Exploits and Security Updates to Core Impact Threat Intelligence
When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.
Use the controls below to navigate Core Impact exploits and other modules.
Title |
Description | Vulnerabilty | Category | Platform |
|---|---|---|---|---|
| OracleDB CSA Remote Code Execution Exploit | This module exploits a vulnerability in the Client System Analyzer component of the Oracle Database Server. | CVE-2010-3600 | Exploits/Remote | Windows, Linux |
| OracleDB CSA Remote Code Execution Exploit AV Evasion Update | This update updates AV evasion for OracleDB CSA Remote Code Execution Exploit module. | CVE-2010-3600 | Exploits/Remote | Windows, Linux |
| OracleDB DBMS AW.EXECUTE CDA Command Remote Stack Overflow Exploit | Oracle Database Server Core RDBMS component is prone to a remote vulnerability that allows attackers to exploit a stack-based buffer overflow in the EXECUTE procedure of DBMS_AW. Using an overly long parameter in the CDA command with the previous procedure, a stack-based buffer overflow will occur, overwriting the saved return address. This module requires database user credentials with 'Create Session' privilege. | CVE-2014-6567 | Exploits/Remote | Windows |
| OracleDB DBMS AW.EXECUTE CDA Command Remote Stack Overflow Exploit Update | Oracle Database Server Core RDBMS component is prone to a remote vulnerability that allows attackers to exploit a stack-based buffer overflow in the EXECUTE procedure of DBMS_AW. Using an overly long parameter in the CDA command with the previous procedure, a stack-based buffer overflow will occur, overwriting the saved return address. This module requires database user credentials with 'Create Session' privilege. This update fixes a variable referenced before assignment bug. | CVE-2014-6567 | Exploits/Remote | Windows |
| OracleDB sys_context Remote Stack Overflow Exploit | A buffer overflow vulnerability was found in the SYS_CONTEXT procedure in Oracle Database Server allows a valid database user to execute arbitrary code. The vulnerability can be exploited by any valid database user with CONNECT privileges. The buffer overflow can then be exploited by calling the SYS_CONTEXT() function. This module has two uses: One as a Remote Exploit, which needs authentication, and another as an SQL Injection OS Agent installer module, which needs an Oracle SQL Agent as a target. | CVE-2004-1364 | Exploits/Remote | Linux |
| OracleDB TNS Listener Remote Poisoning Vulnerability Exploit | Oracle Database Server is prone to a remote vulnerability that allows attackers to poison the data handled by the remote 'TNS Listener' component of the application. This module tries to verify if the vulnerability is present in the 'TNS Listener' component of the database server, without deploying an agent. If a database instance name is supplied, it will be used to check for the vulnerability against the TNS listener of the target, but this could affect future client connections, as long as the module is running. If no database instance name is supplied, the module will try to register a random name. | CVE-2012-1675 | Exploits/Remote | Windows, Linux |
| Orbit Downloader Connecting Log Message Buffer Overflow Exploit | The application is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue occurs when the application creates a 'Connecting' log message. An attacker can exploit this issue by enticing a vulnerable user into connecting to a malicious HTTP server or opening a specially crafted URI that contains an excessively long hostname. | CVE-2009-0187 | Exploits/Client Side | Windows |
| Orbit Downloader Download Failed Exploit | Orbit Downloader is vulnerable to a buffer overflow attack, which can be exploited by malicious remote attackers to execute arbitrary code. The vulnerability is due to Orbit not properly converting an URL ASCII string to UNICODE. This can be exploited to execute arbitrary code by downloading a file from a specially crafted URL. | CVE-2008-1602 | Exploits/Client Side | Windows |
| Orbital Viewer .ORB Buffer Overflow Exploit | Orbital Viewer is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. | CVE-2010-0688 | Exploits/Client Side | Windows |
| osCommerce Arbitrary File Upload Exploit | osCommerce Online Merchant 2.2 RC2a is vulnerable to an Arbitrary File Upload without the need to be authenticated. This leads to arbitrary PHP code execution in the context of the webserver. This module tries to install a RFI agent if the Web Application is vulnerable. It will fail if the webserver is not allowed to write on the document root of the vulnerable web application. | NOCVE-9999-40096 | Exploits/Remote File Inclusion/Known Vulnerabilities | none |
| OtsTurntables OFL Buffer Overflow Exploit | OtsTurntables contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in OtsTurntables when handling .OFL files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .OFL file. | NOCVE-9999-35963 | Exploits/Client Side | Windows |
| PAC-Designer File Processing Buffer Overflow Exploit | The vulnerability is caused due to a boundary error when processing the <SymbolicSchematicData> tags within .PAC files. This can be exploited to cause a stack-based buffer overflow via an overly long string. | CVE-2012-2915 | Exploits/Client Side | Windows |
| PAC-Designer File Processing Buffer Overflow Exploit Update | The vulnerability is caused due to a boundary error when processing the <SymbolicSchematicData> tags within .PAC files. This can be exploited to cause a stack-based buffer overflow via an overly long string. This update adds CVE number. | CVE-2012-2915 | Exploits/Client Side | Windows |
| PAM Motd Privilege Escalation Exploit | PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps.A local attacker could exploit this to gain root privileges. | CVE-2010-0832 | Exploits/Local | Linux |
| PAM Motd Privilege Escalation Exploit Update | The PAM MOTD module in Ubuntu does not correctly handle path permissions when creating user file stamps. A local attacker can exploit this to gain root privileges. This update improves the reliability of the exploit. | CVE-2010-0832 | Exploits/Local | Linux |
| Panda Global Protection AppFlt.sys Privilege Escalation Exploit | This module exploits a memory corruption vulnerability in the AppFlt.sys driver of Panda Global Protection when handling a specially crafted IOCTL request. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. | NOCVE-9999-46949 | Exploits/Local | Windows |
| Panda Internet Security Binary Planting Privilege Escalation Exploit | This module exploits a privilege escalation vulnerability in Panda Internet Security. | NOCVE-9999-56047 | Exploits/Local | Windows |
| Panda Internet Security RKPavProc.sys Privilege Escalation Exploit | This module exploits a buffer overflow vulnerability in Panda Internet Security RKPavProc.sys driver when handling a specially crafted IOCTL request. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. | NOCVE-9999-44499 | Exploits/Local | Windows |
| Panda Security for Business Pagent MESSAGE_FROM_REMOTE Path Traversal Exploit | The Pagent service component of Panda Security for Business is prone to a path traversal vulnerability when handling MESSAGE_FROM_REMOTE packets. This vulnerability can be exploited by remote unauthenticated attackers to drop arbitrary files in the vulnerable machine in order to gain remote code execution with SYSTEM privileges. | NOCVE-9999-62132 | Exploits/Remote | Windows |
| PCMan FTP Server USER Command Buffer Overflow Exploit | PCMan's FTP Server is prone to a buffer-overflow when handling an overly long USER command. | NOCVE-9999-58668 | Exploits/Remote | Windows |
| PDFCool Studio Buffer Overflow Exploit | PDFCool Studio Suite is prone to a security vulnerability when processing PDF files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing users to open a specially crafted PDF file. | CVE-2013-4986 | Exploits/Client Side | Windows |
| PDFill PDF Editor mfc70enu DLL Hijacking Exploit | PDFill PDF Editor is prone to a vulnerability that may allow the execution of any library file named MFC70ENU.DLL, if this dll is located in the same folder than a .PDF file. | NOCVE-9999-49256 | Exploits/Client Side | Windows |
| PeaZIP Archived File Name Handling Command Injection Exploit | PeaZIP allows user-assisted remote attackers to execute arbitrary commands via a compressed archive with a .TXT file whose name contains | (pipe) characters and a command. | CVE-2009-2261 | Exploits/Client Side | Windows |
| PeerCast HTTP Server Buffer Overflow exploit | PeerCast is prone to a remote buffer overflow vulnerability. This can facilitate a remote compromise due to arbitrary code execution. | CVE-2006-1148 | Exploits/Remote | Linux |
| Perdition IMAP proxy str_vwrite format string exploit | The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. | CVE-2007-5740 | Exploits/Remote | FreeBSD |
| Phoenix Project Manager wbtrv32 DLL Hijacking Exploit | Phoenix Project Manager is prone to a vulnerability that may allow the execution of any library file named wbtrv32.dll, if this dll is located in the same folder as a .PPX file. The attacker must entice a victim into opening a specially crafted .PPX file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code. | NOCVE-9999-47357 | Exploits/Client Side | Windows |
| Photo DVD Maker PDM Buffer Overflow Exploit | Photo DVD Maker contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Photo DVD Maker when handling .PDM files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .PDM file. | CVE-2009-2375 | Exploits/Client Side | Windows |
| PhotoFiltre Studio Buffer Overflow Exploit | PhotoFiltre Studio contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in PhotoFiltre when handling .TIF files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .TIF file. | CVE-2007-2192 | Exploits/Client Side | Windows |
| PHP apache_request_headers Function Buffer Overflow Exploit | This module exploits a buffer overflow in PHP. The specific flaw is in the apache_request_handlers() function. The apache_request_handlers() function fails to validate the length of certain headers in the HTTP request and blindly copy all the string received in the vulnerable header to the stack causing a buffer overflow. | CVE-2012-2329 | Exploits/Remote | Windows |
| PHP Charts Remote Code Execution Exploit | This module exploits a vulnerability in PHP Charts 1.0. The url.php script eval()s every single GET key/value pair. Leading to code execution. | NOCVE-9999-57634 | Exploits/Remote | none |