Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Titlesort descending Description Vulnerabilty Category Platform
Orbit Downloader Connecting Log Message Buffer Overflow Exploit The application is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue occurs when the application creates a 'Connecting' log message. An attacker can exploit this issue by enticing a vulnerable user into connecting to a malicious HTTP server or opening a specially crafted URI that contains an excessively long hostname. CVE-2009-0187 Exploits/Client Side Windows
Orbit Downloader Download Failed Exploit Orbit Downloader is vulnerable to a buffer overflow attack, which can be exploited by malicious remote attackers to execute arbitrary code. The vulnerability is due to Orbit not properly converting an URL ASCII string to UNICODE. This can be exploited to execute arbitrary code by downloading a file from a specially crafted URL. CVE-2008-1602 Exploits/Client Side Windows
Orbital Viewer .ORB Buffer Overflow Exploit Orbital Viewer is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. CVE-2010-0688 Exploits/Client Side Windows
OrientDB Remote Command Execution Exploit This module exploits a privilege escalation vulnerability in OrientDB by abusing SQL queries on OUser/ORole without the privileges which allows users to get Code Execution. CVE-2017-11467 Exploits/OS Command Injection/Known Vulnerabilities Linux
osCommerce Arbitrary File Upload Exploit osCommerce Online Merchant 2.2 RC2a is vulnerable to an Arbitrary File Upload without the need to be authenticated. This leads to arbitrary PHP code execution in the context of the webserver. This module tries to install a RFI agent if the Web Application is vulnerable. It will fail if the webserver is not allowed to write on the document root of the vulnerable web application. NOCVE-9999-40096 Exploits/Remote File Inclusion/Known Vulnerabilities none
OtsTurntables OFL Buffer Overflow Exploit OtsTurntables contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in OtsTurntables when handling .OFL files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .OFL file. NOCVE-9999-35963 Exploits/Client Side Windows
PAC-Designer File Processing Buffer Overflow Exploit The vulnerability is caused due to a boundary error when processing the <SymbolicSchematicData> tags within .PAC files. This can be exploited to cause a stack-based buffer overflow via an overly long string. CVE-2012-2915 Exploits/Client Side Windows
PAC-Designer File Processing Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error when processing the <SymbolicSchematicData> tags within .PAC files. This can be exploited to cause a stack-based buffer overflow via an overly long string. This update adds CVE number. CVE-2012-2915 Exploits/Client Side Windows
PAM Motd Privilege Escalation Exploit PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps.A local attacker could exploit this to gain root privileges. CVE-2010-0832 Exploits/Local Linux
PAM Motd Privilege Escalation Exploit Update The PAM MOTD module in Ubuntu does not correctly handle path permissions when creating user file stamps. A local attacker can exploit this to gain root privileges. This update improves the reliability of the exploit. CVE-2010-0832 Exploits/Local Linux
Panda Global Protection AppFlt.sys Privilege Escalation Exploit This module exploits a memory corruption vulnerability in the AppFlt.sys driver of Panda Global Protection when handling a specially crafted IOCTL request. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. NOCVE-9999-46949 Exploits/Local Windows
Panda Internet Security Binary Planting Privilege Escalation Exploit This module exploits a privilege escalation vulnerability in Panda Internet Security. NOCVE-9999-56047 Exploits/Local Windows
Panda Internet Security RKPavProc.sys Privilege Escalation Exploit This module exploits a buffer overflow vulnerability in Panda Internet Security RKPavProc.sys driver when handling a specially crafted IOCTL request. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. NOCVE-9999-44499 Exploits/Local Windows
Panda Security for Business Pagent MESSAGE_FROM_REMOTE Path Traversal Exploit The Pagent service component of Panda Security for Business is prone to a path traversal vulnerability when handling MESSAGE_FROM_REMOTE packets. This vulnerability can be exploited by remote unauthenticated attackers to drop arbitrary files in the vulnerable machine in order to gain remote code execution with SYSTEM privileges. NOCVE-9999-62132 Exploits/Remote Windows
PCMan FTP Server USER Command Buffer Overflow Exploit PCMan's FTP Server is prone to a buffer-overflow when handling an overly long USER command. NOCVE-9999-58668 Exploits/Remote Windows
PCMan FTP Server USER Command Buffer Overflow Exploit Update PCMan's FTP Server is prone to a buffer-overflow when handling an overly long USER command. This update improves the exploit reliability. CVE-2013-4730 Exploits/Remote Windows
PDFCool Studio Buffer Overflow Exploit PDFCool Studio Suite is prone to a security vulnerability when processing PDF files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing users to open a specially crafted PDF file. CVE-2013-4986 Exploits/Client Side Windows
PDFill PDF Editor mfc70enu DLL Hijacking Exploit PDFill PDF Editor is prone to a vulnerability that may allow the execution of any library file named MFC70ENU.DLL, if this dll is located in the same folder than a .PDF file. NOCVE-9999-49256 Exploits/Client Side Windows
PeaZIP Archived File Name Handling Command Injection Exploit PeaZIP allows user-assisted remote attackers to execute arbitrary commands via a compressed archive with a .TXT file whose name contains | (pipe) characters and a command. CVE-2009-2261 Exploits/Client Side Windows
PeerCast HTTP Server Buffer Overflow exploit PeerCast is prone to a remote buffer overflow vulnerability. This can facilitate a remote compromise due to arbitrary code execution. CVE-2006-1148 Exploits/Remote Linux
Perdition IMAP proxy str_vwrite format string exploit The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. CVE-2007-5740 Exploits/Remote FreeBSD
pfSense system groupmanager Command Execution Exploit This module exploits a post authentication vulnerability in pfSense by abusing the system_groupmanager.php page which allows users to get Code Execution. NOCVE-9999-99510 Exploits/OS Command Injection/Known Vulnerabilities FreeBSD
Phoenix Project Manager wbtrv32 DLL Hijacking Exploit Phoenix Project Manager is prone to a vulnerability that may allow the execution of any library file named wbtrv32.dll, if this dll is located in the same folder as a .PPX file. The attacker must entice a victim into opening a specially crafted .PPX file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code. NOCVE-9999-47357 Exploits/Client Side Windows
Photo DVD Maker PDM Buffer Overflow Exploit Photo DVD Maker contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Photo DVD Maker when handling .PDM files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .PDM file. CVE-2009-2375 Exploits/Client Side Windows
PhotoFiltre Studio Buffer Overflow Exploit PhotoFiltre Studio contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in PhotoFiltre when handling .TIF files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .TIF file. CVE-2007-2192 Exploits/Client Side Windows
PHP apache_request_headers Function Buffer Overflow Exploit This module exploits a buffer overflow in PHP. The specific flaw is in the apache_request_handlers() function. The apache_request_handlers() function fails to validate the length of certain headers in the HTTP request and blindly copy all the string received in the vulnerable header to the stack causing a buffer overflow. CVE-2012-2329 Exploits/Remote Windows
PHP Charts Remote Code Execution Exploit This module exploits a vulnerability in PHP Charts 1.0. The url.php script eval()s every single GET key/value pair. Leading to code execution. NOCVE-9999-57634 Exploits/Remote none
PHP Hash Table Collisions DoS This module sends HTTP requests with specially crafted data making the PHP interpreter to consume lot of resources. This attack prevents the victim server from processing requests from legitimate clients and probably will make the server non-operational. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2011-4885 Denial of Service/Remote Solaris, AIX, Windows, Linux, OpenBSD, FreeBSD
PHP Hash Table Collisions DoS Update This module sends HTTP requests with specially crafted data making the PHP interpreter to consume lot of resources. This attack prevents the victim server from processing requests from legitimate clients and probably will make the server non-operational. This is update fixes an issue when launching the module from an agent running in a linux system. CVE-2011-4885 Denial of Service/Remote Solaris, AIX, Windows, Linux, OpenBSD, FreeBSD
PHP memory_limit exploit This module exploits a vulnerability in the memory_limit function in PHP and installs a level0 agent. CVE-2004-0594 Exploits/Remote Linux