This update adds support to Microsoft Windows 2003 64 bits, Microsoft Windows Vista 64 bits, Microsoft Windows 2008 64 bits and Microsoft Windows Seven 64 bits.



This module exploits a vulnerability in the "Print Spooler" service.

This update replaces the exploit modules for MS12-034. Also it adds support for 64bit versions of Microsoft Windows 2003, Vista and 2008.



This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters.



When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption.

This modules exploits a kernel vulnerability in Microsoft Remote Desktop server by sending a sequence of specially crafted RDP packets to the target system.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some

situations. Since this module is not the final version it may contain bugs

or have limited functionality and may not have complete or accurate documentation.

The vulnerability is caused due to a boundary error when processing the tags within .PAC files. This can be exploited to cause a stack-based buffer overflow via an overly long string.

This update adds CVE number.

On Intel CPUs, sysret to non-canonical addresses causes a fault on the sysret instruction itself after the stack pointer is set to guest value but before the current privilege level (CPL) is changed. FreeBSD is vulnerable to this issue due to insufficient sanity checks when returning from a system call. This module exploits the vulnerability and installs an agent with root privileges.

A buffer overflow in NetDecision's HTTP service is exploited when a long URL is managed by the HTTP Server's active window. For successfull exploitation, the victim need to have the HttpSvr's window open.

This version add CVE.

This module exploits an object type confusion vulnerability in Adobe Flash Player. The specific error occurs due to the way Adobe Flash handles the AMF0 response (_error) when connecting to a malicious RTMP server. By supplying a crafted AMF0 response it is possible to execute arbitrary code in the context of the vulnerable application.

A vulnerability found in Apple QuickTime Player when handling a crafted TeXML file, it is possible to trigger a stack-based buffer overflow.

This update bypass DEP for Internet Explorer 8 support and for execute the mov file directly in Quicktime player.

This module exploits a remote code execution vulnerability in Symantec Web Gateway by using a log injection and a local file inclusion to run an arbitrary PHP script.

Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0, as used by Internet Explorer, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code by enticing an unsuspecting user to visit a specially crafted web site.