The specific flaw exists within the implementation of the 0x280B opcode in the DrawSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to strcpy. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system.
This module exploits a vulnerability present in Mac OS X. dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain root privileges via the DYLD_PRINT_TO_FILE environment variable.
VMware vCenter Server is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine. By exploiting known methods, it is possible to remotely load an MLet file from an attacker controlled web server that points at a jar file.
ManageEngine EventLog Analyzer is vulnerable to abuse a SQL query functionality that allows attackers to insert and export a crafted JSP using 'guest' credentials allowing us to install an agent.
A vulnerability exists in the av-forward daemon running in AlienVault Unified Security Management appliances. The daemon accepts serialized Python and proceeds to deserialize it without proper validation, allowing unauthenticated arbitrary code execution. This module writes and executes an Impact agent by sending a specially crafted string to the daemon. The resulting agent runs as the 'avforw' use, which is non-privileged.
A vulnerability in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to trigger buffer overflow. This allows unprivileged local user to cause an invalid dereference in kernel mode, which produces a BSoD.
An OS Command Injection vulnerability exists in the "Landing Pages" plugin for WordPress. This module verifies the vulnerability and provides a OS Command Inection Agent.
Microsoft Word is prone to a vulnerability that may allow execution of a remote dll.
This module exploits a vulnerability in Microsoft's implementation of the Group Policy Preferences password encryption.
The vulnerability is due to an error while parsing crafted PRX files which can result in an buffer overflow. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.