Core Certified Exploits

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Subscribe to receive regular updates by email:

 

Browse All Exploits

 

 

Title Description CVE Link Exploit Platform Exploit Type
QuickTime RTSP Content-Type exploit update This module runs a server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting a vulnerability in Apple QuickTime, which allows unauthenticated attackers to execute arbitrary code or cause a denial of service condition. This updates adds Vista as a supported platform for Quicktime 7.3 and also targets Quicktime version 7.2 in both Windows XP and Windows Vista. Windows Exploits/Client Side
QuickTime RTSP URL exploit This exploit triggers a stack-based buffer overflow in the QuickTime browser plugin via a specially crafted HTML page. Windows Exploits/Client Side
QuickView Plus Client vsacs Buffer Overflow Exploit Quick View Plus contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Quick View Plus when handling .MDB files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .MDB file. This module runs a malicious web server on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to it by opening the crafted MDB file with Quick View Plus. Windows Exploits/Client Side
Quiksoft EasyMail AddAttachment Method ActiveX Control Buffer Overflow Exploit QuikSoft EasyMail is prone to a buffer overflow. The vulnerability affects the 'AddAttachment()' method of the 'emsmtp.dll'. The issue occurs when the method handles user-input buffer with overly long size. Windows Exploits/Client Side
RabidHamster R4 Log Entry sprintf Buffer Overflow Exploit A stack overflow found in RabidHamster R4's web server by supplying a malformed HTTP request when generating a log. Windows Exploits/Remote
RadAsm WindowCallProcA Pointer Hijack Exploit The vulnerability is caused due to a boundary error in the processing of .RAP files. This can be exploited to cause a stack-based buffer overflow by tricking a user into decoding a specially crafted .RAP file. Exploits/Client Side
RadAsm WindowCallProcA Pointer Hijack Exploit Update The vulnerability is caused due to a boundary error in the processing of .RAP files. This can be exploited to cause a stack-based buffer overflow by tricking a user into decoding a specially crafted .RAP file. This update modifies the current NOCVE for the module and adds support for the new Impact 9 Client Side features. Windows Exploits/Client Side
RainbowPlayer RPL Buffer Overflow Exploit RainbowPlayer is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Windows Exploits/Client Side
RAT Gh0st Controller Server Buffer Overflow Exploit This module exploits a buffer overflow in the Gh0st Controller Server when handling a drive list. Windows Exploits/Remote
rConfig ajaxServerSettingsChk and search_crud Remote OS Command Injection Exploit An unauthenticated OS command injection vulnerability in rConfig using the rootUname parameter present in ajaxServerSettingsChk.php allows an attacker to send a request that will attempt to execute OS commands with permissions of the rConfig process on the host system. Also, an authenticated OS command injection vulnerability using the catCommand parameter present in search.crud.php allows an attackers to do the same as previous, but credentials are required. Linux Exploits/OS Command Injection/Known Vulnerabilities
Real Networks RealPlayer SP RecordClip Exploit This module exploits an arbitrary file download vulnerability in the RecordingManager Control included in RealPlayer SP. Windows Exploits/Client Side
Real Player MS HelpCenter Command Execution Exploit (MS10-042) This module exploits a vulnerability caused due to an error in the MPC::HTML::UrlUnescapeW() function in helpctr.exe when escaping URLs, add direct exploitation from Real Player to the original Internet Explorer attack vector. Windows Exploits/Client Side
RealNetworks Arcade Games ActiveX Control Exploit This module runs a web server waiting for vulnerable clients (Internet Explorer with a vulnerable StubbyUtil.InstallerDlg.1 ActiveX Control) to connect to it. When the client connects, it will try to install an agent by sending a specially crafted HTML page which exploits the Real Networks Arcade Game's ActiveX control. ActiveX Control Remote Code Execution Vulnerability. Ref: http://www.exploit-db.com/exploits/17149/ Windows Exploits/Client Side
RealNetworks Helix DNA Server Remote Heap Overflow Exploit This module exploits a remote heap overflow in the Helix DNA Server (rmserver.exe) by sending a specially crafted RTSP packet to the 554/TCP port. Windows Exploits/Remote
RealNetworks Helix Server AgentX Remote Buffer Overflow Exploit This module exploits a remote stack-based buffer overflow vulnerability in AgentX++, as distributed with Helix Server, by sending multiple blocks of data to the port 705/TCP. Windows Exploits/Remote
RealNetworks RealPlayer CDDA URI ActiveX Exploit An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly initialize an unspecified object component during parsing of a CDDA URI, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and application crash) via a long URI. Windows Exploits/Client Side
RealNetworks RealPlayer QCP Parsing Buffer Overflow Exploit The specific flaw exists within qcpfformat.dll, which is responsible for parsing QCP media files. The process creates a static 256 byte allocation on the heap and trusts a user-supplied counter from the file within a memory copy loop. Windows Exploits/Client Side
RealNetworks RealPlayer QCP Parsing Buffer Overflow Exploit Update The specific flaw exists within qcpfformat.dll, which is responsible for parsing QCP media files. The process creates a static 256 byte allocation on the heap and trusts a user-supplied counter from the file within a memory copy loop. This version adds support for Internet Explorer 8 with java enabled. Windows Exploits/Client Side
RealPlayer ActiveX Buffer Overflow Exploit This module exploits a vulnerability caused due to a boundary error in the ierpplug.dll of the Real Player application. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. Windows Exploits/Client Side
RealPlayer ActiveX Buffer Overflow Exploit Update This module exploits a vulnerability caused due to a boundary error in the ierpplug.dll of the Real Player application. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. Windows Exploits/Client Side
RealPlayer Cook Codec Channel Parsing Code Execution Exploit A code execution vulnerability exists in the way that RealPlayer parses files encoded with Cook codec. Windows Exploits/Client Side
RealPlayer RealMedia File Buffer Overflow Exploit RealPlayer is prone to a stack based buffer overflow when opening specially crafted Real Media files. Windows Exploits/Client Side
RealPlayer rmoc3260.dll ActiveX Buffer Overflow Exploit This module exploits a heap-based buffer overflow in the rmoc3260.dll ActiveX Control included in Real Player 11. Windows Exploits/Client Side
RealPlayer SMIL wallclock Buffer Overflow Exploit This module exploits a vulnerability caused due to a boundary error in the wallclock functionality in SmilTimeValue::parseWallClockValue() when handling time formats. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. Windows Exploits/Client Side
RealPlayer TRACKID tag handling RMP Buffer Overflow Exploit Real Media Player are vulnerable to a heap buffer overflow when provided with a specially crafted .rmp file with malformed TRACKID tags. Windows Exploits/Client Side