Client Side | Core Security

Advantage Data Architect is prone to a vulnerability that may allow the execution of any library file named wfapi.dll, if this dll is located in the same folder than a .ADT file. The attacker must entice a victim into opening a specially crafted .ADT file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.

This module exploits a vulnerability in Adrenalin Player .WAX files. The vulnerability is caused due to lack of boundary checks in exporting a WAX file witch causes an Buffer Overflow of the stack and a SEH attack is possible due to a vulnerable DLL included in the software. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits a vulnerability in Adrenalin Player .ASX files. The vulnerability is caused due to lack of boundary checks in exporting an ASX file witch causes an Buffer Overflow of the stack and a SEH attack is possible due to a vulnerable DLL included in the software. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits a vulnerability in Adobe Shockwave triggered when processing a specially crafted .DIR file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits a heap based buffer overflow vulnerability in Adobe Reader X when handling a specially crafted PDF file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

The vulnerability is a memory corruption in the U3D component in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits a Use-After-Free vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the "util.printf()" JavaScript function. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits an array indexing vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits a stack based buffer overflow vulnerability in Adobe Reader when handling a specially crafted .TIFF file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

Subscribe to Client Side

Privacy Policy

Cookie Policy

Terms of Service

Accessibility

Impressum