Land rapid7#5489, @wchen-r7's flash exploit descriptions update

jvazquez-r7 · jvazquez-r7 · commit e151e38181f3 · 2015-06-05T09:01:57.000-05:00
diff --git a/modules/exploits/multi/browser/adobe_flash_net_connection_confusion.rb b/modules/exploits/multi/browser/adobe_flash_net_connection_confusion.rb
@@ -19,9 +19,11 @@ def initialize(info={})
         to corrupt arbitrary memory. It can be used to overwrite dangerous objects, like
         vectors, and finally accomplish remote code execution. This module has been tested
         successfully on:
-        * Windows 7 SP1 (32-bit) with IE 8, IE11 and Adobe Flash 16.0.0.305
-        * Linux Mint "Rebecca" (32 bits), and Ubuntu 14.04.2 LTS with Firefox 33.0 and
-          Adobe Flash 11.2.202.404.
+        * Windows 7 SP1 (32-bit), IE 8, IE11 and Adobe Flash 16.0.0.305.
+        * Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 16.0.0.305.
+        * Windows 8.1, Firefox 38.0.5 and Adobe Flash 16.0.0.305.
+        * Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.424.
+        * Ubuntu 14.04.2 LTS, Firefox 33.0 and Adobe Flash 11.2.202.442.
       },
       'License'             => MSF_LICENSE,
       'Author'              =>
diff --git a/modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb b/modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
@@ -19,7 +19,9 @@ def initialize(info={})
         to uncompress() a malformed byte stream. This module has been tested successfully
         on:
         * Windows 7 SP1 (32 bits), IE 8 to IE 11 and Flash 16.0.0.287, 16.0.0.257 and 16.0.0.235.
-        * Linux Mint "Rebecca" (32 bits) with Firefox 33.0 and Flash 11.2.202.404.
+        * Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 16.0.0.287.
+        * Windows 8.1, Firefox 38.0.5 and Adobe Flash 16.0.0.305.
+        * Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Flash 11.2.202.424.
       },
       'License'             => MSF_LICENSE,
       'Author'              =>
diff --git a/modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb b/modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb
@@ -17,8 +17,10 @@ def initialize(info={})
         This module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs
         in the copyPixelsToByteArray method from the BitmapData object. The position field of the
         destination ByteArray can be used to cause an integer overflow and write contents out of
-        the ByteArray buffer. This module has been tested successfully on Windows 7 SP1 (32-bit),
-        IE 8 to IE 11 and Flash 14.0.0.176, 14.0.0.145, and 14.0.0.125.
+        the ByteArray buffer. This module has been tested successfully on:
+        * Windows 7 SP1 (32-bit), IE 8 to IE 11 and Flash 14.0.0.176, 14.0.0.145, and 14.0.0.125.
+        * Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 14.0.0.179.
+        * Windows 8.1, Firefox 38.0.5 and Adobe Flash 14.0.0.179.
       },
       'License'             => MSF_LICENSE,
       'Author'              =>
