Updated exploit ranking and description to reflect the new ranking
git-svn-id: file:///home/svn/framework3/trunk@12151 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
35c33020ca
commit
349512f48d
|
@ -12,7 +12,7 @@
|
|||
require 'msf/core'
|
||||
|
||||
class Metasploit3 < Msf::Exploit::Remote
|
||||
Rank = NormalRanking
|
||||
Rank = GoodRanking
|
||||
|
||||
include Msf::Exploit::Remote::HttpServer::HTML
|
||||
|
||||
|
@ -27,6 +27,10 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
Specifically, this issue results in uninitialized memory being referenced and later
|
||||
executed. Taking advantage of this issue relies on heap spraying and controlling the
|
||||
uninitialized memory.
|
||||
|
||||
Currently this exploit works for IE6, IE7, and Firefox 3.6 and likely several
|
||||
other browsers. DEP does catch the exploit and causes it to fail. Due to the nature
|
||||
of the uninitialized memory its fairly difficult to get around this restriction.
|
||||
},
|
||||
'License' => MSF_LICENSE,
|
||||
'Author' =>
|
||||
|
|
Loading…
Reference in New Issue