infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #5682, Update Flash CVE-2015-5119 ranking

bug/bundler_fix
wchen-r7 2015-07-07 15:57:28 -05:00
parent 6a50b1583a 6a33807d80
commit adfb663343
No known key found for this signature in database
GPG Key ID: 2384DB4EF06F730B
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
modules/exploits/multi/browser/adobe_flash_hacking_team_uaf.rb
View File

@ -6,7 +6,7 @@
require 'msf/core' require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote class Metasploit3 < Msf::Exploit::Remote
Rank = GoodRanking Rank = GreatRanking
include Msf::Exploit::Remote::BrowserExploitServer include Msf::Exploit::Remote::BrowserExploitServer
@ -19,7 +19,6 @@ class Metasploit3 < Msf::Exploit::Remote
described as an Use After Free while handling ByteArray objects. This module has described as an Use After Free while handling ByteArray objects. This module has
been tested successfully on: been tested successfully on:
Windows XP, Chrome 43 and Flash 18.0.0.194,
Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.194, Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.194,
Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.194, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.194,
Windows 8.1 (32-bit), Firefox and Adobe Flash 18.0.0.194, Windows 8.1 (32-bit), Firefox and Adobe Flash 18.0.0.194,
@ -35,9 +34,10 @@ class Metasploit3 < Msf::Exploit::Remote
], ],
'References' => 'References' =>
[ [
['CVE', '2015-5119'],
['URL', 'https://helpx.adobe.com/security/products/flash-player/apsa15-03.html'],
['URL', 'http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/'], ['URL', 'http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/'],
['URL', 'https://twitter.com/w3bd3vil/status/618168863708962816'], ['URL', 'https://twitter.com/w3bd3vil/status/618168863708962816']
['CVE', '2015-5119']
], ],
'Payload' => 'Payload' =>
{ {
@ -59,7 +59,7 @@ class Metasploit3 < Msf::Exploit::Remote
:ua_name => lambda do |ua| :ua_name => lambda do |ua|
case target.name case target.name
when 'Windows' when 'Windows'
return true if ua == Msf::HttpClients::IE || ua == Msf::HttpClients::FF || ua == Msf::HttpClients::CHROME return true if ua == Msf::HttpClients::IE || ua == Msf::HttpClients::FF
when 'Linux' when 'Linux'
return true if ua == Msf::HttpClients::FF return true if ua == Msf::HttpClients::FF
end end