HTTP: Java User-Agent Flowbit Set
This signature detects an attempt to download exploits from malicious exploit kits that may compromise a computer through various vendor vulnerabilities. Exploit kits are very specific type of toolkits which are being used by cybercriminals to deliver other pieces of malware.
Extended Description
SQL injection vulnerability in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request.
Affected Products
Broadcom symantec_critical_system_protection
References
CVE: CVE-2014-7289
Short Name
HTTP:EXPLOIT-KIT-JAVA-USR-AGENT
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2014-7289 Flowbit Java Set User-Agent
Release Date
10/15/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Rarely
Vendors
Broadcom
Symantec
CVSS Score
6.5