description updated and reference added

Author: jvazquez-r7

modules/exploits/windows/browser/ie_cdwnbindinfo_uaf.rb

@@ -18,10 +18,9 @@ def initialize(info={})
 			'Name'           => "Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free Vulnerability",
 			'Description'    => %q{
 					This module exploits a vulnerability found in Microsoft Internet Explorer. A
-				use-after-free condition occurs when a CDwnBindInfo object is freed by
-				FollowHyperlink2, but a reference is kept in CDoc.  As a result, when the reference
-				is used again during a page reload, an invalid memory that's controllable is used,
-				and allows arbitrary code execution under the context of the user.
+				use-after-free condition occurs when a CButton object is freed, but a reference
+				is kept and used again during a page reload, an invalid memory that's controllable
+				is used, and allows arbitrary code execution under the context of the user.
 
 					Please note: This vulnerability has been exploited in the wild targeting
 				mainly China/Taiwan/and US-based computers.
@@ -40,7 +39,8 @@ def initialize(info={})
 					[ 'URL', 'http://blog.fireeye.com/research/2012/12/council-foreign-relations-water-hole-attack-details.html'],
 					[ 'URL', 'http://eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/'],
 					[ 'URL', 'http://blog.vulnhunt.com/index.php/2012/12/29/new-ie-0day-coming-mshtmlcdwnbindinfo-object-use-after-free-vulnerability/' ],
-					[ 'URL', 'http://technet.microsoft.com/en-us/security/advisory/2794220' ]
+					[ 'URL', 'http://technet.microsoft.com/en-us/security/advisory/2794220' ],
+					[ 'URL', 'http://blogs.technet.com/b/srd/archive/2012/12/29/new-vulnerability-affecting-internet-explorer-8-users.aspx' ]
 				],
 			'Payload'        =>
 				{