Exploits and Security Updates to Core Impact Threat Intelligence

Exploits and Security Updates to Core Impact Threat Intelligence

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
Microsoft Windows Print Spooler Load Library Vulnerability Exploit (MS09-022) This module takes advantage of an insufficient library path check in spoolsv.exe service loading a dll with system user privileges. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-0230 Exploits/Local Windows
ProFTPD Controls Buffer Overflow Exploit update The internal stack may be overrun using the controls module with a special crafted control sequence. This condition can be exploited by attackers to ultimately execute instructions with the privileges of the ProFTPD process, typically administrator or system. CVE-2006-6563 Exploits/Local Linux
Microsoft Windows Win32k Privilege Escalation Exploit (MS16-135) Update 2 This module exploits a vulnerability in win32k.sys. By forcing an invalid combination of window style and window menu a local attacker can trigger a kernel arbitrary write and elevate privileges. This update adds support to Windows 2008 (32 and 64 bits) and Windows 2008 R2 (64 bits) CVE-2016-7255 Exploits/Local Windows
Microsoft Windows SystemDefaultEUDCFont Privilege Escalation Exploit Update This module exploits a privilege escalation vulnerability in Microsoft Windows by setting a specially crafted SystemDefaultEUDCFont value in the HKEY_CURRENT_USER\EUDC Registry key, and then calling EnableEUDC() function in GDI32 library. It will enable local unprivileged users to gain SYSTEM privileges. This update adds support for Windows Vista and Windows Server 2008. CVE-2010-4398 Exploits/Local Windows
Libdbus DBUS_SYSTEM_BUS_ADDRESS Variable Local Privilege Escalation Libdbus 1.5.x and earlier, when used in setuid processes not clearing the environment variables, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. CVE-2012-3524 Exploits/Local Linux
Linux X.org MIT-SHM Extension Privilege Escalation Exploit This module exploits a integer overflow condition on local X.org servers with MIT-SHM extension activated. CVE-2007-6429 Exploits/Local Linux
Mac OS X i386_set_ldt Vulnerability Local Privilege Escalation Exploit This module exploits a vulnerability on "i386_set_ldt" function of "mach_kernel" creating a "call gate" entry in the LDT. CVE-2011-0182 Exploits/Local Mac OS X
Microsoft Windows Shell File Association Vulnerability Exploit (MS14-027) Update When the "HKEY_CURRENT_USER\Software\Classes\exefile" registry key is modified by this exploit and a Windows or third party service calls to the "ShellExecute" function, an invalid association file is produced, finalizing the attack with the execution of a crafted program instead of the original program. This update fixes a regression introduced in version 2016_R1. CVE-2014-1807 Exploits/Local Windows
FreeBSD X.Org libXfont BDF Privilege Escalation Exploit The bdfReadCharacters() function in the libXfont component of X.Org is prone to a stack-based buffer overflow vulnerability when parsing a specially crafted BDF font file. This vulnerability can be exploited by a local unprivileged attacker to gain root privileges. CVE-2013-6462 Exploits/Local FreeBSD
Panda Internet Security RKPavProc.sys Privilege Escalation Exploit This module exploits a buffer overflow vulnerability in Panda Internet Security RKPavProc.sys driver when handling a specially crafted IOCTL request. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. NOCVE-9999-44499 Exploits/Local Windows
FreeBSD NFS Client Privilege Escalation Exploit The NFS client subsystem in FreeBSD fails to correctly validate the length of a parameter provided by the user when a filesystem is mounted. This may cause a kernel stack overflow that can be exploited by local users to gain root privileges. CVE-2010-2020 Exploits/Local FreeBSD
Novell Client 2 NICM.SYS Privilege Escalation Exploit This module exploits a vulnerability in the NICM.SYS driver shipped with Novell Client 2 when handling specially crafted IOCTL requests. CVE-2013-3956 Exploits/Local Windows
Linux Kernel netfilter target_offset Privilege Escalation Exploit This module exploits a vulnerability in the Linux kernel related to the netfilter target_offset field. This vulnerability can be exploited by a local unprivileged attacker to gain root privileges. NOCVE-9999-74999 Exploits/Local Linux
Xorg Privilege Escalation Exploit X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. CVE-2006-0745 Exploits/Local none
ZoneAlarm VSDATANT IOCTL Handler Privilege Escalation Exploit Update This module exploits a vulnerability in ZoneAlarm products when the 0x8400000F function is invoked with a specially crafted parameter. The IOCTL 0x8400000F handler in the VSDATANT.SYS device driver in ZoneAlarm products allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain escalated privileges. This update adds support for Windows XP SP3. CVE-2007-4216 Exploits/Local Windows
WinPcap NPF.SYS IOCTL Handler Privilege Escalation Exploit Windows 2003 Support This module exploits a vulnerability in WinPcap. The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. This update adds support for Windows 2003. CVE-2007-3681 Exploits/Local Windows
Microsoft Windows Tracing Registry Key ACL Privilege Escalation Exploit (MS10-059) An elevation of privilege vulnerability exists when Windows places incorrect access control lists (ACLs) on the registry keys for the Tracing Feature for Services. The vulnerability allows local attackers running code under an account with impersonation rights, like NETWORK SERVICE, to gain SYSTEM privileges. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-2554 Exploits/Local Windows
Microsoft Windows Print Spooler Load Library Vulnerability Exploit (MS09-022) Update This Update adds support to Microsoft Windows XP and 2003. This module takes advantage of an insufficient library path check in spoolsv.exe service to load a dll from an arbitrary directory with System user privileges. CVE-2009-0230 Exploits/Local Windows
Apple Mac OS X DYLD_PRINT_TO_FILE Privilege Escalation Exploit This module exploits a vulnerability present in Mac OS X. dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain root privileges via the DYLD_PRINT_TO_FILE environment variable. CVE-2015-3760 Exploits/Local Mac OS X
Microsoft Windows Ancillary Function Driver Double Free Vulnerability Exploit (MS14-040) This module exploits a double-free vulnerability in "afd.sys" by calling to "AfdTransmiteFile" function with crafted parameters. CVE-2014-1767 Exploits/Local Windows
Microsoft NtUserMessageCall Kernel Privilege Escalation Exploit (MS08-025) An elevation of privilege vulnerability exists due to the Windows kernel improperly validating input passed from user mode to the kernel. The vulnerability could allow an attacker to run code with elevated privileges. CVE-2008-1084 Exploits/Local Windows
Mac OS X smcFanControl Local Privilege Escalation Exploit This module exploits a buffer overflow vulnerability in smcFanControl on Apple Mac OS X 10.4.x when the software is installed with setuid root. An attacker can exploit this vulnerability to obtain root privileges. CVE-2008-6252 Exploits/Local Mac OS X
Sudoedit Privilege Escalation Exploit Update This module exploits a missing verification of the path in the command "sudoedit", provided by the sudo package. This can be exploited to execute any command as root including a shell, allowing an unprivileged process to elevate its privileges to root. This update adds OSX 10.6 (Snow Leopard) as supported target. CVE-2010-0426 Exploits/Local Solaris, AIX, Linux, FreeBSD, OpenBSD, Mac OS X
Microsoft Windows Win32k Keyboard Layout Vulnerability Exploit (MS12-034) This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters. When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption. CVE-2012-0181 Exploits/Local Windows
PAM Motd Privilege Escalation Exploit PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps.A local attacker could exploit this to gain root privileges. CVE-2010-0832 Exploits/Local Linux
AIX Pioout Local Buffer Overflow Privilege Escalation Exploit AIX Pioout is prone to a vulnerability that allows attackers to execute arbitrary code with superuser privileges. This is due to insecure permissions shared libraries. CVE-2007-5764 Exploits/Local AIX
Microsoft Windows AFD Driver Local Privilege Escalation Exploit (MS08-066) Update This module exploits a vulnerability in Windows Ancillary function driver when the 0x1203F IOCTL in afd.sys is invoked with a specially crafted parameter. The IOCTL 0x1203F handler in the afd.sys function driver allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. This update adds support for Windows 2003. CVE-2008-3464 Exploits/Local Windows
Avast Antivirus ASWMON.SYS Privilege Escalation Exploit This module exploits a vulnerability in Avast Antivirus ASWMON.SYS driver when handling a specially crafted IOCTL request. The vulnerability allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. CVE-2009-3522 Exploits/Local Windows
AIX update_flash PATH usage exploit This module exploits a untrusted search path vulnerability in update_flash for IBM AIX. CVE-2006-2647 Exploits/Local AIX
Microsoft Windows COM Aggregate Marshaler Type Confusion Exploit An elevation of privilege exists in Windows COM Aggregate Marshaler. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. CVE-2017-0213 Exploits/Local Windows