diff --git a/modules/exploits/local_host/ie_ms12_004_midi/config.yaml b/modules/exploits/local_host/ie_ms12_004_midi/config.yaml
index 5f3a45e9c..d739a288d 100644
--- a/modules/exploits/local_host/ie_ms12_004_midi/config.yaml
+++ b/modules/exploits/local_host/ie_ms12_004_midi/config.yaml
@@ -14,10 +14,10 @@ beef:
enable: true
category: ["Exploits", "Local Host"]
name: "IE MS12-004 midiOutPlayNextPolyEvent Heap Overflow"
- description: "This module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control.
This exploit has been ported directly from ms12_004_midi.rb from Metasploit, however it has limited target support (IE 6-7 on WinXP SP3 only) and limited payloads (bind shell on port 4444 only).
For more granular control over browser based Metasploit exploits using BeEF, refer to the Metasploit Integration for BeEF page on the wiki."
+ description: "This module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control.
This exploit has been ported from ms12_004_midi.rb from Metasploit, however it has limited target support and limited payloads
Targets: IE6-IE7 on WinXP SP2-SP3
Payloads: bind shell on port 4444
For more browser based Metasploit exploits and payloads refer to the Metasploit Integration for BeEF page on the wiki."
authors: ['Shane Garrett', 'juan vazquez', 'sinn3r']
target:
- working:
+ user_notify:
IE:
min_ver: 6
max_ver: 7