This module exploits a vulnerability in Microsoft Office Word. The flaw is related in how Microsoft Word handles OleLink objects. It is possible to open a RTF file and execute arbitrary code in vulnerables installations of Microsoft Office Word.



This vulnerability was originally seen being exploited in the wild starting in October 2016.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

ErraticGopher exploits a memory corruption (seems to be a Heap Overflow) in the Windows DCE-RPC Call MIBEntryGet.

This version adds XP SP3 support.

Disk Sorter Enterprise server is prone to a buffer-overflow vulnerability when handling a crafted GET request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.

ErraticGopher exploits a memory corruption (seems to be a Heap Overflow) in the Windows DCE-RPC Call MIBEntryGet.

This module detects if MS17-010 is whether patched or not in a remote host.

This module exploits two vulnerabilities in Trend Micro Threat Discovery Appliance.



The first is an authentication bypass vulnerability via a file delete in logoff.cgi which resets the admin password back to 'admin' upon a reboot. This is useful if the password for the admin user is unknown.



The second is an authenticated command injection flaw using the timezone parameter in the admin_sys_time.cgi interface.

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.



This update fixes agent size problems.

HPE Intelligent Management Center is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the RMI Registry service used to manage and monitor the Java Virtual Machine.

PHPMailer is prone to a abuse the mailSend function. This vulnerability allows remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.



This updates adds x86/x64 and HTTP/HTTPS Channel Support.

PHPMailer is prone to a abuse the mailSend function. This vulnerability allows remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.



This fixes a small try/catch exception error.