metasploit-framework/modules/exploits/windows/browser
Wei Chen 4f4c0bc0be Add CVE-2011-2371 Firefox Array.reduceRight() vuln
git-svn-id: file:///home/svn/framework3/trunk@13909 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 03:16:15 +00:00
..
adobe_cooltype_sing.rb Adding an extra print line to adobe_cooltype_sing that clearly displays the user-agent. 2011-09-17 20:12:51 +00:00
adobe_flashplayer_avm.rb Mention about the RSA attack in the description, also add a reference for it 2011-09-06 17:22:00 +00:00
adobe_flashplayer_flash10o.rb Found an instance that causes the win 7 target to fail. This fix corrects it. 2011-09-27 08:55:07 +00:00
adobe_flashplayer_newfunction.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
adobe_flatedecode_predictor02.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
adobe_geticon.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
adobe_jbig2decode.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
adobe_media_newplayer.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
adobe_shockwave_rcsl_corruption.rb get_resource() added to 'src' parameter 2011-05-05 22:10:30 +00:00
adobe_utilprintf.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
aim_goaway.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
amaya_bdo.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
aol_ampx_convertfile.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
aol_icq_downloadagent.rb fix some more titles with periods 2010-11-24 19:35:38 +00:00
apple_itunes_playlist.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
apple_quicktime_marshaled_punk.rb switch AutoRunScript for InitialAutoRunScript, oops 2011-01-08 00:25:44 +00:00
apple_quicktime_rtsp.rb fix a couple more silly regex mishaps 2010-05-04 23:09:32 +00:00
apple_quicktime_smil_debug.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ask_shortformat.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
athocgov_completeinstallation.rb Mass RE-update: fix all framework URL references 2010-11-11 22:43:22 +00:00
autodesk_idrop.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
aventail_epi_activex.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
awingsoft_web3d_bof.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
awingsoft_winds3d_sceneurl.rb convert remaining EXE generation to use the mixin, fixes #2017 2010-09-20 04:38:13 +00:00
baofeng_storm_onbeforevideodownload.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
barcode_ax49.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
blackice_downloadimagefileurl.rb Add BlackIce Cover Page ActiveX downloadimagefileurl exploit 2011-06-21 02:51:39 +00:00
ca_brightstor_addcolumn.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
chilkat_crypt_writefile.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
cisco_anyconnect_exec.rb adds support for SSL 2011-06-06 20:15:51 +00:00
citrix_gateway_actx.rb Add the noobfuscation arg to the heaplib call 2011-09-01 09:00:20 +00:00
communicrypt_mail_activex.rb increase ranking 2010-07-26 19:30:02 +00:00
creative_software_cachefolder.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
dxstudio_player_exec.rb big commit - lots of cmdstager changes 2010-05-26 22:39:56 +00:00
ea_checkrequirements.rb Mass RE-update: fix all framework URL references 2010-11-11 22:43:22 +00:00
ebook_flipviewer_fviewerloading.rb Format dictatorship round 2: Fix author e-mail format for all exploit modules 2011-07-22 20:17:58 +00:00
enjoysapgui_comp_download.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
enjoysapgui_preparetoposthtml.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
facebook_extractiptc.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
gom_openurl.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
greendam_url.rb finished periodic missing CVE reference check (hint vulns w/o CVEs here!) 2010-03-10 05:58:01 +00:00
hp_easy_printer_care_xmlsimpleaccessor.rb cleaned up some column width issues, added on_new_session clean up code to remove files 2011-08-20 17:47:03 +00:00
hp_loadrunner_addfile.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
hp_loadrunner_addfolder.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
hpmqc_progcolor.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
hyleos_chemviewx_activex.rb add 3 easy ftp server exploits, 1 chemview activex 2010-07-27 02:25:15 +00:00
ibmegath_getxmlvalue.rb Mass RE-update: fix all framework URL references 2010-11-11 22:43:22 +00:00
ibmlotusdomino_dwa_uploadmodule.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
ie_createobject.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ie_iscomponentinstalled.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
ie_unsafe_scripting.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
java_basicservice_impl.rb accept a client argument for get_uri() 2011-01-22 00:16:57 +00:00
java_codebase_trust.rb oops, broke the LIBPATH option 2011-03-18 01:18:18 +00:00
java_docbase_bof.rb switch AutoRunScript for InitialAutoRunScript, oops 2011-01-08 00:25:44 +00:00
java_ws_arginject_altjvm.rb include the CVE with more details that definitely applies to this bug, in addition to the ambiguous one that may or may not 2011-09-18 03:57:27 +00:00
juniper_sslvpn_ive_setupdll.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
kazaa_altnet_heap.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
logitechvideocall_start.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
lpviewer_url.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
macrovision_downloadandexecute.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
macrovision_unsafe.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
mcafee_mcsubmgr_vsprintf.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
mcafeevisualtrace_tracetarget.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
mirc_irc_url.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
mozilla_interleaved_write.rb Allow JavaScript obfuscation as an option 2011-08-11 22:18:25 +00:00
mozilla_mchannel.rb fix tabs 2011-08-19 16:58:50 +00:00
mozilla_nstreerange.rb Allow JavaScript obfuscation as an option 2011-08-13 02:28:49 +00:00
mozilla_reduceright.rb Add CVE-2011-2371 Firefox Array.reduceRight() vuln 2011-10-13 03:16:15 +00:00
ms03_020_ie_objecttype.rb Comment update (this is still for the egghunter fix: bug #4552) 2011-05-18 19:50:22 +00:00
ms06_001_wmf_setabortproc.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
ms06_013_createtextrange.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ms06_055_vml_method.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
ms06_057_webview_setslice.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
ms06_067_keyframe.rb style compliance fixes 2010-07-16 02:33:25 +00:00
ms06_071_xml_core.rb add lots of disclosure dates from OSVDB 2010-07-03 03:13:45 +00:00
ms07_017_ani_loadimage_chunksize.rb move riff support from ani_loadimage browser sploit to mixin 2010-08-12 16:56:41 +00:00
ms08_041_snapshotviewer.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
ms08_053_mediaencoder.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
ms08_070_visual_studio_msmask.rb fix some more titles with periods 2010-11-24 19:35:38 +00:00
ms08_078_xml_corruption.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ms09_002_memory_corruption.rb Disclosure date change 2011-04-21 15:45:07 +00:00
ms09_043_owc_htmlurl.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
ms09_043_owc_msdso.rb style compliance fixes 2010-07-20 23:28:47 +00:00
ms09_072_style_object.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ms10_002_aurora.rb Changed disclosure date 2011-04-21 02:10:40 +00:00
ms10_018_ie_behaviors.rb MS10-018, y u no InitialAutoRunScript 2011-07-10 07:02:38 +00:00
ms10_018_ie_tabular_activex.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ms10_022_ie_vbscript_winhlp32.rb missed a couple exe generater includes 2010-09-28 16:19:50 +00:00
ms10_026_avi_nsamplespersec.rb Specify UUID offset for the custom .Net binary 2011-08-13 02:15:05 +00:00
ms10_042_helpctr_xss_cmd_exec.rb rename generate_exe -> generate_payload_exe 2010-09-20 04:37:25 +00:00
ms10_046_shortcut_icon_dllloader.rb big exe/dll update, see #2017 2010-09-21 00:13:30 +00:00
ms10_090_ie_css_clip.rb out with the new, in with the old. css_clip is pretty unreliable in my tests, go back to using ie_behaviors in browser autopwn 2011-05-19 16:33:55 +00:00
ms11_003_ie_css_import.rb Allow JavaScript obfuscation as an option 2011-08-11 18:47:21 +00:00
ms11_050_mshtml_cobjectelement.rb Fix JS 2011-09-21 03:13:45 +00:00
msvidctl_mpeg2.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
mswhale_checkforupdates.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
nctaudiofile2_setformatlikesample.rb oops, broke the tree 2010-07-03 01:38:15 +00:00
nis2004_antispam.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
nis2004_get.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
novelliprint_callbackurl.rb add two exploits from Trancer! woot! 2010-09-21 18:46:29 +00:00
novelliprint_datetime.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
novelliprint_executerequest.rb add two exploits from Trancer! woot! 2010-09-21 18:46:29 +00:00
novelliprint_executerequest_dbg.rb add two exploits from Trancer! woot! 2010-09-21 18:46:29 +00:00
novelliprint_getdriversettings.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
novelliprint_getdriversettings_2.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
novelliprint_target_frame.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
oracle_dc_submittoexpress.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
orbit_connecting.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
pcvue_func.rb Add PcVue 10 LoadObject/SaveObject vuln (Feature #5647) 2011-10-12 10:57:31 +00:00
persits_xupload_traversal.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
real_arcade_installerdlg.rb Updated vbs stager temp var 2011-04-09 18:24:43 +00:00
realplayer_cdda_uri.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
realplayer_console.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
realplayer_import.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
realplayer_qcp.rb Add fix commit url to reference. Thx jduck! 2011-09-17 06:48:33 +00:00
realplayer_smil.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
roxio_cineplayer.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
sapgui_saveviewtosessionfile.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
softartisans_getdrivename.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
sonicwall_addrouteentry.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
symantec_altirisdeployment_downloadandinstall.rb fix date 2011-04-21 11:12:34 +00:00
symantec_altirisdeployment_runcmd.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
symantec_appstream_unsafe.rb fix some more titles with periods 2010-11-24 19:35:38 +00:00
symantec_backupexec_pvcalendar.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
symantec_consoleutilities_browseandsavefile.rb Mass RE-update: fix all framework URL references 2010-11-11 22:43:22 +00:00
systemrequirementslab_unsafe.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
teechart_pro.rb missing var 2011-08-13 02:05:08 +00:00
trendmicro_extsetowner.rb add trendmicro extsetowner exploit from Trancer 2010-10-04 04:26:09 +00:00
trendmicro_officescan.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
tumbleweed_filetransfer.rb various fixes, mostly consistency changes to disclosure dates 2010-06-15 07:18:08 +00:00
ultraoffice_httpupload.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
verypdf_pdfview.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
vlc_amv.rb Exploit is much more reliable than before, it gets a promotion 2011-08-12 19:17:23 +00:00
webdav_dll_hijacker.rb handle dirs and index.html specially 2010-09-24 01:11:05 +00:00
webex_ucf_newobject.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
winamp_playlist_unc.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
winamp_ultravox.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
windvd7_applicationtype.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
winzip_fileview.rb play a little nicer with browser autopwn by not spraying the heap if creating the vulnerable object failed 2011-05-19 19:45:14 +00:00
wmi_admintools.rb add CVE reference 2011-01-14 16:25:37 +00:00
xmplay_asx.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
yahoomessenger_fvcom.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
yahoomessenger_server.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
zenturiprogramchecker_unsafe.rb fix some more titles with periods 2010-11-24 19:35:38 +00:00