This module exploits a Use-After-Free vulnerability in Adobe Flash Player. The method ByteArray::clear does not notify the suscriber when frees the memory assigned to a ByteArray object leaving a dangling pointer that can be later dereferenced.

This vulnerability allows attackers to execute arbitrary code on vulnerable machines by enticing unsuspecting users to visit a website serving a specially crafted SWF Flash file.

This vulnerability was found exploited in the wild in February 2015.

Adobe Flash Player is prone to a use-after-free vulnerability because the ByteArray::UncompressViaZlibVariant method frees an object while leaving a dangling pointer that can be later dereferenced.

This vulnerability allows attackers to execute arbitrary code on vulnerable machines by enticing unsuspecting users to visit a website serving a specially crafted SWF Flash file.



This update adds support for Windows 8 and Windows 8.1.

There is an authentication vulnerability in the Windows debugging subsystem (smss). This allows any user to obtain a handle with any access of any process running. With this handle an agent is injected in a SYSTEM process.

The update fixes an issue with HANDLEType in win32native lib.

The vulnerable component gefebt allows to execute remote BCL files in

shared resources. An attacker can abuse this behaviour to execute a malicious BCL and drop an arbitrary EXE .This can be executed remotely through the WebView server.

This module exploits a buffer overflow in FSSO Collector Agent for Windows Active Directory from FORTINET and installs an agent into the target host

This update includes a module that remotely exploits CVE-2015-0235 (a.k.a. GHOST, a heap-based buffer overflow in the GNU C Library's gethostbyname functions) on x86 and x86_64 GNU/Linux systems that run the Exim mail server.

Microsoft Windows is prone to a vulnerability that may allow a DLL file to be automatically loaded because the software fails to handle LNK files properly.

Specifically, the issue occurs when loading the icon of a shortcut file. A specially crafted LNK file can cause Windows to automatically execute code that is specified by the shortcut file.

This vulnerability is the result of an incomplete fix for MS10-046 (CVE-2010-2568).



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

The specific flaw exists within the AnnotateX dll ActiveX control included with the software. An attacker can use an unvalidated object parameter in the Insert() function to execute arbitrary code in the context of the browser.

This module exploits a vulnerability caused by boundary errors in Amaya Web Browser within the processing of a BDO HTML tag that has an overly long DIR attribute, allowing an attacker to cause a stack overflow in order to execute arbitrary code.



This update fixes an issue when using the option "Generate File".

A vulnerability in Microsoft's implementation of the Kerberos authentication protocol allows to modify a Kerberos ticket to remotely escalate privileges. This module exploits the vulnerability impersonating a user of the domain's Administrators group to install an agent in the domain controller with System privileges.



This update solves issues related to name resolution of the target and to running the exploit with a source agent installed on a Linux host.