Check Point Reference: | CPAI-2015-0438 |
Date Published: | 11 Mar 2015 |
Severity: | Critical |
Last Updated: | Sunday 30 April, 2017 |
Source: | |
Protection Provided by: |
Security Gateway |
Who is Vulnerable? | Web Clients |
Vulnerability Description | An attacker might utilize various evasion technique in order to evade detection by IPS devices. |
This protection will detect and block JavaScripts which exhibit irregular patterns, indicating the use of evasion techniques. These techniques are used by KaiXin Exploit Kit, as well as in other exploit kit landing pages.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Web Client Enforcement Violation.
Attack Information: JavaScript String Inflation Evasion