Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

SHELLCODE: JavaScript Multiple FromCharCode Function Calls

This signature detects JavaScript that includes multiple calls for the FromCharCode function. This function is generally used to obfuscate malicious JavaScript code and as such such scripts are suspicious. It can be an indication of an attempt to exploit a browser vulnerability. Successful attacks could result in arbitrary code execution or denial of service.

References

URL: http://blog.sucuri.net/2012/12/website-malware-drupal-iframe-injections-stealing-user-cookies.html

Short Name

SHELLCODE:JS:FROMCHARCODE

Severity

Major

Recommended

False

Recommended Action

Drop

Category

SHELLCODE

Keywords

Calls FromCharCode Function JavaScript Multiple

Release Date

01/17/2013

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3375

False Positive

Unknown