Check Point Advisories

Infinity Exploit Kit Remote Code Execution

Check Point Reference: CPAI-2014-1622
Date Published: 28 Jul 2014
Severity: High
Last Updated: 28 Jul 2014
Source: CVE-2014-0322
Protection Provided by:

Security Gateway

  • R76
  • R75

  • Who is Vulnerable? Firefox
    Internet Explorer
    Vulnerability Description Infinity is a web exploit kit that operates by delivering a malicious payload to the victim's computer. Remote attackers can infect users with Infinity exploit kit by enticing them to visit a malicious web page. Infinity Exploit Kit installs payloads on infected computer, which could result in data leakage and remote code execution.

    Protection Overview

    This protection will detect and block Infinity exploit kit infection attempts.

    In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.

    Security Gateway R77 / R76 / R75 / R71 / R70

    1. In the IPS tab, click Protections and find the Infinity Exploit Kit Remote Code Execution protection using the Search tool and Edit the protection's settings.
    2. Install policy on all modules.

    SmartView Tracker will log the following entries:

    Attack Name:  Content Protection Violation.
    Attack Information:  Infinity Exploit Kit Remote Code Execution