[Emerging-Sigs] Android - CVE-2014-6041

Jaime Blasco jaime.blasco at alienvault.com
Mon Sep 15 17:32:18 EDT 2014


https://community.rapid7.com/community/metasploit/blog

Proposed sig:

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET CURRENT_EVENTS
Possible Android CVE-2014_6041"; flow:from_server,established;
content:"|5c|u0000javascript:"; nocase; reference:url,
1337day.com/exploit/22581; classtype:trojan-activity; sid:1111111; rev:1;)

Regards
-- 
_______________________________

Jaime Blasco

AlienVault Labs Director

www.ossim.com
labs.alienvault.com
Email: jaime.blasco at alienvault.com

http://twitter.com/jaimeblascob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20140915/7332635e/attachment.html>


More information about the Emerging-sigs mailing list