Core Impact Pro Exploits and Security Updates

Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Titlesort descending Description Vulnerabilty Category Platform
Apple Mac OS X ATSServer CFF CharStrings INDEX Sign Mismatch Exploit A sign mismatch error exist in ATSServer when handling the last offset value of the CharStrings INDEX structure. CVE-2010-4010 Exploits/Client Side Mac OS X
Apple Mac OS X ATSServer CFF CharStrings INDEX Sign Mismatch Exploit Update This update fixes the previously assigned CVE. CVE-2010-4010 Exploits/Client Side Mac OS X
Apple Mac OS X DirectoryService AllocFromProxyStruct Buffer Underflow DoS This module exploits a vulnerability in the Mac OS X DirectoryService by sending a specially crafted packet to the 625/TCP port. CVE-2013-0984 Denial of Service/Remote Mac OS X
Apple Mac OS X DirectoryService SwapProxyMessage Unchecked objOffset Remote DoS This module exploits a vulnerability in Mac OS X Directory Service Proxy by sending a crafted packet to port TCP 625, causing a denial of service effect. CVE-2012-0650 Denial of Service/Remote Mac OS X
Apple Mac OS X DYLD_PRINT_TO_FILE Privilege Escalation Exploit This module exploits a vulnerability present in Mac OS X. dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain root privileges via the DYLD_PRINT_TO_FILE environment variable. CVE-2015-3760 Exploits/Local Mac OS X
Apple Mac OS X HFS Plus Local Privilege Escalation Exploit XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler. This allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls. CVE-2009-1235 Exploits/Local Mac OS X
Apple Mac OS X Samba NetWkstaTransportEnum Request Remote Buffer Overflow Exploit This module exploits a vulnerability in Mac OS X Samba server. When a specially crafted call to "NetWkstaTransportEnum" RPC function is processed by the Samba server, it produces a heap overflow. CVE-2012-1182 Exploits/Remote Mac OS X
Apple Mac OS X Samba NetWkstaTransportEnum Request Remote Buffer Overflow Exploit Update This module exploits a vulnerability in Mac OS X Samba server. When a specially crafted call to "NetWkstaTransportEnum" RPC function is processed by the Samba server, it produces a heap overflow. This update adds support to Mac OSX 10.6.0 to 10.6.7 ( Server and not server versions ). Besides, this update improves the exploitation by reverting the Samba server impersonation and installing an agent with root privileges in all Mac OSX supported versions. CVE-2012-1182 Exploits/Remote Mac OS X
Apple Mac OS X XPC Entitlements Local Privilege Escalation Exploit The Admin framework in Apple OS X contains a hidden backdoor API to gain root privileges. A local user can exploit this flaw in the checking of XPC entitlements. CVE-2015-1130 Exploits/Local Mac OS X
Apple QuickTime H264 Movie Files Buffer Overflow Exploit The vulnerability exists within the way Quicktime parse h264 movies. The application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. CVE-2011-0247 Exploits/Client Side Windows
Apple Quicktime Invalid Atom Length Buffer Overflow Exploit Buffer Overflow when Quicktime fails to properly handle the data length for certain atoms such as 'rdrf' or 'dref' in the Alis record by loading a specially crafted .MOV file. CVE-2013-1017 Exploits/Client Side Windows
Apple QuickTime Java toQTPointer code execution exploit update This package updates the Apple QuickTime Java toQTPointer code execution exploit module. CVE-2007-2175 Exploits/Client Side Windows
Apple QuickTime Java toQTPointer() code execution exploit This module exploits a memory corruption vulnerability in the Java QuickTime for Java (QtJava.dll) browser plug-in. The module runs a malicious web server on the CORE IMPACT Console and waits for an unsuspecting user(s) to connect to it with a Java-enabled browser using the vulnerable plug-in. When a user connects to the site they trigger the exploit and the module attempts to install an agent on their computer. CVE-2007-2175 Exploits/Client Side Windows
Apple QuickTime Java toQTPointer() code execution exploit update This module exploits a memory corruption vulnerability in the Java QuickTime for Java (QtJava.dll) browser plug-in. The module runs a malicious web server on the CORE IMPACT Console and waits for an unsuspecting user(s) to connect to it with a Java-enabled browser using the vulnerable plug-in. When a user connects to the site they trigger the exploit and the module attempts to install an agent on their computer. This update adds support for Safari browser in Mac OS X (i386) and adds Opera support in Windows. CVE-2007-2175 Exploits/Client Side Windows
Apple QuickTime MIME Type Buffer Overflow Exploit A buffer overflow in the Apple QuickTime plugin allows remote attackers to execute arbitrary code via a specially crafted MIME type. CVE-2012-3753 Exploits/Client Side Windows
Apple QuickTime PICT File PnSize Buffer Overflow Exploit The vulnerability exists within the way Quicktime handles the PnSize PICT opcode. It converts an unsigned 16 bit value into a signed 32 bit value, this is later used as the size parameter for a memory copy function that copies from the file onto the stack. The results in a stack based buffer overflow that allows for remote code execution under the context of the current user. CVE-2011-0257 Exploits/Client Side Windows
Apple QuickTime QTVR QTVRStringAtom Buffer Overflow Exploit The vulnerability exists within the QuickTimeVR.qtx component when processing a QTVRStringAtom having an overly large "stringLength" parameter. This can be exploited to cause a based buffer overflow and execute arbitrary code under the context of the user running the application. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2012-0667 Exploits/Client Side Windows
Apple QuickTime QTVR QTVRStringAtom Buffer Overflow Exploit Update The vulnerability exists within the QuickTimeVR.qtx component when processing a QTVRStringAtom having an overly large "stringLength" parameter. This can be exploited to cause a based buffer overflow and execute arbitrary code under the context of the user running the application. This update adds support for Internet Explorer 6 and 8 and bypass DEP. Also allows to send the mov file by email to open it directly with QuickTimePlayer. CVE-2012-0667 Exploits/Client Side Windows
Apple QuickTime Style Elements TeXML Stack Buffer Overflow Exploit Buffer Overflow when handling an attribute of style elements can be exploited when Quick Player handles a specially crafted TeXML file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2012-3754 Exploits/Client Side Windows
Apple QuickTime Style Elements TeXML Stack Buffer Overflow Exploit Update Buffer Overflow when handling an attribute of style elements can be exploited when Quick Player handles a specially crafted TeXML file. This update corrects CVE. CVE-2012-3754 Exploits/Client Side Windows
Apple QuickTime TeXML Stack Buffer Overflow Exploit A vulnerability found in Apple QuickTime Player when handling a crafted TeXML file, it is possible to trigger a stack-based buffer overflow. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2012-0663 Exploits/Client Side Windows
Apple QuickTime TeXML Stack Buffer Overflow Exploit Update A vulnerability found in Apple QuickTime Player when handling a crafted TeXML file, it is possible to trigger a stack-based buffer overflow. This update bypass DEP for Internet Explorer 8 support and for execute the mov file directly in Quicktime player. CVE-2012-0663 Exploits/Client Side Windows
Apple QuickTime text3GTrack attribute TeXML Stack Buffer Overflow Exploit Buffer Overflow when handling an attribute of "text3GTrack" elements can be exploited when Quick Player handles a specially crafted TeXML file. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2012-3753 Exploits/Client Side Windows
Apple QuickTime text3GTrack attribute TeXML Stack Buffer Overflow Exploit Update Buffer Overflow when handling an attribute of "text3GTrack" elements can be exploited when Quick Player handles a specially crafted TeXML file. This update adds the correct CVE information. CVE-2012-3753 Exploits/Client Side Windows
Apple QuickTime _Marshaled_pUnk Backdoor Param Arbitrary Code Execution Exploit QuickTime has a backdoor in QTPlugin.ocx implemented during development cycle, this can be used by execute arbitrary code under the context of the browser. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-1818 Exploits/Client Side Windows
Apple QuickTime _Marshaled_pUnk Backdoor Param Arbitrary Code Execution Exploit Update QuickTime has a backdoor in QTPlugin.ocx implemented during development cycle, this can be used by execute arbitrary code under the context of the browser. This version add CVE. CVE-2010-1818 Exploits/Client Side Windows
Apple Safari parent.close Code Execution Exploit The vulnerability is caused due to an error in the handling of parent windows and can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-1939 Exploits/Client Side Windows
Apple Safari parent.close Code Execution Exploit Update The vulnerability is caused due to an error in the handling of parent windows and can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows. This update correct Linux support error. CVE-2010-1939 Exploits/Client Side Windows
Apple Safari Use-After-Free Rtl Exploit A use-after-free vulnerability in WebKit/Apple Safari (in versions prior to 4.0.5) allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality. CVE-2010-0049 Exploits/Client Side Windows
Apple Safari Webkit libxslt Arbitrary File Creation WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. CVE-2011-1774 Exploits/Client Side Mac OS X