""ET MOBILE_MALWARE Possible Android CVE-2014-6041""

SID: 2020398

Revision: 3

Class Type: attempted-user

Metadata: created_at 2015_02_12, cve CVE_2014_6041, updated_at 2019_08_15

Reference:

• Link

Protocol: tcp

Source Network: $EXTERNAL_NET

Source Port: $HTTP_PORTS

Destination Network: $HOME_NET

Destination Port: any

Flow: from_server,established

Contents:

• Value: "|5c|u0020javascript|3a|"

Within:

PCRE:

Special Options:

• file_data

• nocase

source