infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
metasploit-framework/modules/exploits/windows/browser
History
Wei Chen 39a4488da5 Patch #5740 for Firefox Array.reduceRight() exploit 
git-svn-id: file:///home/svn/framework3/trunk@13958 4d416f70-5f16-0410-b530-b9f4589650da
 		2011-10-16 20:28:15 +00:00
..
adobe_cooltype_sing.rb Adding an extra print line to adobe_cooltype_sing that clearly displays the user-agent. 2011-09-17 20:12:51 +00:00
adobe_flashplayer_avm.rb Mention about the RSA attack in the description, also add a reference for it 2011-09-06 17:22:00 +00:00
adobe_flashplayer_flash10o.rb Found an instance that causes the win 7 target to fail. This fix corrects it. 2011-09-27 08:55:07 +00:00
adobe_flashplayer_newfunction.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
adobe_flatedecode_predictor02.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
adobe_geticon.rb
adobe_jbig2decode.rb
adobe_media_newplayer.rb
adobe_shockwave_rcsl_corruption.rb get_resource() added to 'src' parameter 2011-05-05 22:10:30 +00:00
adobe_utilprintf.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
aim_goaway.rb
amaya_bdo.rb Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types 2011-10-16 09:53:53 +00:00
aol_ampx_convertfile.rb
aol_icq_downloadagent.rb fix some more titles with periods 2010-11-24 19:35:38 +00:00
apple_itunes_playlist.rb
apple_quicktime_marshaled_punk.rb switch AutoRunScript for InitialAutoRunScript, oops 2011-01-08 00:25:44 +00:00
apple_quicktime_rtsp.rb
apple_quicktime_smil_debug.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ask_shortformat.rb
athocgov_completeinstallation.rb Mass RE-update: fix all framework URL references 2010-11-11 22:43:22 +00:00
autodesk_idrop.rb
aventail_epi_activex.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
awingsoft_web3d_bof.rb
awingsoft_winds3d_sceneurl.rb
baofeng_storm_onbeforevideodownload.rb
barcode_ax49.rb
blackice_downloadimagefileurl.rb Add BlackIce Cover Page ActiveX downloadimagefileurl exploit 2011-06-21 02:51:39 +00:00
ca_brightstor_addcolumn.rb
chilkat_crypt_writefile.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
cisco_anyconnect_exec.rb adds support for SSL 2011-06-06 20:15:51 +00:00
citrix_gateway_actx.rb Add the noobfuscation arg to the heaplib call 2011-09-01 09:00:20 +00:00
communicrypt_mail_activex.rb
creative_software_cachefolder.rb
dxstudio_player_exec.rb
ea_checkrequirements.rb Mass RE-update: fix all framework URL references 2010-11-11 22:43:22 +00:00
ebook_flipviewer_fviewerloading.rb Format dictatorship round 2: Fix author e-mail format for all exploit modules 2011-07-22 20:17:58 +00:00
enjoysapgui_comp_download.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
enjoysapgui_preparetoposthtml.rb
facebook_extractiptc.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
gom_openurl.rb
greendam_url.rb
hp_easy_printer_care_xmlsimpleaccessor.rb Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types 2011-10-16 09:53:53 +00:00
hp_loadrunner_addfile.rb
hp_loadrunner_addfolder.rb
hpmqc_progcolor.rb
hyleos_chemviewx_activex.rb
ibmegath_getxmlvalue.rb Mass RE-update: fix all framework URL references 2010-11-11 22:43:22 +00:00
ibmlotusdomino_dwa_uploadmodule.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
ie_createobject.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ie_iscomponentinstalled.rb
ie_unsafe_scripting.rb Add disclosure dates to all the exploit modules that didn't have one 2011-10-15 21:09:17 +00:00
java_basicservice_impl.rb accept a client argument for get_uri() 2011-01-22 00:16:57 +00:00
java_codebase_trust.rb A handful of rankings changes, also converting whitespace. 2011-10-15 22:58:20 +00:00
java_docbase_bof.rb switch AutoRunScript for InitialAutoRunScript, oops 2011-01-08 00:25:44 +00:00
java_ws_arginject_altjvm.rb include the CVE with more details that definitely applies to this bug, in addition to the ambiguous one that may or may not 2011-09-18 03:57:27 +00:00
juniper_sslvpn_ive_setupdll.rb
kazaa_altnet_heap.rb
logitechvideocall_start.rb
lpviewer_url.rb
macrovision_downloadandexecute.rb
macrovision_unsafe.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
mcafee_mcsubmgr_vsprintf.rb
mcafeevisualtrace_tracetarget.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
mirc_irc_url.rb
mozilla_interleaved_write.rb Allow JavaScript obfuscation as an option 2011-08-11 22:18:25 +00:00
mozilla_mchannel.rb fix tabs 2011-08-19 16:58:50 +00:00
mozilla_nstreerange.rb A handful of rankings changes, also converting whitespace. 2011-10-15 22:58:20 +00:00
mozilla_reduceright.rb Patch #5740 for Firefox Array.reduceRight() exploit 2011-10-16 20:28:15 +00:00
ms03_020_ie_objecttype.rb Comment update (this is still for the egghunter fix: bug #4552) 2011-05-18 19:50:22 +00:00
ms06_001_wmf_setabortproc.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
ms06_013_createtextrange.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ms06_055_vml_method.rb
ms06_057_webview_setslice.rb
ms06_067_keyframe.rb
ms06_071_xml_core.rb
ms07_017_ani_loadimage_chunksize.rb
ms08_041_snapshotviewer.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
ms08_053_mediaencoder.rb
ms08_070_visual_studio_msmask.rb fix some more titles with periods 2010-11-24 19:35:38 +00:00
ms08_078_xml_corruption.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ms09_002_memory_corruption.rb Disclosure date change 2011-04-21 15:45:07 +00:00
ms09_043_owc_htmlurl.rb
ms09_043_owc_msdso.rb
ms09_072_style_object.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ms10_002_aurora.rb Changed disclosure date 2011-04-21 02:10:40 +00:00
ms10_018_ie_behaviors.rb MS10-018, y u no InitialAutoRunScript 2011-07-10 07:02:38 +00:00
ms10_018_ie_tabular_activex.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ms10_022_ie_vbscript_winhlp32.rb missed a couple exe generater includes 2010-09-28 16:19:50 +00:00
ms10_026_avi_nsamplespersec.rb Specify UUID offset for the custom .Net binary 2011-08-13 02:15:05 +00:00
ms10_042_helpctr_xss_cmd_exec.rb
ms10_046_shortcut_icon_dllloader.rb big exe/dll update, see #2017 2010-09-21 00:13:30 +00:00
ms10_090_ie_css_clip.rb out with the new, in with the old. css_clip is pretty unreliable in my tests, go back to using ie_behaviors in browser autopwn 2011-05-19 16:33:55 +00:00
ms11_003_ie_css_import.rb Allow JavaScript obfuscation as an option 2011-08-11 18:47:21 +00:00
ms11_050_mshtml_cobjectelement.rb Fix JS 2011-09-21 03:13:45 +00:00
msvidctl_mpeg2.rb
mswhale_checkforupdates.rb
nctaudiofile2_setformatlikesample.rb
nis2004_antispam.rb
nis2004_get.rb
novelliprint_callbackurl.rb add two exploits from Trancer! woot! 2010-09-21 18:46:29 +00:00
novelliprint_datetime.rb
novelliprint_executerequest.rb add two exploits from Trancer! woot! 2010-09-21 18:46:29 +00:00
novelliprint_executerequest_dbg.rb add two exploits from Trancer! woot! 2010-09-21 18:46:29 +00:00
novelliprint_getdriversettings.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
novelliprint_getdriversettings_2.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
novelliprint_target_frame.rb
oracle_dc_submittoexpress.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
orbit_connecting.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
pcvue_func.rb Add PcVue 10 LoadObject/SaveObject vuln (Feature #5647) 2011-10-12 10:57:31 +00:00
persits_xupload_traversal.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
real_arcade_installerdlg.rb Updated vbs stager temp var 2011-04-09 18:24:43 +00:00
realplayer_cdda_uri.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
realplayer_console.rb
realplayer_import.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
realplayer_qcp.rb Add fix commit url to reference. Thx jduck! 2011-09-17 06:48:33 +00:00
realplayer_smil.rb
roxio_cineplayer.rb
sapgui_saveviewtosessionfile.rb
softartisans_getdrivename.rb
sonicwall_addrouteentry.rb
symantec_altirisdeployment_downloadandinstall.rb fix date 2011-04-21 11:12:34 +00:00
symantec_altirisdeployment_runcmd.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
symantec_appstream_unsafe.rb fix some more titles with periods 2010-11-24 19:35:38 +00:00
symantec_backupexec_pvcalendar.rb
symantec_consoleutilities_browseandsavefile.rb Mass RE-update: fix all framework URL references 2010-11-11 22:43:22 +00:00
systemrequirementslab_unsafe.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
teechart_pro.rb missing var 2011-08-13 02:05:08 +00:00
trendmicro_extsetowner.rb add trendmicro extsetowner exploit from Trancer 2010-10-04 04:26:09 +00:00
trendmicro_officescan.rb
tumbleweed_filetransfer.rb
ultraoffice_httpupload.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
verypdf_pdfview.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
vlc_amv.rb Exploit is much more reliable than before, it gets a promotion 2011-08-12 19:17:23 +00:00
webdav_dll_hijacker.rb handle dirs and index.html specially 2010-09-24 01:11:05 +00:00
webex_ucf_newobject.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
winamp_playlist_unc.rb
winamp_ultravox.rb
windvd7_applicationtype.rb
winzip_fileview.rb play a little nicer with browser autopwn by not spraying the heap if creating the vulnerable object failed 2011-05-19 19:45:14 +00:00
wmi_admintools.rb add CVE reference 2011-01-14 16:25:37 +00:00
xmplay_asx.rb
yahoomessenger_fvcom.rb
yahoomessenger_server.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
zenturiprogramchecker_unsafe.rb fix some more titles with periods 2010-11-24 19:35:38 +00:00