Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Titlesort descending Description Vulnerabilty Category Platform
Zinf Audio Player PLS Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the handling of .PLS files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .PLS file. CVE-2007-0707 Exploits/Client Side Windows
ZipScan Archive Processing Buffer Overflow Exploit The vulnerability is caused due to a boundary error when processing archives containing entries with overly long paths. NOCVE-9999-42953 Exploits/Client Side Windows
ZipWrangler Buffer Overflow Exploit ZipWrangler contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in ZipWrangler when handling .ZIP files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .ZIP file. CVE-2010-1685 Exploits/Client Side Windows
ZoneAlarm VSDATANT IOCTL Handler Privilege Escalation Exploit This module exploits a vulnerability in ZoneAlarm products when the 0x8400000F function is invoked with a specially crafted parameter. The IOCTL 0x8400000F handler in the VSDATANT.SYS device driver in ZoneAlarm products allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain escalated privileges. CVE-2007-4216 Exploits/Local Windows
ZoneAlarm VSDATANT IOCTL Handler Privilege Escalation Exploit Update This module exploits a vulnerability in ZoneAlarm products when the 0x8400000F function is invoked with a specially crafted parameter. The IOCTL 0x8400000F handler in the VSDATANT.SYS device driver in ZoneAlarm products allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain escalated privileges. This update adds support for Windows XP SP3. CVE-2007-4216 Exploits/Local Windows
Zoom Player BMP File Processing Buffer Overflow Exploit Zoom Player is prone to a buffer-overflow via a specially crafted BMP image with an overly large "biClrUsed" value. CVE-2013-3259 Exploits/Client Side Windows
Zope standard_error_message Cross-Site Scripting Exploit Zope is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. NOCVE-9999-41980 Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities none