Exploits and Security Updates to Core Impact Threat Intelligence
When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.
Use the controls below to navigate Core Impact exploits and other modules.
Title |
Description | Vulnerabilty | Category | Platform |
|---|---|---|---|---|
| Oracle WebLogic Server Apache Connector Exploit Update | Exploits a buffer overflow in the Apache Connector of Oracle WebLogic Server (formerly known as BEA WebLogic Server). The target path used when launching this module against an Apache Server must be handled by the Apache Connector or the exploit will not succeed. This update changes the default connection method for the module. | CVE-2008-3257 | Exploits/Remote | Windows, AIX, Linux |
| Oracle WebLogic Server commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit | Oracle WebLogic Server is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. | NOCVE-9999-74931 | Exploits/Remote | Windows |
| Oracle WebLogic Server commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit Update | Oracle WebLogic Server is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. This update add proper CVE number and more supported platforms. | CVE-2015-4852 | Exploits/Remote | Solaris, Windows, Linux |
| OracleDB AUTH_SESSKEY Remote Buffer Overflow Exploit | This module exploits a vulnerability in the Oracle Database Server. The vulnerability is triggered when the server processes a long string inside the AUTH_SESSKEY property resulting in a stack-based buffer overflow. | CVE-2009-1979 | Exploits/Remote | Windows |
| OracleDB AUTH_SESSKEY Remote Buffer Overflow Exploit Update | This module exploits a vulnerability in the Oracle Database Server. The vulnerability is triggered when the server processes a long string inside the AUTH_SESSKEY property resulting in a stack-based buffer overflow. This update adds support for Windows 2003 SP2 and Oracle 10.2.0.4. | CVE-2009-1979 | Exploits/Remote | Windows |
| OracleDB CSA Remote Code Execution Exploit | This module exploits a vulnerability in the Client System Analyzer component of the Oracle Database Server. | CVE-2010-3600 | Exploits/Remote | Windows, Linux |
| OracleDB CSA Remote Code Execution Exploit AV Evasion Update | This update updates AV evasion for OracleDB CSA Remote Code Execution Exploit module. | CVE-2010-3600 | Exploits/Remote | Windows, Linux |
| OracleDB DBMS AW.EXECUTE CDA Command Remote Stack Overflow Exploit | Oracle Database Server Core RDBMS component is prone to a remote vulnerability that allows attackers to exploit a stack-based buffer overflow in the EXECUTE procedure of DBMS_AW. Using an overly long parameter in the CDA command with the previous procedure, a stack-based buffer overflow will occur, overwriting the saved return address. This module requires database user credentials with 'Create Session' privilege. | CVE-2014-6567 | Exploits/Remote | Windows |
| OracleDB DBMS AW.EXECUTE CDA Command Remote Stack Overflow Exploit Update | Oracle Database Server Core RDBMS component is prone to a remote vulnerability that allows attackers to exploit a stack-based buffer overflow in the EXECUTE procedure of DBMS_AW. Using an overly long parameter in the CDA command with the previous procedure, a stack-based buffer overflow will occur, overwriting the saved return address. This module requires database user credentials with 'Create Session' privilege. This update fixes a variable referenced before assignment bug. | CVE-2014-6567 | Exploits/Remote | Windows |
| OracleDB sys_context Remote Stack Overflow Exploit | A buffer overflow vulnerability was found in the SYS_CONTEXT procedure in Oracle Database Server allows a valid database user to execute arbitrary code. The vulnerability can be exploited by any valid database user with CONNECT privileges. The buffer overflow can then be exploited by calling the SYS_CONTEXT() function. This module has two uses: One as a Remote Exploit, which needs authentication, and another as an SQL Injection OS Agent installer module, which needs an Oracle SQL Agent as a target. | CVE-2004-1364 | Exploits/Remote | Linux |
| OracleDB TNS Listener Remote Poisoning Vulnerability Exploit | Oracle Database Server is prone to a remote vulnerability that allows attackers to poison the data handled by the remote 'TNS Listener' component of the application. This module tries to verify if the vulnerability is present in the 'TNS Listener' component of the database server, without deploying an agent. If a database instance name is supplied, it will be used to check for the vulnerability against the TNS listener of the target, but this could affect future client connections, as long as the module is running. If no database instance name is supplied, the module will try to register a random name. | CVE-2012-1675 | Exploits/Remote | Windows, Linux |
| Orbit Downloader Connecting Log Message Buffer Overflow Exploit | The application is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue occurs when the application creates a 'Connecting' log message. An attacker can exploit this issue by enticing a vulnerable user into connecting to a malicious HTTP server or opening a specially crafted URI that contains an excessively long hostname. | CVE-2009-0187 | Exploits/Client Side | Windows |
| Orbit Downloader Download Failed Exploit | Orbit Downloader is vulnerable to a buffer overflow attack, which can be exploited by malicious remote attackers to execute arbitrary code. The vulnerability is due to Orbit not properly converting an URL ASCII string to UNICODE. This can be exploited to execute arbitrary code by downloading a file from a specially crafted URL. | CVE-2008-1602 | Exploits/Client Side | Windows |
| Orbital Viewer .ORB Buffer Overflow Exploit | Orbital Viewer is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. | CVE-2010-0688 | Exploits/Client Side | Windows |
| osCommerce Arbitrary File Upload Exploit | osCommerce Online Merchant 2.2 RC2a is vulnerable to an Arbitrary File Upload without the need to be authenticated. This leads to arbitrary PHP code execution in the context of the webserver. This module tries to install a RFI agent if the Web Application is vulnerable. It will fail if the webserver is not allowed to write on the document root of the vulnerable web application. | NOCVE-9999-40096 | Exploits/Remote File Inclusion/Known Vulnerabilities | none |
| OtsTurntables OFL Buffer Overflow Exploit | OtsTurntables contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in OtsTurntables when handling .OFL files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .OFL file. | NOCVE-9999-35963 | Exploits/Client Side | Windows |
| PAC-Designer File Processing Buffer Overflow Exploit | The vulnerability is caused due to a boundary error when processing the <SymbolicSchematicData> tags within .PAC files. This can be exploited to cause a stack-based buffer overflow via an overly long string. | CVE-2012-2915 | Exploits/Client Side | Windows |
| PAC-Designer File Processing Buffer Overflow Exploit Update | The vulnerability is caused due to a boundary error when processing the <SymbolicSchematicData> tags within .PAC files. This can be exploited to cause a stack-based buffer overflow via an overly long string. This update adds CVE number. | CVE-2012-2915 | Exploits/Client Side | Windows |
| PAM Motd Privilege Escalation Exploit | PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps.A local attacker could exploit this to gain root privileges. | CVE-2010-0832 | Exploits/Local | Linux |
| PAM Motd Privilege Escalation Exploit Update | The PAM MOTD module in Ubuntu does not correctly handle path permissions when creating user file stamps. A local attacker can exploit this to gain root privileges. This update improves the reliability of the exploit. | CVE-2010-0832 | Exploits/Local | Linux |
| Panda Global Protection AppFlt.sys Privilege Escalation Exploit | This module exploits a memory corruption vulnerability in the AppFlt.sys driver of Panda Global Protection when handling a specially crafted IOCTL request. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. | NOCVE-9999-46949 | Exploits/Local | Windows |
| Panda Internet Security Binary Planting Privilege Escalation Exploit | This module exploits a privilege escalation vulnerability in Panda Internet Security. | NOCVE-9999-56047 | Exploits/Local | Windows |
| Panda Internet Security RKPavProc.sys Privilege Escalation Exploit | This module exploits a buffer overflow vulnerability in Panda Internet Security RKPavProc.sys driver when handling a specially crafted IOCTL request. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. | NOCVE-9999-44499 | Exploits/Local | Windows |
| Panda Security for Business Pagent MESSAGE_FROM_REMOTE Path Traversal Exploit | The Pagent service component of Panda Security for Business is prone to a path traversal vulnerability when handling MESSAGE_FROM_REMOTE packets. This vulnerability can be exploited by remote unauthenticated attackers to drop arbitrary files in the vulnerable machine in order to gain remote code execution with SYSTEM privileges. | NOCVE-9999-62132 | Exploits/Remote | Windows |
| PCMan FTP Server USER Command Buffer Overflow Exploit | PCMan's FTP Server is prone to a buffer-overflow when handling an overly long USER command. | NOCVE-9999-58668 | Exploits/Remote | Windows |
| PDFCool Studio Buffer Overflow Exploit | PDFCool Studio Suite is prone to a security vulnerability when processing PDF files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing users to open a specially crafted PDF file. | CVE-2013-4986 | Exploits/Client Side | Windows |
| PDFill PDF Editor mfc70enu DLL Hijacking Exploit | PDFill PDF Editor is prone to a vulnerability that may allow the execution of any library file named MFC70ENU.DLL, if this dll is located in the same folder than a .PDF file. | NOCVE-9999-49256 | Exploits/Client Side | Windows |
| PeaZIP Archived File Name Handling Command Injection Exploit | PeaZIP allows user-assisted remote attackers to execute arbitrary commands via a compressed archive with a .TXT file whose name contains | (pipe) characters and a command. | CVE-2009-2261 | Exploits/Client Side | Windows |
| PeerCast HTTP Server Buffer Overflow exploit | PeerCast is prone to a remote buffer overflow vulnerability. This can facilitate a remote compromise due to arbitrary code execution. | CVE-2006-1148 | Exploits/Remote | Linux |
| Perdition IMAP proxy str_vwrite format string exploit | The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. | CVE-2007-5740 | Exploits/Remote | FreeBSD |