alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Spectre Kernel Memory Leakage JavaScript (POC Based)"; flow:established,from_server; file_data; content:"<script"; content:"|3c 20|simpleByteArray.length|29|"; distance:0; content:"simpleByteArray|5b|"; within:50; content:"|2a 20|TABLE1_STRIDE|29 7c 30 29 20 26 20 28|TABLE1_BYTES-1|29|"; distance:0; fast_pattern; content:"|5e 3d 20|probeTable|5b|"; distance:0; content:"|7c 30 5d 7c 30 3b|"; distance:0; reference:cve,2017-5753; reference:cve,2017-5715; reference:url,spectreattack.com/spectre.pdf; classtype:attempted-user; sid:2025184; rev:4; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2018_01_04, cve CVE_2017_5753, deployment Perimeter, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_09_16, reviewed_at 2024_09_16;)