adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
936f3de84cf40291237aeacff76f47558ead2e29
metasploit-gs/modules/exploits/windows/browser
T
History
James Lee f4be092ac1 include the CVE with more details that definitely applies to this bug, in addition to the ambiguous one that may or may not 
git-svn-id: file:///home/svn/framework3/trunk@13751 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 03:57:27 +00:00
..
adobe_cooltype_sing.rb
Adding an extra print line to adobe_cooltype_sing that clearly displays the user-agent.
2011-09-17 20:12:51 +00:00
adobe_flashplayer_avm.rb
Mention about the RSA attack in the description, also add a reference for it
2011-09-06 17:22:00 +00:00
adobe_flashplayer_flash10o.rb
ugh, why the extra spaces
2011-08-15 15:34:49 +00:00
adobe_flashplayer_newfunction.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
adobe_flatedecode_predictor02.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
adobe_geticon.rb
big module whitespace/formatting cleanup pass
2010-04-30 08:40:19 +00:00
adobe_jbig2decode.rb
various fixes, mostly consistency changes to disclosure dates
2010-06-15 07:18:08 +00:00
adobe_media_newplayer.rb
big module whitespace/formatting cleanup pass
2010-04-30 08:40:19 +00:00
adobe_shockwave_rcsl_corruption.rb
get_resource() added to 'src' parameter
2011-05-05 22:10:30 +00:00
adobe_utilprintf.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
aim_goaway.rb
add lots of disclosure dates from OSVDB
2010-07-03 03:13:45 +00:00
amaya_bdo.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
aol_ampx_convertfile.rb
big module whitespace/formatting cleanup pass
2010-04-30 08:40:19 +00:00
aol_icq_downloadagent.rb
fix some more titles with periods
2010-11-24 19:35:38 +00:00
apple_itunes_playlist.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
apple_quicktime_marshaled_punk.rb
switch AutoRunScript for InitialAutoRunScript, oops
2011-01-08 00:25:44 +00:00
apple_quicktime_rtsp.rb
fix a couple more silly regex mishaps
2010-05-04 23:09:32 +00:00
apple_quicktime_smil_debug.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
ask_shortformat.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
athocgov_completeinstallation.rb
Mass RE-update: fix all framework URL references
2010-11-11 22:43:22 +00:00
autodesk_idrop.rb
big module whitespace/formatting cleanup pass
2010-04-30 08:40:19 +00:00
aventail_epi_activex.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
awingsoft_web3d_bof.rb
big module whitespace/formatting cleanup pass
2010-04-30 08:40:19 +00:00
awingsoft_winds3d_sceneurl.rb
convert remaining EXE generation to use the mixin, fixes #2017
2010-09-20 04:38:13 +00:00
baofeng_storm_onbeforevideodownload.rb
big module whitespace/formatting cleanup pass
2010-04-30 08:40:19 +00:00
barcode_ax49.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
blackice_downloadimagefileurl.rb
Add BlackIce Cover Page ActiveX downloadimagefileurl exploit
2011-06-21 02:51:39 +00:00
ca_brightstor_addcolumn.rb
various fixes, mostly consistency changes to disclosure dates
2010-06-15 07:18:08 +00:00
chilkat_crypt_writefile.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
cisco_anyconnect_exec.rb
adds support for SSL
2011-06-06 20:15:51 +00:00
citrix_gateway_actx.rb
Add the noobfuscation arg to the heaplib call
2011-09-01 09:00:20 +00:00
communicrypt_mail_activex.rb
increase ranking
2010-07-26 19:30:02 +00:00
creative_software_cachefolder.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
dxstudio_player_exec.rb
big commit - lots of cmdstager changes
2010-05-26 22:39:56 +00:00
ea_checkrequirements.rb
Mass RE-update: fix all framework URL references
2010-11-11 22:43:22 +00:00
ebook_flipviewer_fviewerloading.rb
Format dictatorship round 2: Fix author e-mail format for all exploit modules
2011-07-22 20:17:58 +00:00
enjoysapgui_comp_download.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
enjoysapgui_preparetoposthtml.rb
various fixes, mostly consistency changes to disclosure dates
2010-06-15 07:18:08 +00:00
facebook_extractiptc.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
gom_openurl.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
greendam_url.rb
finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
2010-03-10 05:58:01 +00:00
hp_easy_printer_care_xmlsimpleaccessor.rb
cleaned up some column width issues, added on_new_session clean up code to remove files
2011-08-20 17:47:03 +00:00
hp_loadrunner_addfile.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
hp_loadrunner_addfolder.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
hpmqc_progcolor.rb
big module whitespace/formatting cleanup pass
2010-04-30 08:40:19 +00:00
hyleos_chemviewx_activex.rb
add 3 easy ftp server exploits, 1 chemview activex
2010-07-27 02:25:15 +00:00
ibmegath_getxmlvalue.rb
Mass RE-update: fix all framework URL references
2010-11-11 22:43:22 +00:00
ibmlotusdomino_dwa_uploadmodule.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
ie_createobject.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
ie_iscomponentinstalled.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
ie_unsafe_scripting.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
java_basicservice_impl.rb
accept a client argument for get_uri()
2011-01-22 00:16:57 +00:00
java_codebase_trust.rb
oops, broke the LIBPATH option
2011-03-18 01:18:18 +00:00
java_docbase_bof.rb
switch AutoRunScript for InitialAutoRunScript, oops
2011-01-08 00:25:44 +00:00
java_ws_arginject_altjvm.rb
include the CVE with more details that definitely applies to this bug, in addition to the ambiguous one that may or may not
2011-09-18 03:57:27 +00:00
juniper_sslvpn_ive_setupdll.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
kazaa_altnet_heap.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
logitechvideocall_start.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
lpviewer_url.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
macrovision_downloadandexecute.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
macrovision_unsafe.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
mcafee_mcsubmgr_vsprintf.rb
add lots of disclosure dates from OSVDB
2010-07-03 03:13:45 +00:00
mcafeevisualtrace_tracetarget.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
mirc_irc_url.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
mozilla_interleaved_write.rb
Allow JavaScript obfuscation as an option
2011-08-11 22:18:25 +00:00
mozilla_mchannel.rb
fix tabs
2011-08-19 16:58:50 +00:00
mozilla_nstreerange.rb
Allow JavaScript obfuscation as an option
2011-08-13 02:28:49 +00:00
ms03_020_ie_objecttype.rb
Comment update (this is still for the egghunter fix: bug #4552)
2011-05-18 19:50:22 +00:00
ms06_001_wmf_setabortproc.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
ms06_013_createtextrange.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
ms06_055_vml_method.rb
add lots of disclosure dates from OSVDB
2010-07-03 03:13:45 +00:00
ms06_057_webview_setslice.rb
add lots of disclosure dates from OSVDB
2010-07-03 03:13:45 +00:00
ms06_067_keyframe.rb
style compliance fixes
2010-07-16 02:33:25 +00:00
ms06_071_xml_core.rb
add lots of disclosure dates from OSVDB
2010-07-03 03:13:45 +00:00
ms07_017_ani_loadimage_chunksize.rb
move riff support from ani_loadimage browser sploit to mixin
2010-08-12 16:56:41 +00:00
ms08_041_snapshotviewer.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
ms08_053_mediaencoder.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
ms08_070_visual_studio_msmask.rb
fix some more titles with periods
2010-11-24 19:35:38 +00:00
ms08_078_xml_corruption.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
ms09_002_memory_corruption.rb
Disclosure date change
2011-04-21 15:45:07 +00:00
ms09_043_owc_htmlurl.rb
big module whitespace/formatting cleanup pass
2010-04-30 08:40:19 +00:00
ms09_043_owc_msdso.rb
style compliance fixes
2010-07-20 23:28:47 +00:00
ms09_072_style_object.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
ms10_002_aurora.rb
Changed disclosure date
2011-04-21 02:10:40 +00:00
ms10_018_ie_behaviors.rb
MS10-018, y u no InitialAutoRunScript
2011-07-10 07:02:38 +00:00
ms10_018_ie_tabular_activex.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
ms10_022_ie_vbscript_winhlp32.rb
missed a couple exe generater includes
2010-09-28 16:19:50 +00:00
ms10_026_avi_nsamplespersec.rb
Specify UUID offset for the custom .Net binary
2011-08-13 02:15:05 +00:00
ms10_042_helpctr_xss_cmd_exec.rb
rename generate_exe -> generate_payload_exe
2010-09-20 04:37:25 +00:00
ms10_046_shortcut_icon_dllloader.rb
big exe/dll update, see #2017
2010-09-21 00:13:30 +00:00
ms10_090_ie_css_clip.rb
out with the new, in with the old. css_clip is pretty unreliable in my tests, go back to using ie_behaviors in browser autopwn
2011-05-19 16:33:55 +00:00
ms11_003_ie_css_import.rb
Allow JavaScript obfuscation as an option
2011-08-11 18:47:21 +00:00
ms11_050_mshtml_cobjectelement.rb
Correct variable use in heap spray js function
2011-09-15 22:37:13 +00:00
msvidctl_mpeg2.rb
big module whitespace/formatting cleanup pass
2010-04-30 08:40:19 +00:00
mswhale_checkforupdates.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
nctaudiofile2_setformatlikesample.rb
oops, broke the tree
2010-07-03 01:38:15 +00:00
nis2004_antispam.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
nis2004_get.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
novelliprint_callbackurl.rb
add two exploits from Trancer! woot!
2010-09-21 18:46:29 +00:00
novelliprint_datetime.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
novelliprint_executerequest_dbg.rb
add two exploits from Trancer! woot!
2010-09-21 18:46:29 +00:00
novelliprint_executerequest.rb
add two exploits from Trancer! woot!
2010-09-21 18:46:29 +00:00
novelliprint_getdriversettings_2.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
novelliprint_getdriversettings.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
novelliprint_target_frame.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
oracle_dc_submittoexpress.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
orbit_connecting.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
persits_xupload_traversal.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
real_arcade_installerdlg.rb
Updated vbs stager temp var
2011-04-09 18:24:43 +00:00
realplayer_cdda_uri.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
realplayer_console.rb
various fixes, mostly consistency changes to disclosure dates
2010-06-15 07:18:08 +00:00
realplayer_import.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
realplayer_qcp.rb
Add fix commit url to reference. Thx jduck!
2011-09-17 06:48:33 +00:00
realplayer_smil.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
roxio_cineplayer.rb
big module whitespace/formatting cleanup pass
2010-04-30 08:40:19 +00:00
sapgui_saveviewtosessionfile.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
softartisans_getdrivename.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
sonicwall_addrouteentry.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
symantec_altirisdeployment_downloadandinstall.rb
fix date
2011-04-21 11:12:34 +00:00
symantec_altirisdeployment_runcmd.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
symantec_appstream_unsafe.rb
fix some more titles with periods
2010-11-24 19:35:38 +00:00
symantec_backupexec_pvcalendar.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
symantec_consoleutilities_browseandsavefile.rb
Mass RE-update: fix all framework URL references
2010-11-11 22:43:22 +00:00
systemrequirementslab_unsafe.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
teechart_pro.rb
missing var
2011-08-13 02:05:08 +00:00
trendmicro_extsetowner.rb
add trendmicro extsetowner exploit from Trancer
2010-10-04 04:26:09 +00:00
trendmicro_officescan.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
tumbleweed_filetransfer.rb
various fixes, mostly consistency changes to disclosure dates
2010-06-15 07:18:08 +00:00
ultraoffice_httpupload.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
verypdf_pdfview.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
vlc_amv.rb
Exploit is much more reliable than before, it gets a promotion
2011-08-12 19:17:23 +00:00
webdav_dll_hijacker.rb
handle dirs and index.html specially
2010-09-24 01:11:05 +00:00
webex_ucf_newobject.rb
tons of indentation fixes, some other style tweaks
2010-09-20 08:06:27 +00:00
winamp_playlist_unc.rb
big module whitespace/formatting cleanup pass
2010-04-30 08:40:19 +00:00
winamp_ultravox.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
windvd7_applicationtype.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
winzip_fileview.rb
play a little nicer with browser autopwn by not spraying the heap if creating the vulnerable object failed
2011-05-19 19:45:14 +00:00
wmi_admintools.rb
add CVE reference
2011-01-14 16:25:37 +00:00
xmplay_asx.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
yahoomessenger_fvcom.rb
stop perpetuating the ambiguity!
2010-05-09 17:45:00 +00:00
yahoomessenger_server.rb
reverting the disclosure dates for now need to clean up the patch
2011-05-04 20:43:19 +00:00
zenturiprogramchecker_unsafe.rb
fix some more titles with periods
2010-11-24 19:35:38 +00:00