diff --git a/modules/exploits/windows/http/oracle_event_processing_upload.rb b/modules/exploits/windows/http/oracle_event_processing_upload.rb
index 2a3d81f993..3337f9dcea 100644
--- a/modules/exploits/windows/http/oracle_event_processing_upload.rb
+++ b/modules/exploits/windows/http/oracle_event_processing_upload.rb
@@ -18,12 +18,12 @@ class Metasploit3 < Msf::Exploit::Remote
       'Name'           => 'Oracle Event Processing FileUploadServlet Arbitrary File Upload',
       'Description'    => %q{
         This module exploits an Arbitrary File Upload vulnerability in Oracle Event Processing
-        11.1.1.7.0. The vulnerability exists in the FileUploadServlet, where an arbitrary file
-        can be uploaded without authentication, and due to a directory traversal, to an arbitrary
-        location. By default Oracle Event Processing uses a Jetty Application Server with JSP
-        support not configured. Because of it, this module only targets Windows 2003 SP2, where
-        the WMI service can be abused to convert the file upload into remote code execution without
-        user interaction.
+        11.1.1.7.0. The FileUploadServlet component, which requires no authentication, can be
+        abused to upload a malicious file onto an arbitrary location due to a directory traversal
+        flaw, and compromise the server. By default Oracle Event Processing uses a Jetty
+        Application Server without JSP support, which limits the attack to WbemExec. The current
+        WbemExec technique only requires arbitrary write to the file system, but at the moment the
+        module only supports Windows 2003 SP2 or older.
       },
       'License'        => MSF_LICENSE,
       'Author'         =>