MediumProventia Desktop, Proventia Network IPS, RealSecure Network, RealSecure Server Sensor, Proventia Network MFS, Proventia-G 1.1 and earlier, Proventia Network IDS, IBM Security Server Protection for Windows, Proventia Server IPS for Linux technology, Virtual Server Protection for Vmware:
This signature detects the transfer of a file containing JavaScript code that tries to obfuscate certain keywords in an attempt to conceal the actions of the script.
Proventia Desktop, Proventia Network IPS, RealSecure Network, RealSecure Server Sensor, Proventia Network MFS, Proventia-G 1.1 and earlier, Proventia Network IDS, IBM Security Server Protection for Windows, Proventia Server IPS for Linux technology, Virtual Server Protection for Vmware: It is not possible to determine if the code that triggers this event is malicious, it may be well-formed obfuscated code designed to hide intellectual property.
Medium
Proventia Desktop: 2410, Proventia Network IPS: XPU 29.070, RealSecure Network: XPU 29.070, RealSecure Server Sensor: XPU 29.070, Proventia Network MFS: XPU 29.070, Proventia-G 1.1 and earlier: XPU 29.070, Proventia Network IDS: XPU 29.070, IBM Security Server Protection for Windows: 1.0.914.2410, IBM Security Server Protection for Windows: 2.0.300.2410, IBM Security Server Protection for Windows: 2.1.14.2410, Proventia Server IPS for Linux technology: 29.070, Virtual Server Protection for Vmware: 1.0
Any manufacturer Web browser
Suspicious Activity
This signature detects the transfer of a file containing JavaScript code that tries to obfuscate certain keywords in an attempt to conceal the actions of the script.
No remedy available as of December 4, 2010.
ISS X-Force
Javascript keyword trickery
http://www.iss.net/security_center/static/51449.php