HTTP: Malicious Javascript CookieBomb Attack
This signature detects a known technique to drop malicious contents via a victim's browser through specially crafted obfuscated JavaScript. The JavaScript looks for specific cookie values and malicious code is only executed once certain conditions are met. This technique is where an attacker will compromise a normally benign website and adds malicious content without the site's owner being aware of it. A successful attack would result in a complete compromise of the viewing user's browser.
Short Name
HTTP:STC:SCRIPT:COOKIE-BOMB
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Attack CookieBomb Javascript Malicious
Release Date
10/07/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3324
False Positive
Unknown