Exploits and Security Updates to Core Impact Threat Intelligence

Exploits and Security Updates to Core Impact Threat Intelligence

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Titlesort descending Description Vulnerabilty Category Platform
Rockwell Automation Connected Components Workbench Arbitrary Write Exploit The specific flaw exists within the RA.ViewElements.Row.1 ActiveXControl method (PanelDevice.dll). By providing a malicious value to the BackColor property. CVE-2014-5424 Exploits/Client Side Windows
Rosoft Media Player M3U Buffer Overflow Exploit Update Rosoft Media Player is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input of M3U files. This update adds support till the last version of the program.(4.2.1 and 4.3.1) CVE-2007-6478 Exploits/Client Side Windows
Rosoft Media Player M3U Stack-Based Buffer Overflow Exploit Rosoft Media Player is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input of M3U files. CVE-2007-6478 Exploits/Client Side Windows
RPT exploits ordering improvements With this update, RPT will prioritize newer exploits when attacking a target. CVE-2011-1567 Exploits/Remote Windows, AIX, Linux, Mac OS X, Solaris, FreeBSD
RPT Remote Exploits Timeout Update This update corrects timeouts in different remote exploits. CVE-2007-6377 Exploits/Remote Windows
RSH Daemon for Windows Remote Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in the Windows RSH application (rshd.exe). The module sends a specially crafted packet to port 514/tcp and installs an agent if successful. CVE-2007-4005 Exploits/Remote Windows
RTCore Privilege Escalation Exploit This module exploits a vulnerability in Rivatuner's core (Rivatuner*.sys, RTCore*.sys), a driver used by hardware tweaking apps Rivatuner, MSI Afterburner, EVGA Presicion X (and possibly others). During app operation, the driver is loaded and used to read and write physical memory, MSR registers, io ports, etc. This module abuses said functionality to escalate privileges. NOCVE-9999-80526 Exploits/Local Windows
Ruby on Rails Action Pack Inline Exec Exploit Action Pack in Ruby on Rails allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method. CVE-2016-2098 Exploits/OS Command Injection/Known Vulnerabilities Linux
Ruby on Rails Action View Directory Traversal Exploit This vulnerability allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method. Combining this with log injection, remote code execution can be achieved. CVE-2016-0752 Exploits/OS Command Injection/Known Vulnerabilities Linux
SAdminD Buffer Overflow Exploit This modules exploits a stack buffer overflow of the sadmind daemon, and installs an agent as root. CVE-2008-4556 Exploits/Remote Solaris
SAdminD Buffer Overflow Exploit Update This modules exploits a stack buffer overflow of the sadmind daemon, and installs an agent as root. This update fix an issue when the module is launched from the Network Attack and Penetration Wizard. CVE-2008-4556 Exploits/Remote Solaris
Safari File Policy Exploit A policy issue existed in Apple Safari before 5.1 when handling of file:// URLs. CVE-2011-3230 Exploits/Client Side Mac OS X
Safari Webkit SVG Memory Corruption Exploit Webkit, as used in Apple Safari before 5.06 is prone to a memory corruption vulnerability caused by a web site with a crafted SVG graphic. This allows remote attackers to execute arbitrary code. CVE-2011-1453 Exploits/Client Side Windows
Safenet SoftRemote IKE Service Remote Buffer Overflow Exploit This module exploits a remote stack-based buffer overflow in the Safenet IKE Service (included in several VPN clients) by sending a specially crafted packet to UDP port 62514. CVE-2009-1943 Exploits/Remote Windows
SafeNet SoftRemote Policy File Buffer Overflow Exploit The vulnerability is caused due to a boundary error when processing certain sections of .SPD (policy) files. Passing an overly long string to either "TREENAME" or "GROUPNAME" CVE-2009-3861 Exploits/Client Side Windows
Samba LsarSetInformationPolicy Request Remote Buffer Overflow Exploit This module exploits a heap overflow bug in Samba Server by sending a crafted request packet via DCERPC call. CVE-2012-1182 Exploits/Remote Linux
Samba LsarSetInformationPolicy Request Remote Buffer Overflow Exploit Update This update adds support to Debian 6.0.0 and adds support for attacking IPv6 targets. This module exploits a heap overflow bug in Samba Server by sending a crafted request packet via DCERPC call. CVE-2012-1182 Exploits/Remote Linux
Samba LsarSetInformationPolicy Request Remote Buffer Overflow Exploit Update 2 This module exploits a heap overflow vulnerability in Samba Server by sending a crafted request packet via DCERPC call. This update adds support to Debian 5 (32 bits and 64 bits). CVE-2012-1182 Exploits/Remote Linux
Samba lsa_io_trans_names buffer overflow exploit This module exploits a buffer overflow vulnerability when parsing RPC requests through the LSA RPC interface in Samba 3.x. The exploit is triggered by sending a specially crafted RPC LsarLookupSids request to a vulnerable computer. CVE-2007-2446 Exploits/Remote Solaris, Linux
Samba nttrans Exploit Update This update improves reliability on Solaris. CVE-2003-0085 Exploits/Remote Solaris, Linux
Samba Username Map Script Command Injection Exploit The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the SamrChangePassword function, when the "username map script" smb.conf option is enabled. CVE-2007-2447 Exploits/Remote Linux
Samba Username Map Script Command Injection Exploit Update The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the SamrChangePassword function, when the "username map script" smb.conf option is enabled. This update adds Solaris support. CVE-2007-2447 Exploits/Remote Solaris, Linux
Sami FTP Server Authentication Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the authentication process. This can be exploited to cause a stack-based buffer overflow by sending an overly long, specially-crafted password to the affected server and waiting for the administrator of Sami FTP Server to set focus on the GUI of the program in order to deploy an agent. CVE-2006-2212 Exploits/Remote Windows
Samsung iPOLiS Device Manager XnsSdkDeviceIpInstaller DeleteDeviceProfile Method Stack Buffer Overflow Exploit By providing a malicious value when handling l DeleteDeviceProfile method, an attacker may be control the execution flow on the target. The attacker may then execute code on the target device remotely. CVE-2014-3911 Exploits/Client Side Windows
Samsung Security Manager Apache Felix Gogo Vulnerability Local Privilege Escalation Exploit Samsung Security Manager is prone to a privilege-escalation vulnerability that affects Apache Felix Gogo runtime. Due to an insecure default installation of the runtime, an attacker could then send commands that will be executed by the mentioned runtime. NOCVE-9999-80838 Exploits/Local Windows
SAP AG SAPgui EAI WebViewer3D Buffer Overflow Exploit This module exploits a stack overflow in Siemens Unigraphics Solutions Teamcenter Visualization EAI WebViewer3D ActiveX control that is bundled with SAPgui. When parsing an overly long string the SaveViewToSessionFile() method, arbitrary code may be executed. CVE-2007-4475 Exploits/Client Side Windows
SAP DB WebTools Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in the waHTTP.exe (SAP DB Web Server) component included with the SAP DB. The exploit is triggered by sending an unauthenticated, specially crafted HTTP request to the default port 9999/TCP. CVE-2007-3614 Exploits/Remote Windows
SAP GUI SAPLPD Multiple Command Buffer Overflow Exploit Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands. CVE-2008-0621 Exploits/Remote Windows
SAP MaxDB Malformed Handshake Request Exploit This module exploits a stack buffer overflow vulnerability in SAP MaxDB by sending a specially crafted packet to 7210/TCP port. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-1185 Exploits/Remote Windows
SAP MaxDB Malformed Handshake Request Exploit Update This module exploits a stack buffer overflow vulnerability in SAP MaxDB by sending a specially crafted packet to 7210/TCP port. This update improves reliability. CVE-2010-1185 Exploits/Remote Windows