""ET WEB_CLIENT Spectre Kernel Memory Leakage JavaScript (POC Based)""
SID: 2025184
Revision: 4
Class Type: attempted-user
Metadata: affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2018_01_04, cve CVE_2017_5753, deployment Perimeter, signature_severity Major, updated_at 2018_02_06
Reference:
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: $HTTP_PORTS
Destination Network: $HOME_NET
Destination Port: any
Flow: established,from_server
Contents:
-
Value: "<script"
-
Value: "|3c 20|simpleByteArray.length|29|"
-
Value: "simpleByteArray|5b|"
-
Value: "|2a 20|TABLE1_STRIDE|29 7c 30 29 20 26 20 28|TABLE1_BYTES-1|29|"
-
Value: "|5e 3d 20|probeTable|5b|"
-
Value: "|7c 30 5d 7c 30 3b|"
Within: 50
PCRE:
Special Options:
-
file_data
-
fast_pattern