CVE-2014-9390: Git is prone to a vulnerability that may allow attackers to overwrite arbitrary local files.

This module exploits the condition and installs an Agent when a vulnerable GIT client performs a CLONE to the fake repository created.

Untrusted search path vulnerability in Corel VideoStudio Pro X7 17.0.0.249 and Corel FastFlix 17.0.0.249 and earlier, and possibly other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse u32ZLib.dll that is located in the same folder as an .vsp or .vfp file.

A stack-based buffer overflow in the ProcessDataReceivedOnSocket function in the Microsoft Telnet Server Helper (tlntsess.exe) can be used by remote unauthenticated attackers to render the Telnet server unresponsive.



This update improves the way in which this module detects if the attack was successful.

A stack-based buffer overflow in the ProcessDataReceivedOnSocket function in the Microsoft Telnet Server Helper (tlntsess.exe) can be used by remote unauthenticated attackers to render the Telnet server unresponsive.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

Untrusted search path vulnerability in Corel PDF Fusion 1.12 Build 16/04/2013 and earlier, and possibly other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll that is located in the same folder as an .pdf file.

Untrusted search path vulnerability in Corel Painter 2015 14.0.0.728 and earlier, and possibly other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll that is located in the same folder as an .rif file.

This module exploits a double-free vulnerability in "afd.sys" by calling to "AfdTransmiteFile" function with crafted parameters.



This update adds support to Windows 2003, Windows Vista, Windows 2008, Windows 7, Windows 2008 R2, Windows 8 and Windows 2012 (all 64 bit versions).

This update introduces improvements and fixes to classes related to DHCP servers.

A vulnerability in Microsoft's implementation of the Kerberos authentication protocol allows to modify a Kerberos ticket to remotely escalate privileges. This module exploits the vulnerability impersonating a user of the domain's Administrators group to install an agent in the domain controller with System privileges.



This update introduces the option to use NTLM hashes for authentication and Network RPT-AP integration.

The specific flaw exists within the PocketNetNVRMediaClientAxCtrl.NVRMediaViewer.1 control. The SaveCurrentImageEx method copies an attacker provided filename into a fixed size buffer.