Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Titlesort descending Description Vulnerabilty Category Platform
Apache Tomcat buffer overflow exploit update This module exploits a buffer overflow vulnerability in the Apache Tomcat JK Web Server Connector and installs an agent. An attacker can use an overly long URL to trigger a buffer overflow in the URL work map routine (map_uri_to_worker()) in the mod_jk.so library, resulting in the compromise of the target system. This package improves the reliability of the exploit. CVE-2007-0774 Exploits/Remote Linux
Apache Tomcat readonly Initialisation Parameter JSP Remote Code Execution Exploit Apache Tomcat allows the upload of JSP files to unauthenticated users via a specially crafted request when the readonly initialization parameter of the Default servlet is set to false. CVE-2017-12617 Exploits/Remote Windows, Linux
Apple CUPS HP-GL2 filter Remote Code Execution Exploit This module exploits a specific flaw in the Hewlett-Packard Graphics Language filter. Inadequate bounds checking on the pen width and pen color opcodes result in an arbitrary memory overwrite allowing for the execution of arbitrary code as the "hgltops" process uid. CVE-2008-3641 Exploits/Remote Mac OS X
Apple CUPS HP-GL2 filter Remote Code Execution Exploit Update This module exploits a specific flaw in the Hewlett-Packard Graphics Language filter. Inadequate bounds checking on the pen width and pen color opcodes result in an arbitrary memory overwrite allowing for the execution of arbitrary code as the "hgltops" process uid. -Linux Support added CVE-2008-3641 Exploits/Remote Linux, Mac OS X
Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer DoS This module exploits a vulnerability in Apple CUPS, when handling the IPP_TAG_UNSUPPORTED which could be exploited by attackers to cause a remote pre-authentication denial of service. CVE-2009-0949 Denial of Service/Remote Linux, Mac OS X
Apple iTunes ITMS Buffer Overflow Exploit This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple iTunes. The specific flaw exists in the URL handlers associated with iTunes. When processing URLs via the protocol handlers ITMS, ITMSS, DAAP, PCAST, and ITPC an exploitable stack overflow occurs. CVE-2009-0950 Exploits/Client Side Windows
Apple Itunes M3U File Buffer Overflow Exploit Apple Itunes is prone to a buffer-overflow when handling M3U files with an overly long string. CVE-2012-0677 Exploits/Client Side Windows
Apple iTunes PLS File Stack Overflow Exploit Apple iTunes is prone to a buffer-overflow vulnerability because the software fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. CVE-2009-2817 Exploits/Client Side Mac OS X
Apple Mac OS X ATSServer CFF CharStrings INDEX Sign Mismatch Exploit A sign mismatch error exist in ATSServer when handling the last offset value of the CharStrings INDEX structure. CVE-2010-4010 Exploits/Client Side Mac OS X
Apple Mac OS X ATSServer CFF CharStrings INDEX Sign Mismatch Exploit Update This update fixes the previously assigned CVE. CVE-2010-4010 Exploits/Client Side Mac OS X
Apple Mac OS X DirectoryService AllocFromProxyStruct Buffer Underflow DoS This module exploits a vulnerability in the Mac OS X DirectoryService by sending a specially crafted packet to the 625/TCP port. CVE-2013-0984 Denial of Service/Remote Mac OS X
Apple Mac OS X DirectoryService SwapProxyMessage Unchecked objOffset Remote DoS This module exploits a vulnerability in Mac OS X Directory Service Proxy by sending a crafted packet to port TCP 625, causing a denial of service effect. CVE-2012-0650 Denial of Service/Remote Mac OS X
Apple Mac OS X DYLD_PRINT_TO_FILE Privilege Escalation Exploit This module exploits a vulnerability present in Mac OS X. dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain root privileges via the DYLD_PRINT_TO_FILE environment variable. CVE-2015-3760 Exploits/Local Mac OS X
Apple Mac OS X HFS Plus Local Privilege Escalation Exploit XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler. This allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls. CVE-2009-1235 Exploits/Local Mac OS X
Apple Mac OS X Samba NetWkstaTransportEnum Request Remote Buffer Overflow Exploit This module exploits a vulnerability in Mac OS X Samba server. When a specially crafted call to "NetWkstaTransportEnum" RPC function is processed by the Samba server, it produces a heap overflow. CVE-2012-1182 Exploits/Remote Mac OS X
Apple Mac OS X Samba NetWkstaTransportEnum Request Remote Buffer Overflow Exploit Update This module exploits a vulnerability in Mac OS X Samba server. When a specially crafted call to "NetWkstaTransportEnum" RPC function is processed by the Samba server, it produces a heap overflow. This update adds support to Mac OSX 10.6.0 to 10.6.7 ( Server and not server versions ). Besides, this update improves the exploitation by reverting the Samba server impersonation and installing an agent with root privileges in all Mac OSX supported versions. CVE-2012-1182 Exploits/Remote Mac OS X
Apple Mac OS X XPC Entitlements Local Privilege Escalation Exploit The Admin framework in Apple OS X contains a hidden backdoor API to gain root privileges. A local user can exploit this flaw in the checking of XPC entitlements. CVE-2015-1130 Exploits/Local Mac OS X
Apple QuickTime H264 Movie Files Buffer Overflow Exploit The vulnerability exists within the way Quicktime parse h264 movies. The application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. CVE-2011-0247 Exploits/Client Side Windows
Apple Quicktime Invalid Atom Length Buffer Overflow Exploit Buffer Overflow when Quicktime fails to properly handle the data length for certain atoms such as 'rdrf' or 'dref' in the Alis record by loading a specially crafted .MOV file. CVE-2013-1017 Exploits/Client Side Windows
Apple QuickTime Java toQTPointer code execution exploit update This package updates the Apple QuickTime Java toQTPointer code execution exploit module. CVE-2007-2175 Exploits/Client Side Windows
Apple QuickTime Java toQTPointer() code execution exploit This module exploits a memory corruption vulnerability in the Java QuickTime for Java (QtJava.dll) browser plug-in. The module runs a malicious web server on the CORE IMPACT Console and waits for an unsuspecting user(s) to connect to it with a Java-enabled browser using the vulnerable plug-in. When a user connects to the site they trigger the exploit and the module attempts to install an agent on their computer. CVE-2007-2175 Exploits/Client Side Windows
Apple QuickTime Java toQTPointer() code execution exploit update This module exploits a memory corruption vulnerability in the Java QuickTime for Java (QtJava.dll) browser plug-in. The module runs a malicious web server on the CORE IMPACT Console and waits for an unsuspecting user(s) to connect to it with a Java-enabled browser using the vulnerable plug-in. When a user connects to the site they trigger the exploit and the module attempts to install an agent on their computer. This update adds support for Safari browser in Mac OS X (i386) and adds Opera support in Windows. CVE-2007-2175 Exploits/Client Side Windows
Apple QuickTime MIME Type Buffer Overflow Exploit A buffer overflow in the Apple QuickTime plugin allows remote attackers to execute arbitrary code via a specially crafted MIME type. CVE-2012-3753 Exploits/Client Side Windows
Apple QuickTime PICT File PnSize Buffer Overflow Exploit The vulnerability exists within the way Quicktime handles the PnSize PICT opcode. It converts an unsigned 16 bit value into a signed 32 bit value, this is later used as the size parameter for a memory copy function that copies from the file onto the stack. The results in a stack based buffer overflow that allows for remote code execution under the context of the current user. CVE-2011-0257 Exploits/Client Side Windows
Apple QuickTime QTVR QTVRStringAtom Buffer Overflow Exploit The vulnerability exists within the QuickTimeVR.qtx component when processing a QTVRStringAtom having an overly large "stringLength" parameter. This can be exploited to cause a based buffer overflow and execute arbitrary code under the context of the user running the application. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2012-0667 Exploits/Client Side Windows
Apple QuickTime QTVR QTVRStringAtom Buffer Overflow Exploit Update The vulnerability exists within the QuickTimeVR.qtx component when processing a QTVRStringAtom having an overly large "stringLength" parameter. This can be exploited to cause a based buffer overflow and execute arbitrary code under the context of the user running the application. This update adds support for Internet Explorer 6 and 8 and bypass DEP. Also allows to send the mov file by email to open it directly with QuickTimePlayer. CVE-2012-0667 Exploits/Client Side Windows
Apple QuickTime Style Elements TeXML Stack Buffer Overflow Exploit Buffer Overflow when handling an attribute of style elements can be exploited when Quick Player handles a specially crafted TeXML file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2012-3754 Exploits/Client Side Windows
Apple QuickTime Style Elements TeXML Stack Buffer Overflow Exploit Update Buffer Overflow when handling an attribute of style elements can be exploited when Quick Player handles a specially crafted TeXML file. This update corrects CVE. CVE-2012-3754 Exploits/Client Side Windows
Apple QuickTime TeXML Stack Buffer Overflow Exploit A vulnerability found in Apple QuickTime Player when handling a crafted TeXML file, it is possible to trigger a stack-based buffer overflow. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2012-0663 Exploits/Client Side Windows
Apple QuickTime TeXML Stack Buffer Overflow Exploit Update A vulnerability found in Apple QuickTime Player when handling a crafted TeXML file, it is possible to trigger a stack-based buffer overflow. This update bypass DEP for Internet Explorer 8 support and for execute the mov file directly in Quicktime player. CVE-2012-0663 Exploits/Client Side Windows