ET CURRENT_EVENTS Possible J7u21 click2play bypass

SID: 2017509Rev: 20 views
History
Sourceet/open
CreatedSeptember 24, 2013
UpdatedJuly 26, 2019
Classificationattempted-user
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible J7u21 click2play bypass"; flow:established,to_client; file_data; content:"<jfx|3a|"; nocase; content:"preloader-class"; nocase; content:"<jnlp"; nocase; classtype:attempted-user; sid:2017509; rev:2; metadata:created_at 2013_09_24, confidence Medium, signature_severity Minor, updated_at 2019_07_26;)

Metadata

created at2013_09_24
confidenceMedium
signature severityMinor
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!