The IDS alert comes in the web client rules classification. It is an “overflow exploit” rule that is being flagged in this case.
The potentially suspicious files all have eval packed as initialization of function pointer to JavaScript method fromCharCode
But this should come to play in combination with an iFrame:
http://www.quttera.com/detailed_report/www.fluffheaven.com#ReportTabPotSusp