CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Datesort ascending Title Description Vulnerabilty Category Platform
05.29.2014 HP LoadRunner lrFileIOService ActiveX WriteFileString Exploit HP LoadRunner lrFileIOService has a vulnerability in the WriteFileString method, which allow the user to write arbitrary and load abitrary modules. CVE-2013-4798 Exploits/Client Side Windows
05.28.2014 Yokogawa Centum CS 3000 BKHOdeq Remote Buffer Overflow Exploit This module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000 by using its BKHOdeq.exe service. The BKHOdeq.exe service, started when running the FCS / Test Function listens by default on TCP/20109, TCP/20171 and UDP/1240. By sending a specially crafted packet to the port TCP/20171 it is possible to trigger a stack based buffer overflow which allows execution of arbitrary code with the privileges of the CENTUM user. CVE-2014-0783 Exploits/Remote Windows
05.28.2014 WinRAR Filename Spoofing Exploit The file names showed in WinRAR when opening a ZIP file come from the central directory, but the file names used to extract and open contents come from the Local File Header. This allows to spoof file names when opening ZIP files and can be abused to execute arbitrary code. NOCVE-9999-63311 Exploits/Client Side Windows
05.28.2014 Yokogawa Centum CS 3000 BKBCopyD Remote Buffer Overflow Exploit This module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000 by using its BKBCopyD.exe service. The Yokogawa Centum CS3000 solution uses different services in order to provide all its functionality. The BKBCopyD.exe service, started when running the FCS / Test Function, listens by default on TCP/20111. By sending a specially crafted packet to the port TCP/20111 it is possible to trigger a stack based buffer overflow which allows execution of arbitrary code with the privileges of the CENTUM user. CVE-2014-0784 Exploits/Remote Windows
05.27.2014 QuickView Plus Client vsacs Buffer Overflow Exploit Quick View Plus contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Quick View Plus when handling .MDB files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .MDB file. This module runs a malicious web server on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to it by opening the crafted MDB file with Quick View Plus. CVE-2013-5791 Exploits/Client Side Windows
05.27.2014 Microsoft Internet Explorer CMarkup Object Use-After-Free Exploit(MS14-021) Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. CVE-2014-1776 Exploits/Client Side Windows
05.27.2014 Wireshark MPEG File Parser Buffer Overflow Exploit An error within the MPEG file parser can be exploited to cause a buffer overflow via a specially crafted packet trace file. CVE-2014-2299 Exploits/Client Side Windows
05.22.2014 Catia CATSV5 Backbone Remote Buffer Overflow Exploit This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing CATIA. The vulnerability is caused due to a boundary error when copying a user supplied input to a fixed size stack buffer. The copying procedure stops when a null byte is found and no size check is proceeded. NOCVE-9999-62708 Exploits/Remote Windows
05.21.2014 Schneider Electric OFS Client Buffer Overflow Exploit When a crafted configuration file is parsed by the client, it may cause a buffer overflow allowing the configuration file execute code on the target PC. CVE-2014-0774 Exploits/Client Side Windows
05.21.2014 IBM SPSS SamplePower vsflex8l ActiveX Control ComboList Property Second Buffer Overflow Exploit The vulnerability is a buffer overflow caused due to an error related to the ComboList property within the vsflex8l ActiveX Control. CVE-2013-5057 Exploits/Client Side Windows
05.20.2014 Microsoft Windows Kernel NDProxy Vulnerability Exploit (MS14-002) This module exploits a vulnerability in Windows kernel ("ndproxy.sys" driver) by calling to the "DeviceIoControl" function with crafted parameters. This module is an update of the original "Microsoft Windows NDProxy DeviceIoControl Vulnerability Exploit" module. Besides, this module adds support to Windows 2003 SP2 64 bits edition. CVE-2013-5065 Exploits/Local Windows
05.19.2014 Publish-It PUI File Buffer Overflow Exploit Publish-It is prone to a buffer overflow when handling specially crafted PUI files. CVE-2014-0980 Exploits/Client Side Windows
05.18.2014 Adobe Flash Player SWF Load Crafted Module Exploit Update 2 This module exploits a vulnerability in Adobe Flash Player triggered when processing a SWF file and this load a crafted dll module. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This update improves the reliability of the exploit. CVE-2013-0634 Exploits/Client Side Windows
05.15.2014 Apache Struts ClassLoader Manipulation Remote Code Execution Exploit This module exploits a vulnerability in Apache Struts. The specific vulnerability is in the ParametersInterceptor, which allows a direct manipulation of the ClassLoader and as a result an attacker can execute arbitrary Java code in the target machine. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2014-0094 Exploits/Remote Linux
05.14.2014 WellinTech KingScada kxClientDownload ActiveX Exploit By properly setting the ProjectURL property, it is possible for an attacker to download an arbitrary dll file from a remote location and run the code in the dll in the context of the target process. CVE-2013-2827 Exploits/Client Side Windows
05.12.2014 Microsoft Internet Explorer CDisplayPointer Use-After-Free Exploit (MS13-080) Use after free in Internet Explorer when handling a CDisplayPointer object via the use of a "onpropertychange" event handler. Successful control of the freed memory may leverage arbitrary code execution under the context of the user. CVE-2013-3897 Exploits/Client Side Windows
05.07.2014 Adobe Flash Player Pixel Bender Exploit This module exploits a buffer overflow vulnerability in Adobe Flash Player in the flash.Display.Shader class when setting a Pixel Bender Filte as the Shader bytecode. This vulnerability has been found exploited in-the-wild during April 2014. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2014-0515 Exploits/Client Side Windows
05.05.2014 Adobe Flash Player Type Confusion Exploit Update This module exploits a type confusion vulnerability in Adobe Flash Player. This vulnerability has been found exploited in-the-wild during December 2013. This update improves module documentation, exploit code and adds more vulnerable Adobe Flash Player versions. CVE-2013-5331 Exploits/Client Side Windows
05.04.2014 Adobe Flash Player AVM2 Integer Underflow Exploit This module exploits an integer underflow vulnerability in Adobe Flash Player. This vulnerability was exploited in 0day attacks in February 2014. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2014-0497 Exploits/Client Side Windows
04.29.2014 Linux TCP ICMPv6 Router Advertisement Flooding Vulnerability Denial of Service This module exploits a vulnerability in Linux kernel by sending a big number of Router Advertisement messages to the target. CVE-2014-0254 Denial of Service/Remote Windows, Linux
04.28.2014 EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution Exploit This module exploits a remote code execution vulnerability in EMC Data Protection Advisor (DAP). Vulnerable installations of EMC DPA exposes the EJBInvokerServlet invoker servlet which does not require any type of authentication by default on certain profiles and allow remote attackers to invoke MBean methods and execute arbitrary code. CVE-2012-0874 Exploits/Remote Windows
04.25.2014 Adobe Flash Player Type Confusion Exploit This module exploits a type confusion vulnerability in Adobe Flash Player. This vulnerability has been found exploited in-the-wild during December 2013. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2013-5331 Exploits/Client Side Windows
04.23.2014 Microsoft Windows OpenType Engine Infinite Loop DoS (MS12-078) The OpenType Font driver in Microsoft Windows doesn't sufficiently validate user supplied input, leading to a denial of service vulnerability . CVE-2012-2556 Denial of Service/Local Windows
04.15.2014 OpenSSL TLS Heartbeat Read Overrun Memory Disclosure Exploit Update A missing boundary check in the TLS Heartbeat extension in OpenSSL can be abused by remote attackers to read up to 64 kb of memory from the server. This memory disclosure vulnerability can be used by remote unauthenticated attackers to obtain sensitive information from the affected server, including private keys and session cookies. This update adds features to the module, like the ability to read 64 kb of data from vulnerable services, reporting the results in the Module Output window, and saving the memory dumps to disk. It also improves the compatibility with OpenSSL services and adds support for FTPS. CVE-2014-0160 Exploits/Remote Linux
04.15.2014 HP ProCurve Agent AgentServlet Remote Code Execution Exploit The AgentServlet class in the Web interface of HP ProCurve Agent is prone to an authentication bypass vulnerability when handling HEAD requests. This vulnerability can be abused by remote unauthenticated attackers to modify the configuration of the HP ProCurve Agent, which can ultimately be leveraged to access the Tornado service component and finally execute arbitrary code with SYSTEM privileges on the target machine. CVE-2013-4813 Exploits/Remote Windows
04.13.2014 HP Data Protector EXEC_BAR Remote Command Execution Exploit This module exploits a remote code execution vulnerability in HP Data Protector by sending a specially crafted EXEC_BAR request. CVE-2013-2347 Exploits/Remote Windows
04.08.2014 OpenSSL TLS Heartbeat Read Overrun Memory Disclosure Exploit A missing boundary check in the TLS Heartbeat extension in OpenSSL can be abused by remote attackers to read up to 64 kb of memory from the server. This memory disclosure vulnerability can be used by remote unauthenticated attackers to obtain sensitive information from the affected server, including private keys and session cookies. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2014-0160 Exploits/Remote Linux
04.08.2014 AV Shell improvement This update is to increase the realiability of AV shell module. Post Exploitation
04.07.2014 Microsoft Word RTF listoverridecount Object Confusion Exploit This module exploits a vulnerability in Microsoft Word 2010 when parsing a specially crafted RTF file. This vulnerability was found being exploited in-the-wild during March 2014. CVE-2014-1761 Exploits/Client Side Windows
04.06.2014 Schneider Electric Serial Modbus Driver Buffer Overflow Exploit The vulnerability is a buffer overflow in Schneider Electric OPC factory Suite which bundle the vulnerable component Schneider Electric Modbus Serial Driver (ModbusDrv.exe). CVE-2013-0662 Exploits/Remote Windows

Pages