infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update descriptions

bug/bundler_fix
jvazquez-r7 2015-06-05 09:01:20 -05:00
parent 71a8487091
commit 318f67fcda
No known key found for this signature in database
GPG Key ID: 38D99152B9352D83
3 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
modules/exploits/multi/browser/adobe_flash_net_connection_confusion.rb
View File

@ -19,9 +19,11 @@ class Metasploit3 < Msf::Exploit::Remote
to corrupt arbitrary memory. It can be used to overwrite dangerous objects, like to corrupt arbitrary memory. It can be used to overwrite dangerous objects, like
vectors, and finally accomplish remote code execution. This module has been tested vectors, and finally accomplish remote code execution. This module has been tested
successfully on: successfully on:
* Windows 7 SP1 (32-bit) with IE 8, IE11 and Adobe Flash 16.0.0.305 * Windows 7 SP1 (32-bit), IE 8, IE11 and Adobe Flash 16.0.0.305.
* Linux Mint "Rebecca" (32 bits), and Ubuntu 14.04.2 LTS with Firefox 33.0 and * Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 16.0.0.305.
Adobe Flash 11.2.202.442. * Windows 8.1, Firefox 38.0.5 and Adobe Flash 16.0.0.305.
* Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.424.
* Ubuntu 14.04.2 LTS, Firefox 33.0 and Adobe Flash 11.2.202.442.
}, },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => 'Author' =>

4
modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
View File

@ -19,7 +19,9 @@ class Metasploit3 < Msf::Exploit::Remote
to uncompress() a malformed byte stream. This module has been tested successfully to uncompress() a malformed byte stream. This module has been tested successfully
on: on:
* Windows 7 SP1 (32 bits), IE 8 to IE 11 and Flash 16.0.0.287, 16.0.0.257 and 16.0.0.235. * Windows 7 SP1 (32 bits), IE 8 to IE 11 and Flash 16.0.0.287, 16.0.0.257 and 16.0.0.235.
* Linux Mint "Rebecca" (32 bits) with Firefox 33.0 and Flash 11.2.202.404. * Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 16.0.0.287.
* Windows 8.1, Firefox 38.0.5 and Adobe Flash 16.0.0.305.
* Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Flash 11.2.202.424.
}, },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => 'Author' =>

6
modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb
View File

@ -17,8 +17,10 @@ class Metasploit3 < Msf::Exploit::Remote
This module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs This module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs
in the copyPixelsToByteArray method from the BitmapData object. The position field of the in the copyPixelsToByteArray method from the BitmapData object. The position field of the
destination ByteArray can be used to cause an integer overflow and write contents out of destination ByteArray can be used to cause an integer overflow and write contents out of
the ByteArray buffer. This module has been tested successfully on Windows 7 SP1 (32-bit), the ByteArray buffer. This module has been tested successfully on:
IE 8 to IE 11 and Flash 14.0.0.176, 14.0.0.145, and 14.0.0.125. * Windows 7 SP1 (32-bit), IE 8 to IE 11 and Flash 14.0.0.176, 14.0.0.145, and 14.0.0.125.
* Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 14.0.0.179.
* Windows 8.1, Firefox 38.0.5 and Adobe Flash 14.0.0.179.
}, },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => 'Author' =>