infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update ff svg exploit description to be more accurate.

unstable
Joe Vennix 2013-06-11 12:12:18 -05:00
parent 2874aead2e
commit 45da645717
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/exploits/multi/browser/firefox_svg_plugin.rb
View File

@ -17,8 +17,8 @@ class Metasploit3 < Msf::Exploit::Remote
super(update_info(info, super(update_info(info,
'Name' => 'Firefox 17.0.1 Flash Privileged Code Injection', 'Name' => 'Firefox 17.0.1 Flash Privileged Code Injection',
'Description' => %q{ 'Description' => %q{
This exploit gains remote code execution on Firefox 17.0.1 and all previous This exploit gains remote code execution on Firefox 17 and 17.0.1, provided
versions, provided the user has installed Flash. No memory corruption is used. the user has installed Flash. No memory corruption is used.
First, a Flash object is cloned into the anonymous content of the SVG First, a Flash object is cloned into the anonymous content of the SVG
"use" element in the <body> (CVE-2013-0758). From there, the Flash object "use" element in the <body> (CVE-2013-0758). From there, the Flash object