Use After Free in Microsoft Office allows remote attackers to execute arbitrary code via crafted EPS file in an Office document, leading to improper memory allocation.
Ichitaro Office is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .XLS document. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a vulnerability in the WebEx extension for Chrome. The module will start a web server and serve a specially crafted page. The page will execute a series of PowerShell commands to download an executable file from Impact's web server and execute it. The vulnerability requires that the attack web page be served using HTTPS. See "Special comments" for futher detail.
This module exploits a use after free vulnerability while manipulating DOM events and removing audio elements due to errors in the handling of node adoption in Mozilla Firefox. This module runs a web server waiting for vulnerable clients (Mozilla Firefox) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a use-after-free vulnerability in SVG Animation, part of "xul.dll".
Wireshark is prone to a vulnerability that may allow execution of riched20.dll.dll if this module is located in the same folder than .PCAP file.
The specific flaw exists in the handling of LeviStudio Project files. By providing an overly long HmiSet Type XML attribute, an attacker can overflow a stack-based buffer and execute arbitrary code in the context of the current process. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
The vulnerability exists within the AxEditGrid ActiveX control's Insert property. This module runs a web server waiting for vulnerable clients (Internet Explorer 8) to connect to it.
Arbitrary Write in Rockwell Automation Connected Components Workbrench allows remote attackers to execute arbitrary code. This module runs a web server waiting for vulnerable clients (Internet Explorer 11) to connect to it.
When a special NBNS request is received by this module, it starts to answer to the client by flooding responses with the name specified by the "NAME TO BE SPOOFED" parameter and the IP address specified by the "NAME's IP TO BE SPOOFED" parameter. When three NBNS request packets are received from the target, this module answers the request by sending responses to the target during 'n' seconds (parameter "Flooding time per target connection"). After that, if an HTTP request asking for "/lala2.bmp" is received, it means the target was convinced to use the spoofed name sent during the attack. When it happens, this module confirms that the attack was successful.