Windows | Core Security

This module exploits a vulnerability in Adobe Reader. The specific flaw exists within the application explicitly trusting a string's length embedded within a particular file that is loaded by the 3difr.x3d plugin. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits a vulnerability in Adobe Reader. The specific flaw exists within the application explicitly trusting a string's length embedded within a particular file that is loaded by the tesselate.x3d plugin. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in authplay.dll when handling crafted malicious Flash (.SWF) file or by embedding a malicious Flash application in a .PDF file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to memory corruption method in acroform.api. This can be exploited to cause code execution when a specially crafted .PDF file is opened in Adobe Reader or is opened embedded in a browser. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits a vulnerability in the dvdtools.ocx control included in the ActSoft DVD Tools ActiveX application. The exploit is triggered when the OpenDVD() method processes a long string argument resulting in a stack-based buffer overflow. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.

The vulnerability is caused due to a boundary error within the Formats plug-in (Formats.dll) when handling ASX files. This can be exploited to cause a stack-based buffer overflow via a specially crafted ASX file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.

The vulnerability is caused due to a boundary error in Acoustica Mixcraft when handling project files. This can be exploited to cause a stack-based buffer overflow via a specially crafted MX4 file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.

Acoustica Beatcraft contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Acoustica Beatcraft when handling .BCPROJ files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .BCPROJ file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.

This module exploits a vulnerability in ACDSee Products (ID_X.apl plugin). The vulnerability is caused due to boundary error in ID_X.apl within the processing of xpm files. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

Subscribe to Windows

Privacy Policy

Cookie Policy

Terms of Service

Accessibility

Impressum