This module exploits a vulnerability in various ASUS and 3rd party branded utilities. The low level access drivers at the core of these utilities expose dangerous functionality to low privilege processes, a local attacker can read/write arbitrary kernel memory, which can be leveraged to elevate privileges.
This module exploits a vulnerability in various ASROCK utilities. The low level access drivers at the core of these utilities expose dangerous functionality to low privilege processes, a local attacker can read/write arbitrary kernel memory, which can be leveraged to elevate privileges.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
A stack-based buffer overflow in WECON LeviStudioU Editor allows an attacker to execute arbitrary code via crafted Project file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
The vulnerability is caused due to a boundary error when handling .PLS files. This can be exploited to cause a stack-based buffer overflow via a specially crafted file of said extension.
This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting an invalid pointer reference in Internet Explorer.
The vulnerability is caused due to a boundary error when handling .M3U files. This can be exploited to cause a stack-based buffer overflow via a specially crafted file of said extension.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Microsoft Windows Shell does not properly sanitize special characters in a URI, allowing to open a dangerous files. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
Microsoft Windows Shell does not properly validate file paths, allowing the execution of ".SettingContent-ms" files from outside the "ImmersiveControlPanel" folder. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.