File tree Expand file tree Collapse file tree 1 file changed +5
-4
lines changed
modules/exploits/multi/browser Expand file tree Collapse file tree 1 file changed +5
-4
lines changed Original file line number Diff line number Diff line change @@ -22,10 +22,11 @@ def initialize( info = {} )
2222 super ( update_info ( info ,
2323 'Name' => 'Java Applet Reflection Type Confusion Remote Code Execution' ,
2424 'Description' => %q{
25- This module abuses Java Reflection to generate a Type Confusion and run code
26- outside of the Java Sandbox. The vulnerability affects Java version 7u17 and earlier.
27- This exploit doesn't bypass click-to-play, so the user must accept the java warning
28- in order to run the malicious applet.
25+ This module abuses Java Reflection to generate a Type Confusion, due to a weak
26+ access control when setting final fields on static classes, and run code outside of
27+ the Java Sandbox. The vulnerability affects Java version 7u17 and earlier. This
28+ exploit doesn't bypass click-to-play, so the user must accept the java warning in
29+ order to run the malicious applet.
2930 } ,
3031 'License' => MSF_LICENSE ,
3132 'Author' =>
You can’t perform that action at this time.
0 commit comments