Core Certified Exploits

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Subscribe to receive regular updates by email:

 

Browse All Exploits

 

 

Title Description CVE Link Exploit Platform Exploit Type
AIX libtt.a rpc.ttdbserver Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the ToolTalk library libtt.a. After successful exploitation an agent running as root will be installed on the target machine. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. AIX Exploits/Remote
AIX Pioout Local Buffer Overflow Privilege Escalation Exploit AIX Pioout is prone to a vulnerability that allows attackers to execute arbitrary code with superuser privileges. This is due to insecure permissions shared libraries. AIX Exploits/Local
AIX rpc.cmsd Buffer Overflow Exploit This module exploits a remote buffer overflow vulnerability on the Calendar Manager Service Daemon. AIX Exploits/Remote
AIX Setlocale Function Local Privilege Escalation Exploit The AIX Setlocale Function is prone to a local privilege-escalation vulnerability. A local attacker may be able to exploit this issue to gain elevated privileges on the affected computer. A successful exploit will lead to the complete compromise of the affected computer. AIX Exploits/Local
AIX update_flash PATH usage exploit This module exploits a untrusted search path vulnerability in update_flash for IBM AIX. AIX Exploits/Local
AIX update_flash PATH Usage Exploit update This package updates the AIX update_flash PATH Usage Exploit. AIX Exploits/Local
Aladdin Knowledge System Ltd PrivAgent ChooseFilePath Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the Aladdin Knowledge System Ltd PrivAgent.ocx ActiveX Control. The exploit is triggered when the ChooseFilePath() method processes a long string argument resulting in a stack-based buffer overflow. Windows Exploits/Client Side
AlienVault Unified Security Management av-forward Deserialization of Untrusted Data Exploit This update introduces an exploit for AlienVault Unified Security Management. A vulnerability exists in the av-forward daemon running in AlienVault Unified Security Management appliances. The daemon accepts serialized Python and proceeds to deserialize it without proper validation, allowing unauthenticated arbitrary code execution. none Exploits/Remote
AlleyCode Optimizer Buffer Overflow Exploit Alleycode HTML Editor fails when optimizing certain malformed HTML pages,leading to a stack-based buffer overflow that can be exploited to execute arbitrary code. Windows Exploits/Client Side
ALLMediaServer Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the handling of HTTP request. Windows Exploits/Remote
AllMediaServer HTTP Request Buffer Overflow Exploit AllMediaServer is prone to a buffer overflow when handling specially crafted HTTP request packets. Windows Exploits/Remote
ALLPlayer M3U Buffer Overflow Exploit A UNICODE Buffer Overflow exists in AllPlayer 7.5 when parsing .m3u files. The vulnerability is caused due to a boundary error when handling a crafted .m3u files. Windows Exploits/Client Side
Aloaha PDF Suite Buffer Overflow Exploit Aloaha PDF Suite is prone to a security vulnerability when processing PDF files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing Aloaha users to open a specially crafted PDF file. Windows Exploits/Client Side
Alt-N Security Gateway Remote Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the Alt-N Security Gateway by sending a specially crafted HTTP request to the TCP port 4000. Windows Exploits/Remote
Alt-N Security Gateway Remote Buffer Overflow Exploit Update This module exploits a stack-based buffer overflow in the Alt-N Security Gateway by sending a specially crafted HTTP request to the TCP port 4000. This module adds support for Windows 2000 Professional SP4. Windows Exploits/Remote
Alt-N Security Gateway Remote Buffer Overflow Exploit Update 2 This module exploits a stack-based buffer overflow in the Alt-N Security Gateway by sending a specially crafted HTTP request to the TCP port 4000. This update add the CVE number. Windows Exploits/Remote
Altarsoft Audio Converter WAV File Buffer Overflow Exploit Altarsoft Audio Converter is prone to a buffer overflow when parsing malformed WAV files. Windows Exploits/Client Side
Altova DatabaseSpy 2011 dwmapi DLL Hijacking Exploit Altova DatabaseSpy 2011 is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .QPRJ file. Windows Exploits/Client Side
Altova Diffdog 2011 dwmapi DLL Hijacking Exploit Altova Diffdog 2011 is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .DBDIF file. Windows Exploits/Client Side
Altova MapForce 2011 Enterprise Edition dwmapi DLL Hijacking Exploit Altova MapForce 2011 Enterprise Edition is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .MFD file. Windows Exploits/Client Side
Amaya Web Browser BDO HTML TAG Buffer Overflow Exploit This module exploits a vulnerability caused due to boundary errors in Amaya Web Browser within the processing of BDO HTML tag having an overly long DIR attribute, allowing an attacker to cause a stack overflow in order to execute arbitrary code. Windows Exploits/Client Side
Amaya Web Browser BDO HTML TAG Buffer Overflow Exploit Update This module exploits a vulnerability caused by boundary errors in Amaya Web Browser within the processing of a BDO HTML tag that has an overly long DIR attribute, allowing an attacker to cause a stack overflow in order to execute arbitrary code. This update fixes an issue when using the option "Generate File". Windows Exploits/Client Side
Amazon Kindle for PC wintab32 DLL Hijacking Exploit Amazon Kindle for PC is prone to a vulnerability that may allow execution of wintab32.dll if this dll is located in the same folder than .AZW file. Windows Exploits/Client Side
AMD PlaysTV Service Privilege Escalation Exploit In the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local) path as SYSTEM when the execute_installer parameter is used in an HTTP message. Windows Exploits/Local
Anti Keylogger Elite Privilege Escalation Exploit This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. Windows Exploits/Local