting an ASX file witch causes an Buffer Overflow of the stack and a SEH attack is possible due to a vulnerable DLL included in the software. Windows Exploits/Client Side
Adrenalin Player WAX Buffer Overflow Exploit This module exploits a vulnerability in Adrenalin Player .WAX files. The vulnerability is caused due to lack of boundary checks in exporting a WAX file witch causes an Buffer Overflow of the stack and a SEH attack is possible due to a vulnerable DLL included in the software. Windows Exploits/Client Side