metasploit-framework/modules/exploits/windows/browser
HD Moore 99e2c9aa72 Looks like my initial testing was wrong - you can trigger this entirely through HTTP with a meta refresh, just not with a 301 (IE only).
git-svn-id: file:///home/svn/framework3/trunk@9888 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-20 19:54:56 +00:00
..
adobe_flashplayer_newfunction.rb fix typo, thx chad 2010-07-01 20:35:56 +00:00
adobe_flatedecode_predictor02.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
adobe_geticon.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
adobe_jbig2decode.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
adobe_media_newplayer.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
adobe_utilprintf.rb more cleanups 2010-05-03 17:13:09 +00:00
aim_goaway.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
amaya_bdo.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
aol_ampx_convertfile.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
aol_icq_downloadagent.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
apple_itunes_playlist.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
apple_quicktime_rtsp.rb fix a couple more silly regex mishaps 2010-05-04 23:09:32 +00:00
ask_shortformat.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
athocgov_completeinstallation.rb add missing CVE/OSVDB references, plenty still missing *wink wink* 2010-07-02 00:10:51 +00:00
autodesk_idrop.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
awingsoft_web3d_bof.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
awingsoft_winds3d_sceneurl.rb add missing CVE/OSVDB references, plenty still missing *wink wink* 2010-07-02 00:10:51 +00:00
baofeng_storm_onbeforevideodownload.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
barcode_ax49.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
ca_brightstor_addcolumn.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
chilkat_crypt_writefile.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
communicrypt_mail_activex.rb add osvdb refs 2010-05-25 02:09:42 +00:00
creative_software_cachefolder.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
dxstudio_player_exec.rb big commit - lots of cmdstager changes 2010-05-26 22:39:56 +00:00
ea_checkrequirements.rb added refs. I think all the auxiliary and exploit modules should now be covered. 2010-05-13 16:53:50 +00:00
ebook_flipviewer_fviewerloading.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
enjoysapgui_preparetoposthtml.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
facebook_extractiptc.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
gom_openurl.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
greendam_url.rb finished periodic missing CVE reference check (hint vulns w/o CVEs here!) 2010-03-10 05:58:01 +00:00
hp_loadrunner_addfile.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
hp_loadrunner_addfolder.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
hpmqc_progcolor.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
ibmegath_getxmlvalue.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
ibmlotusdomino_dwa_uploadmodule.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
ie_createobject.rb add lots of disclosure dates from OSVDB (missed a few) 2010-07-03 03:19:07 +00:00
ie_iscomponentinstalled.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
ie_unsafe_scripting.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
java_ws_arginject_altjvm.rb ensure binary mode when opening files, whitespace fixes 2010-07-01 23:33:07 +00:00
juniper_sslvpn_ive_setupdll.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
kazaa_altnet_heap.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
logitechvideocall_start.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
lpviewer_url.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
macrovision_downloadandexecute.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
macrovision_unsafe.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
mcafee_mcsubmgr_vsprintf.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
mcafeevisualtrace_tracetarget.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
mirc_irc_url.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
ms03_020_ie_objecttype.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
ms06_001_wmf_setabortproc.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
ms06_013_createtextrange.rb switch some URL references to US-CERT-VU type 2010-07-03 01:09:32 +00:00
ms06_055_vml_method.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
ms06_057_webview_setslice.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
ms06_067_keyframe.rb style compliance fixes 2010-07-16 02:33:25 +00:00
ms06_071_xml_core.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
ms07_017_ani_loadimage_chunksize.rb a HTTP -> an HTTP (http://www.english-zone.com/grammar/a-anlessn.html) 2010-06-11 16:12:05 +00:00
ms08_041_snapshotviewer.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
ms08_053_mediaencoder.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
ms08_070_visual_studio_msmask.rb add some MSB numbers that were missing, rename ms08-070 msmask32 module 2010-06-15 23:49:17 +00:00
ms08_078_xml_corruption.rb stop using some older exploits in browser_autopwn in favor of ie_behaviors which works on more versions 2010-07-12 02:51:50 +00:00
ms09_002_memory_corruption.rb stop using some older exploits in browser_autopwn in favor of ie_behaviors which works on more versions 2010-07-12 02:51:50 +00:00
ms09_043_owc_htmlurl.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
ms09_043_owc_msdso.rb add support for OWC11 (from DSR!) 2010-07-20 06:24:19 +00:00
ms09_072_style_object.rb stop using some older exploits in browser_autopwn in favor of ie_behaviors which works on more versions 2010-07-12 02:51:50 +00:00
ms10_002_aurora.rb stop using some older exploits in browser_autopwn in favor of ie_behaviors which works on more versions 2010-07-12 02:51:50 +00:00
ms10_018_ie_behaviors.rb stop using some older exploits in browser_autopwn in favor of ie_behaviors which works on more versions 2010-07-12 02:51:50 +00:00
ms10_018_ie_tabular_activex.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
ms10_022_ie_vbscript_winhlp32.rb fix regexp handling 2010-06-11 17:40:12 +00:00
ms10_042_helpctr_xss_cmd_exec.rb Add reference for the help center bug 2010-07-13 19:31:40 +00:00
ms10_xxx_windows_shell_lnk_execute.rb Looks like my initial testing was wrong - you can trigger this entirely through HTTP with a meta refresh, just not with a 301 (IE only). 2010-07-20 19:54:56 +00:00
msvidctl_mpeg2.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
mswhale_checkforupdates.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
nctaudiofile2_setformatlikesample.rb oops, broke the tree 2010-07-03 01:38:15 +00:00
nis2004_antispam.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
nis2004_get.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
novelliprint_datetime.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
novelliprint_executerequest.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
novelliprint_getdriversettings.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
novelliprint_target_frame.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
oracle_dc_submittoexpress.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
orbit_connecting.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
persits_xupload_traversal.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
realplayer_console.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
realplayer_import.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
realplayer_smil.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
roxio_cineplayer.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
sapgui_saveviewtosessionfile.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
softartisans_getdrivename.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
sonicwall_addrouteentry.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
symantec_altirisdeployment_downloadandinstall.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
symantec_altirisdeployment_runcmd.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
symantec_appstream_unsafe.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
symantec_backupexec_pvcalendar.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
symantec_consoleutilities_browseandsavefile.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
systemrequirementslab_unsafe.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
trendmicro_officescan.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
tumbleweed_filetransfer.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
ultraoffice_httpupload.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
verypdf_pdfview.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
webex_ucf_newobject.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
winamp_playlist_unc.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
winamp_ultravox.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
windvd7_applicationtype.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
winzip_fileview.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
xmplay_asx.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
yahoomessenger_fvcom.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
yahoomessenger_server.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
zenturiprogramchecker_unsafe.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00