Core Certified Exploits

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Subscribe to receive regular updates by email:

 

Browse All Exploits

 

 

Title Description CVE Link Exploit Platform Exploit Type
Progea Movicon SCADA-HMI TCPUploadServer Remote Exploit This module exploits a remote vulnerability in the TCPUploadServer service included in the Movicon 11 application to install an agent by writing and running an executable file. Windows Exploits/Remote
Promotic SCADA MFC90ENU DLL Hijacking Exploit Promotic SCADA is prone to a vulnerability that may allow execution of mfc71enu if this dll is located in the same folder than .PRA file. Windows Exploits/Client Side
Promotic SCADA SaveCfg ActiveX Buffer Overflow Exploit PROMOTIC SCADA suffers from an ActiveX stack overflow. The exploit is triggered when the SaveCfg() method processes a long string argument resulting in a stack-based buffer overflow. Windows Exploits/Client Side
ProShow Gold PSH Buffer Overflow Exploit The vulnerability is caused due to a boundary error when processing certain overly long entries within slideshow project files (.PSH). Windows Exploits/Client Side
ProShow Producer kdclib32 DLL Hijacking Exploit ProShow Producer is prone to a vulnerability that may allow the execution of any library file named kdclib32.dll, if this dll is located in the same folder than a .PSH file. Windows Exploits/Client Side
ProSysInfo TFTPDWIN Buffer Overflow Exploit This module exploits a buffer overflow vulnerability during the processing of requested resources to cause a stack-based buffer overflow by requesting a resource with an overly long name. Windows Exploits/Remote
PSOProxy GET Request Buffer Overflow Exploit The vulnerability is caused due to a boundary error within PSOProxy when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Windows Exploits/Remote
Publish-It PUI File Buffer Overflow Exploit Publish-It is prone to a buffer overflow when handling specially crafted PUI files. Windows Exploits/Client Side
PulseAudio Privilege Escalation Exploit This module exploits a race condition vulnerability in PulseAudio on Linux systems to gain elevated privileges. Linux Exploits/Local
PureFTPd Bash Variables Injection Exploit (CVE-2014-6271) This update includes a module exploiting a vulnerability found in Bash. When using PureFTPd in conjuntion with the vulnerable Bash version for user authentication, a Core Impact agent is installed. Linux Exploits/Remote
QEMU Floppy Disk Controller fdctrl_handle_drive_specification_command Virtual Machine Escape Exploit (VENOM) The fdctrl_handle_drive_specification_command() function in the code that emulates the Floppy Disk Controller in QEMU does not properly reset the index within a buffer when processing user-controlled data, leading to a heap-based buffer overflow in the QEMU process that runs on the Host system. An attacker running code within a Guest operating system can exploit this vulnerability in order to escape from the QEMU virtual machine and execute arbitrary code on the Host operating system. Linux Exploits/Local
QEMU Floppy Disk Controller fdctrl_handle_drive_specification_command Virtual Machine Escape Exploit (VENOM) Update The fdctrl_handle_drive_specification_command() function in the code that emulates the Floppy Disk Controller in QEMU does not properly reset the index within a buffer when processing user-controlled data, leading to a heap-based buffer overflow in the QEMU process that runs on the Host system. An attacker running code within a Guest operating system can exploit this vulnerability in order to escape from the QEMU virtual machine and execute arbitrary code on the Host operating system. This update adds support for exploiting 64-bit guest systems. Linux Exploits/Local
QNAP Qcenter Virtual Appliance Remote OS Command Injection Exploit QNAP Qcenter Virtual Appliance contains multiples vulnerabilities which allows authenticated attackers to gain arbitrary code execution on the affected system with root privileges. Linux Exploits/OS Command Injection/Known Vulnerabilities
QQPlayer File Processing Buffer Overflow Exploit QQPlayer contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in QQPlayer when handling .ASX files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .ASX file. Windows Exploits/Client Side
Quest InTrust AnnotateX ActiveX Exploit A vulnerability exists in AnnotateX.dll - by invoking the Add() method it is possible to call inside of any memory region of choice as selected by an attacker. Windows Exploits/Client Side
Quick n Easy FTP Server Login DoS This module shuts down the Quick 'n Easy FTP Server because it fails to properly handle user-supplied malformed packets when login. Windows Exploits/Remote
Quick TFTP Server Pro Mode Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in Quick TFTP Server Pro when processing a very large mode field in a read or write request. Windows Exploits/Remote
QuickBooks Pro 2010 dbicudtx10 DLL Hijacking Exploit QuickBooks Pro 2010 is prone to a vulnerability that may allow the execution of any library file named dbicudtx10.dll, if this dll is located in the same folder than a .QPG file. Windows Exploits/Client Side
QuickTime JPEG Exploit This module exploits a vulnerability in Apple QuickTime PictureViewer and installs an agent. Windows Exploits/Client Side
QuickTime JPEG Exploit Update This module exploits a vulnerability in Apple QuickTime PictureViewer and installs an agent. This update adds support for Mac OS X Windows Exploits/Client Side
QuickTime JPEG Exploit Update 2 This module exploits a vulnerability in Apple QuickTime PictureViewer and installs an agent. This update improve the exploit reliability in Mac OS X. Windows Exploits/Client Side
QuickTime Player Streaming Debug Error Logging Buffer Overflow Exploit The vulnerability is caused due to a boundary error in QuickTimeStreaming.qtx when constructing a string to write to a debug log file. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into viewing a specially crafted web page that references a SMIL file containing an overly long URL. Windows Exploits/Client Side
QuickTime Player Streaming Debug Error Logging Buffer Overflow Exploit Update A stack buffer overflow exists in QuickTime's error logging. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. This update embed the .MOV file in Internet Explorer 6 or 7, in other browsers it can be downloaded for use and exploitation in QuickTime. It also add support for Windows Vista. Windows Exploits/Client Side
QuickTime RTSP Content-Type exploit This module runs a server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting a vulnerability in Apple QuickTime, which allows unauthenticated attackers to execute arbitrary code or cause a denial of service condition. Windows Exploits/Client Side
QuickTime RTSP Content-Type exploit Mac Intel update This module runs a server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting a vulnerability in Apple QuickTime, which allows unauthenticated attackers to execute arbitrary code or cause a denial of service condition. This update adds Mac Intel support. Windows Exploits/Client Side