infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Explain why the user cannot modify the URIPATH

unstable
sinn3r 2012-10-05 17:24:06 -05:00
parent 2aa59623d1
commit 769fa3743e
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
modules/exploits/windows/browser/ntr_activex_check_bof.rb
View File

@ -32,7 +32,8 @@ class Metasploit3 < Msf::Exploit::Remote
'Description' => %q{
This module exploits a vulnerability found in NTR ActiveX 1.1.8. The
vulnerability exists in the Check() method, due to the insecure usage of strcat to
build a URL using the bstrParams parameter contents, which leads to code execution
build a URL using the bstrParams parameter contents (note: this is also the reason
why the module won't allow you to modify the URIPATH), which leads to code execution
under the context of the user visiting a malicious web page. In order to bypass
DEP and ASLR on Windows Vista and Windows 7 JRE 6 is needed.
},