LowProventia Desktop, Proventia Network IPS, BlackICE PC Protection, RealSecure Network, RealSecure Server Sensor, Proventia-G 1.1 and earlier, Proventia Network IDS, IBM Security Server Protection for Windows, BlackICE Server Protection, Proventia Network MFS, Proventia Server IPS for Linux technology, Virtual Server Protection for Vmware:
This signature detects a PDF file containing embedded JavaScript specified as a hexadecimal literal or hexadecimal stream, which seems rather odd and may be an attempt to thwart detection of an exploit through obfuscation.
This signature detects a PDF file containing embedded JavaScript specified as a hexadecimal literal, which seems rather odd and may be an attempt to thwart detection of an exploit through obfuscation.
Low
Proventia Desktop: 2310, Proventia Network IPS: XPU 28.170, BlackICE PC Protection: 3.6crk, RealSecure Network: XPU 28.170, RealSecure Server Sensor: XPU 28.170, Proventia-G 1.1 and earlier: XPU 28.170, Proventia Network IDS: XPU 28.170, IBM Security Server Protection for Windows: 1.0.914.2310, IBM Security Server Protection for Windows: 2.0.300.2310, BlackICE Server Protection: 3.6.crk, Proventia Network MFS: XPU 28.170, IBM Security Server Protection for Windows: 2.1.14.2400, Proventia Server IPS for Linux technology: 28.170, Virtual Server Protection for Vmware: 1.0
PDF PDF
Suspicious Activity
PDF (Portable Document Format) is a file format used for document portability. A PDF file containing embedded JavaScript specified as a hexadecimal literal has been detected.
This check is for informational purposes only.
ISS X-Force
PDF containing embedded JavaScript specified as hexadecimal literal detected
http://www.iss.net/security_center/static/45832.php