This module exploits a vulnerability in the Linux apport application. The apport application can be forced to drop privileges to uid 0 and write a corefile anywhere on the system. This can be used to write a corefile with crafted contents in a suitable location to gain root privileges.



This updates improves the way some files are cleaned up after a failed exploitation attempt.

A specially crafted argument to makeMeasurement will leave objects in an inconsistent state and can produce a Buffer Overflow. This data can later be retrieved via a call to dumpMeasureData.

Finally using NSendApprovalToAuthorEnabled method it is possible to bypass the Javascript API restrictions.

Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."

This module exploits a double free vulnerability in win32k.sys, allowing an unprivileged local user to cause a BSOD.



This update improves the post exploitation target information to include the CVE.

This module exploit three different vulnerabilities in Symantec Endpoint Protection Manager (SEPM) in order to install an agent on a vunlerable target machine.



CVE-2015-1486 allows unauthenticated attackers access to SEPM.



CVE-2015-1487 allows reading and writing arbitrary files, resulting in the execution of arbitrary commands with 'NT Service\semsrv' privileges.



CVE-2015-1489 allows the execution of arbitrary OS commands with 'NT Authority\SYSTEM' privileges.

This module exploits a vulnerability in "atmfd.dll" Windows driver by loading a crafted OTF font.



This update adds support to Windows 8 and Windows 2012.

This module exploits an integer overflow in srvnet.sys Windows driver by sending a crafted SMB request to the Windows SMB Server.

This module exploits a vulnerability in the VMware Printer virtual device from the guest OS and install an agent in the host computer.



This update adds support to more VMware versions and improves the agent connection reliability from the host computer.

This module exploits an integer overflow vulnerability in Adobe Flash Player. The signed integer overflow exists inside the AS3 Function.apply() method and allows an attacker to take control of a vulnearble target and execute arbitrary code.

Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."