Core Certified Exploits

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Subscribe to receive regular updates by email:

 

Browse All Exploits

 

 

Title Description CVE Link Exploit Platform Exploit Type
Easy FTP Server Multiple Remote Buffer Overflow An internal memory buffer of Easy FTP Server may be overrun while handling long "APPE" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the ftpbasicsvr.exe process. Windows Exploits/Remote
OpenOffice Word sprmTDefTable Integer Overflow Exploit Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document. Windows Exploits/Client Side
HP OpenView NNM Snmp CGI Buffer Overflow Exploit This module exploits a vulnerability in HP OpenView NNM by sending a specially crafted request to the snmp.exe. Windows Exploits/Remote
Microsoft Windows ICMPv6 Router Advertisement Remote DoS (MS10-009) This module exploits a memory corruption in the Microsoft Windows TCP/IP implementation by sending a sequence of IPv6 packets with a specially crafted Router Advertisement ICMP packet. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Denial of Service/Remote
Hyperic HQ GenericError Page Cross Site Scripting Exploit A reflected cross-site scripting vulnerability was found in the generic exception handler of Hyperic, located in hq/web/common/GenericError.jsp. Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities
UplusFtp Multiple Remote Buffer Overflow Exploit The vulnerability is caused due to a boundary error when handling some commands. This can be exploited to cause a stack-based buffer overflow via an overly long command string, passed to the affected server. Windows Exploits/Remote
Microsoft Windows TCPIP SACK Remote DoS (MS10-009) This module exploits a memory corruption in the Microsoft Windows TCP/IP implementation by sending a sequence of TCP/IP packets with a specially crafted Selective Acknowledgement (SACK) values. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Denial of Service/Remote
Microsoft Windows SMB Client Pool Corruption Vulnerability DoS (MS10-006) This module exploits a vulnerability in mrxsmb.sys when it responses to the client with a malformed SMB packet. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Denial of Service/Client Side
Apple iTunes PLS File Stack Overflow Exploit Apple iTunes is prone to a buffer-overflow vulnerability because the software fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Mac OS X Exploits/Client Side
Oracle Secure Backup Remote Command Execution Exploit Update This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the logic used to authenticate a user to the administration server running on port 443. The script login.php does not properly sanitize the 'username' variable before using it in a database query. A specially crafted 'username' allows unauthorized attackers to log in with full administrative capabilities. This update adds Solaris support. Windows Exploits/Remote Code Execution
WireShark LWRES Dissector Buffer Overflow Exploit Update This module exploits a stack-based buffer overflow in the WireShark LWRES dissector by sending a specially crafted LWRES packet. This update adds support for more WireShark versions. Windows Exploits/Remote
WireShark LWRES Dissector Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the WireShark LWRES dissector by sending a specially crafted LWRES packet. Windows Exploits/Remote
Serv-U Web Client HTTP Request Remote Buffer Overflow Exploit This module exploits a stack overflow in Serv-U Web Client by sending a specially crafted POST request. Windows Exploits/Remote
PhpMyAdmin Unserialize Remote Code Execution Exploit phpMyAdmin is vulnerable to a remote code execution due the use of the unserialize method on user supplied data. This data is written in the config file and is accessible from the internet by default. Windows Exploits/Remote
TwonkyMedia Server Error Page Cross Site Scripting Exploit Input passed via the URL is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. This update lists the module in Impact's WebApp view. Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities
Symantec Altiris Deployment Solution RunCmd Buffer Overflow Exploit This module exploits a vulnerability in the AeXNSConsoleUtilities.dll control included in the Symantec ConsoleUtilities application. The vulnerability is triggered when the RunCmd method processes a long string argument resulting in a stack-based buffer overflow. Windows Exploits/Client Side
Vermillion FTP Daemon Buffer Overflow Exploit The vulnerability is caused due to a boundary error with the handling of PORT commands. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted command passed to the affected server. Windows Exploits/Remote
Eureka Mail Client Error Response Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error in the processing of POP3 responses. This can be exploited to cause a stack-based buffer overflow via an overly long error response. This version fix XML and version number, add Windows 7, Windows Vista and Windows 2000 suport, and fix len of the public IP problem. Windows Exploits/Client Side
Testlink login Cross Site Scripting Exploit A cross-site scripting vulnerability is present in TestLink before 1.8.5 allowing remote attackers to inject arbitrary web script or HTML via the req parameter to login.php. Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities
Net Transport eDonkey Protocol Buffer Overflow Exploit The vulnerability is caused due to a boundary error in the processing of eDonkey "OP_LOGINREQUEST" packets. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet to the ed2k port of an affected system. Windows Exploits/Remote
OracleDB sys_context Remote Stack Overflow Exploit A buffer overflow vulnerability was found in the SYS_CONTEXT procedure in Oracle Database Server allows a valid database user to execute arbitrary code. The vulnerability can be exploited by any valid database user with CONNECT privileges. The buffer overflow can then be exploited by calling the SYS_CONTEXT() function. This module has two uses: One as a Remote Exploit, which needs authentication, and another as an SQL Injection OS Agent installer module, which needs an Oracle SQL Agent as a target. Linux Exploits/Remote
Symantec Veritas VRTSweb Privilege Escalation Exploit Update This module exploits a code execution vulnerability in the Veritas Web Server service by sending a specially crafted authentication request to the 14300/TCP port, allowing local users to gain elevated privileges. This update adds support for Windows 2008. Windows Exploits/Local
AIX rpc.cmsd Buffer Overflow Exploit This module exploits a remote buffer overflow vulnerability on the Calendar Manager Service Daemon. AIX Exploits/Remote
Easy RM to MP3 Converter Buffer Overflow Exploit Easy RM to MP3 Converter is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing specially crafted .pls files. Windows Exploits/Client Side
OpenBSD getsockopt() Privilege Escalation Exploit A local user can invoke the getsockopt call with certain options to execute arbitrary code and gain privileged access. OpenBSD Exploits/Local