""ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - STSC""

SID: 2021759

Revision: 1

Class Type: attempted-user

Metadata: created_at 2015_09_10, cve CVE_2015_1538, updated_at 2015_09_10

Reference:

• Link

Protocol: tcp

Source Network: $EXTERNAL_NET

Source Port: $HTTP_PORTS

Destination Network: $HOME_NET

Destination Port: any

Flow: established,from_server

Contents:

• Value: "stsc|00 00 00 00 C0 00 00 03|"

• Value: !"|00 00 00 00|"

Within: 4

PCRE: "/^(?P.{4})(?P.{4})(?P=addr2)(?P=addr1)/Rsi"

Special Options:

• file_data

• fast_pattern

source