HTTP: Various Exploit Kit Landing Page

This signature detects an attempt to download exploits from malicious exploit kits that may compromise a computer through various vendor vulnerabilities. Exploit kits are very specific type of toolkits which are being used by cybercriminals to deliver other pieces of malware.

Extended Description

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.

References

CVE: CVE-2013-1493

Short Name
HTTP:EK-LANDING-PAGE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2007-5659 CVE-2008-0655 CVE-2008-2992 CVE-2008-5353 CVE-2009-3867 CVE-2011-2140 CVE-2011-3544 CVE-2012-0634 CVE-2012-1723 CVE-2012-1889 CVE-2012-4681 CVE-2012-4792 CVE-2013-1493 Exploit Kit Landing Page Various
Release Date
11/15/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3339
False Positive
Unknown
CVSS Score

9.3

7.6

10.0

Found a potential security threat?