SHELLCODE: Prepend Encoder Routine Detection Over HTTP (3)
This signature detects improper or malformed HTTP server responses that are lacking a HTTP status code. Section 10 of RFC2616 defines the correct HTTP status codes. This may be an indication of tunneling, an IPS evasion attempt or other malicious activity and should be investigated.
Extended Description
Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings.
Affected Products
Foxitsoftware foxit_reader
References
CVE: CVE-2014-4404
Short Name
SHELLCODE:PREPENDENCODER-HTTP-3
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SHELLCODE
Keywords
(3) CVE-2008-1104 CVE-2014-4404 Detection Encoder HTTP Over Prepend Routine
Release Date
03/23/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3697
False Positive
Unknown
Vendors
Foxitsoftware
CVSS Score
9.3