Updated exploit ranking and description to reflect the new ranking

git-svn-id: file:///home/svn/framework3/trunk@12151 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 19:33:38 +00:00 · 2011-03-26 19:33:38 +00:00 · 349512f48d
parent 35c33020ca
commit 349512f48d
1 changed files with 6 additions and 2 deletions
--- a/modules/exploits/windows/browser/adobe_flashplayer_avm.rb
+++ b/modules/exploits/windows/browser/adobe_flashplayer_avm.rb
@ -12,7 +12,7 @@
 require 'msf/core'

 class Metasploit3 < Msf::Exploit::Remote
-	Rank = NormalRanking
+	Rank = GoodRanking

 	include Msf::Exploit::Remote::HttpServer::HTML

@ -26,7 +26,11 @@ class Metasploit3 < Msf::Exploit::Remote

 					Specifically, this issue results in uninitialized memory being referenced and later 
 				executed. Taking advantage of this issue relies on heap spraying and controlling the
-				uninitialized memory.
+				uninitialized memory. 
+
+					Currently this exploit works for IE6, IE7, and Firefox 3.6 and likely several 
+				other browsers. DEP does catch the exploit and causes it to fail. Due to the nature
+				of the uninitialized memory its fairly difficult to get around this restriction.
 				},
 			'License'        => MSF_LICENSE,
 			'Author'         =>