update documentation with note about Firefox 82.0.1
This commit is contained in:
parent
4e5cd8693d
commit
579811418f
|
@ -6,15 +6,16 @@ in an exploitable use-after-free condition.
|
|||
|
||||
This exploit uses a somewhat novel technique of spraying ArgumentsData
|
||||
structures in order to construct primitives. The shellcode is forced into
|
||||
executable memory via the JIT compiler, and executed by writing to the
|
||||
JIT region pointer.
|
||||
executable memory via the JIT compiler, and executed by writing to the JIT
|
||||
region pointer.
|
||||
|
||||
This exploit does not contain a sandbox escape, so firefox must be run
|
||||
with the MOZ_DISABLE_CONTENT_SANDBOX environment variable set, in order
|
||||
for the shellcode to run successfully.
|
||||
|
||||
This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and
|
||||
Thunderbird < 78.4.2.
|
||||
Thunderbird < 78.4.2, however only Firefox < 82 is supported as a target.
|
||||
Additional work may be needed to support other versions such as Firefox 82.0.1.
|
||||
|
||||
**Vulnerable Application Installation Steps**
|
||||
|
||||
|
|
|
@ -20,15 +20,16 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
|
||||
This exploit uses a somewhat novel technique of spraying ArgumentsData
|
||||
structures in order to construct primitives. The shellcode is forced into
|
||||
executable memory via the JIT compiler, and executed by writing to the
|
||||
JIT region pointer.
|
||||
executable memory via the JIT compiler, and executed by writing to the JIT
|
||||
region pointer.
|
||||
|
||||
This exploit does not contain a sandbox escape, so firefox must be run
|
||||
with the MOZ_DISABLE_CONTENT_SANDBOX environment variable set, in order
|
||||
for the shellcode to run successfully.
|
||||
|
||||
This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and
|
||||
Thunderbird < 78.4.2.
|
||||
Thunderbird < 78.4.2, however only Firefox <= 79 is supported as a target.
|
||||
Additional work may be needed to support other versions such as Firefox 82.0.1.
|
||||
},
|
||||
'License' => MSF_LICENSE,
|
||||
'Author' => [
|
||||
|
|
Loading…
Reference in New Issue