diff --git a/modules/exploits/multi/browser/adobe_flash_net_connection_confusion.rb b/modules/exploits/multi/browser/adobe_flash_net_connection_confusion.rb index 1182b2f2b7..97dfd64876 100644 --- a/modules/exploits/multi/browser/adobe_flash_net_connection_confusion.rb +++ b/modules/exploits/multi/browser/adobe_flash_net_connection_confusion.rb @@ -19,9 +19,11 @@ class Metasploit3 < Msf::Exploit::Remote to corrupt arbitrary memory. It can be used to overwrite dangerous objects, like vectors, and finally accomplish remote code execution. This module has been tested successfully on: - * Windows 7 SP1 (32-bit) with IE 8, IE11 and Adobe Flash 16.0.0.305 - * Linux Mint "Rebecca" (32 bits), and Ubuntu 14.04.2 LTS with Firefox 33.0 and - Adobe Flash 11.2.202.404. + * Windows 7 SP1 (32-bit), IE 8, IE11 and Adobe Flash 16.0.0.305. + * Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 16.0.0.305. + * Windows 8.1, Firefox 38.0.5 and Adobe Flash 16.0.0.305. + * Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.424. + * Ubuntu 14.04.2 LTS, Firefox 33.0 and Adobe Flash 11.2.202.442. }, 'License' => MSF_LICENSE, 'Author' => diff --git a/modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb b/modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb index 2b401c731b..6c56be6d95 100644 --- a/modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb +++ b/modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb @@ -19,7 +19,9 @@ class Metasploit3 < Msf::Exploit::Remote to uncompress() a malformed byte stream. This module has been tested successfully on: * Windows 7 SP1 (32 bits), IE 8 to IE 11 and Flash 16.0.0.287, 16.0.0.257 and 16.0.0.235. - * Linux Mint "Rebecca" (32 bits) with Firefox 33.0 and Flash 11.2.202.404. + * Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 16.0.0.287. + * Windows 8.1, Firefox 38.0.5 and Adobe Flash 16.0.0.305. + * Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Flash 11.2.202.424. }, 'License' => MSF_LICENSE, 'Author' => diff --git a/modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb b/modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb index 77e8ce5cbe..34dcd36cb9 100644 --- a/modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb +++ b/modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb @@ -17,8 +17,10 @@ class Metasploit3 < Msf::Exploit::Remote This module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs in the copyPixelsToByteArray method from the BitmapData object. The position field of the destination ByteArray can be used to cause an integer overflow and write contents out of - the ByteArray buffer. This module has been tested successfully on Windows 7 SP1 (32-bit), - IE 8 to IE 11 and Flash 14.0.0.176, 14.0.0.145, and 14.0.0.125. + the ByteArray buffer. This module has been tested successfully on: + * Windows 7 SP1 (32-bit), IE 8 to IE 11 and Flash 14.0.0.176, 14.0.0.145, and 14.0.0.125. + * Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 14.0.0.179. + * Windows 8.1, Firefox 38.0.5 and Adobe Flash 14.0.0.179. }, 'License' => MSF_LICENSE, 'Author' =>