Exploits and Security Updates to Core Impact Threat Intelligence

Exploits and Security Updates to Core Impact Threat Intelligence

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Category Platform
FreeBSD Kernel Protosw Privilege Escalation Exploit The FreeBSD kernel provides support for a variety of different types of communications sockets, including IPv4, IPv6, ISDN, ATM, routing protocol, link-layer, netgraph(4), and bluetooth sockets. Some function pointers for netgraph and bluetooth sockets are not properly initialized. This can be exploited to e.g. read or write to arbitrary kernel memory via a specially crafted "socket()" system call, and allows an unprivileged process to elevate privileges to root or escape a FreeBSD jail. CVE-2008-5736 Exploits/Local FreeBSD
Mozilla Firefox UTF-8 Buffer Overflow Exploit Update This module exploits a buffer overflow in Mozilla Firefox when parsing a malformed UTF-8 encoded URL. This update adds support for OS X as a target platform. CVE-2008-0016 Exploits/Client Side Windows, Linux, Mac OS X
Anti Keylogger Elite Privilege Escalation Exploit This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. CVE-2008-5049 Exploits/Local Windows
Adobe PDF getIcon Buffer Overflow Exploit This module exploits a stack based buffer overflow vulnerability in Adobe Reader when handling a specially crafted PDF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-0927 Exploits/Client Side Windows
Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow Exploit This module exploits a vulnerability in Oracle Secure Backup when sending a specially crafted NDMP_CONNECT_CLIENT_AUTH packet. CVE-2008-5444 Exploits/Remote Windows
Moodle Tex Filter Remote Code Execution Exploit Upgrade This update adds Windows (XP) to the supported target systems for this exploit. NOCVE-9999-35969 Exploits/Remote Windows, Linux
Orbit Downloader Connecting Log Message Buffer Overflow Exploit The application is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue occurs when the application creates a 'Connecting' log message. An attacker can exploit this issue by enticing a vulnerable user into connecting to a malicious HTTP server or opening a specially crafted URI that contains an excessively long hostname. CVE-2009-0187 Exploits/Client Side Windows
WinGate Proxy Server Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the handling of POST requests. This may allow execution of arbitrary code by sending an overly long, specially crafted POST request to the proxy server CVE-2006-2926 Exploits/Remote Windows
Microsoft IE CFunctionPointer Memory Corruption Exploit Update This module exploits a memory corruption vulnerability when Internet Explorer attempts to access an object that has been deleted. This update adds support for Windows Vista SP0 and SP1. CVE-2009-0075 Exploits/Client Side Windows
XM Easy Personal FTP Server DoS XM Easy Personal FTP Server is prone to multiple remote denial-of- service vulnerabilities because it fails to properly handle user-supplied input. CVE-2006-2225 Denial of Service/Remote Windows
Foxit Reader Open File Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in Foxit Reader. If an Open/Execute a file action is defined in the PDF file with an overly long file name argument, when the trigger condition is satisfied it will cause a stack-based buffer overflow, because the application tries to copy the file name argument to a fixed-size buffer in the stack without properly checking that the buffer is large enough to hold the file name string. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. NOCVE-9999-36556 Exploits/Client Side Windows
Euphonics Audio Player PLS Buffer Overflow Exploit Euphonics Audio Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error when handling .PLS files. NOCVE-9999-35967 Exploits/Client Side Windows
Symantec AppStream LaunchObj ActiveX Exploit This module exploits an arbitrary file download and execute vulnerability in the LaunchObj ActiveX Control included in Symantec AppStream Client. CVE-2008-4388 Exploits/Client Side Windows
Sami FTP Server Authentication Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the authentication process. This can be exploited to cause a stack-based buffer overflow by sending an overly long, specially-crafted password to the affected server and waiting for the administrator of Sami FTP Server to set focus on the GUI of the program in order to deploy an agent. CVE-2006-2212 Exploits/Remote Windows
BlazeHDTV PLF Playlist Buffer Overflow Exploit This module exploits a vulnerability caused due to a boundary error in BlazeHDTV when handling Playlist files. This can be exploited to cause a stack-based buffer overflow via a specially crafted PLF file. CVE-2006-6396 Exploits/Client Side Windows
Free Download Manager Torrent Parsing Buffer Overflow Exploit This module exploits a vulnerability in Free Download Manager. The vulnerability is caused due to a boundary error within the processing of torrent files. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened. CVE-2009-0184 Exploits/Client Side Windows
Chilkat ActiveX Remote Code Execution Exploit This module exploits a Remote Arbitrary File Creation/Execution vulnerability in the AppendBinary and SaveToFile function in Chilkat to deploy an agent. CVE-2008-5002 Exploits/Client Side Windows
Novell GroupWise Internet Agent Remote Buffer Overflow Exploit This module exploits an off-by-one condition by sending a specially crafted RCPT verb argument to a Novell GroupWise Internet Agent. CVE-2009-0410 Exploits/Remote Windows
PHPMyAdmin Server_databases Remote Code Execution Exploit This module exploits a vulnerability in PHPMyAdmin. server_databases.php fails when it attemps to sanitize the sort_by parameter. It allows an attacker to inject code, and execute it on the web server with www-data privileges. CVE-2008-4096 Exploits/Remote Linux
Adobe Reader JBIG2Decode Memory Corruption Exploit This module exploits an array indexing vulnerability in Adobe Reader when handling a specially crafted PDF file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-0658 Exploits/Client Side Windows
Microsoft HTML Help Workshop HHP Buffer Overflow Exploit This module exploits a vulnerability in Microsoft HTML Workshop. The vulnerability is caused due to a boundary error in Microsoft HTML Help Workshop within the processing of .HHP files. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened. CVE-2006-0564 Exploits/Client Side Windows
VLC Media Player RealText Processing Stack Overflow Exploit This module exploits a vulnerability in VideoLan Media Player (VLC). A stack-based buffer overflow in the ParseRealText function in the Subtitle demux plugin (modules\demux\subtitle.c) in VLC Media Player 0.9.4 allows remote attackers to execute arbitrary code via a realtext RT media file with a header containing a crafted size value. CVE-2008-5036 Exploits/Client Side Windows
EasyHDR FITS Buffer Overflow Exploit A stack-based buffer overflow in easyHDR PRO allows an attacker to execute arbitrary code via an invalid Flexible Image Transport System (FITS) file. CVE-2009-0254 Exploits/Client Side Windows
SNORT SMB Fragmentation Buffer Overflow Exploit Update 2 This module exploits a stack buffer overflow vulnerability in the Sourcefire Snort DCE/RPC preprocessor. An unauthenticated, remote attacker can exploit this vulnerability to execute arbitrary code with the privileges of the Snort process. This update improves the reliability for Redhat Enterprise Linux 4 and FreeBSD 6.2 on Impact 8.0 CVE-2006-5276 Exploits/Remote Linux, FreeBSD
Total Video Player M3U Playlist Buffer Overflow Exploit Total Video Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Total Video Player when handling .M3U files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .M3U file CVE-2007-0949 Exploits/Client Side Windows
RealNetworks Helix DNA Server Remote Heap Overflow Exploit This module exploits a remote heap overflow in the Helix DNA Server (rmserver.exe) by sending a specially crafted RTSP packet to the 554/TCP port. CVE-2008-5911 Exploits/Remote Windows
Microsoft Internet Explorer CFunctionPointer Memory Corruption Exploit (MS09-002) This module exploits a memory corruption vulnerability in Internet Explorer 7 when handling a malformed HTML document. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-0075 Exploits/Client Side Windows
Moodle Tex Filter Remote Code Execution Exploit A Remote Code Execution (RCE) vulnerability has been found in filter/tex/texed.php. Due to the fact this file does not properly check the input parameters, it is possible to exploit this vulnerability in order to execute arbitrary commands on the target server. This module starts a web server on the CORE IMPACT Console to publish the agent, which is downloaded from the target. In order to exploit this vulnerability register_globals must be enabled (in PHP) and the TeX Notation filter in Moodle must be turned on. NOCVE-9999-35969 Exploits/Remote Linux
Mantis Manage_proj_page Remote Code Execution This module exploits a Remote Code Execution vulnerability in Mantis version 1.1.3 caused by Mantis handling the sort parameter in manage_proj_page without the proper validation. This allows for remote code execution on Mantis' Web server. CVE-2008-4687 Exploits/Remote Linux
Mercury SMTPD CRAM-MD5 Pre-Auth Buffer Overflow Exploit Update This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 SMTP Server Module (mercurys.dll) when processing arguments to the AUTH CRAM-MD5 command. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. This update adds support for DEP (Data Execution Prevention). CVE-2007-4440 Exploits/Remote Windows