Sourcefire VRT Rules Update

Date: 2011-11-02

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.1.0.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:20511 <-> DISABLED <-> FILE-IDENTIFY bcproj file magic detection (file-identify.rules)
 * 1:20496 <-> DISABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detection (file-identify.rules)
 * 1:20512 <-> DISABLED <-> FILE-IDENTIFY mx4 file magic detection (file-identify.rules)
 * 1:20513 <-> DISABLED <-> FILE-IDENTIFY ffmpeg file magic detection (file-identify.rules)
 * 1:20515 <-> DISABLED <-> FILE-IDENTIFY ivr file magic detection (file-identify.rules)
 * 1:20514 <-> DISABLED <-> FILE-IDENTIFY dmg file magic detection (file-identify.rules)
 * 1:20466 <-> DISABLED <-> FILE-IDENTIFY Zip file magic detection (file-identify.rules)
 * 1:20460 <-> DISABLED <-> FILE-IDENTIFY mp3 file magic detection (file-identify.rules)
 * 1:20485 <-> DISABLED <-> FILE-IDENTIFY SIP log file magic detection (file-identify.rules)
 * 1:20456 <-> DISABLED <-> FILE-IDENTIFY Real Media file magic detection (file-identify.rules)
 * 1:20452 <-> DISABLED <-> FILE-IDENTIFY GZip file magic detection (file-identify.rules)
 * 1:20444 <-> ENABLED <-> WEB-CLIENT Oracle Java browser plugin docbase overflow attempt (web-client.rules)
 * 1:20480 <-> DISABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:20439 <-> DISABLED <-> DOS multiple TLSv1.2 Encrypted Handshake messages - THC-SSL tool, potential DoS (dos.rules)
 * 1:20438 <-> DISABLED <-> DOS multiple TLSv1.1 Encrypted Handshake messages - THC-SSL tool, potential DoS (dos.rules)
 * 1:20486 <-> DISABLED <-> FILE-IDENTIFY rtf file magic detection (file-identify.rules)
 * 1:20510 <-> DISABLED <-> FILE-IDENTIFY wav file magic detection (file-identify.rules)
 * 1:20517 <-> DISABLED <-> DELETED FILE-IDENTIFY rmf file magic detection (deleted.rules)
 * 1:20516 <-> DISABLED <-> FILE-IDENTIFY caff file magic detection (file-identify.rules)
 * 1:20518 <-> DISABLED <-> FILE-IDENTIFY rmf file download attempt (file-identify.rules)
 * 1:20519 <-> DISABLED <-> FILE-IDENTIFY vmd file download attempt (file-identify.rules)
 * 1:20522 <-> DISABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detection (file-identify.rules)
 * 1:20520 <-> DISABLED <-> FILE-IDENTIFY vmd file magic detection (file-identify.rules)
 * 1:20521 <-> DISABLED <-> FILE-IDENTIFY Flac file magic detection (file-identify.rules)
 * 1:20523 <-> DISABLED <-> BLACKLIST known malicious IP address 206.183.111.97 - contact to Duqu command and control server (blacklist.rules)
 * 1:20525 <-> ENABLED <-> BOTNET-CNC Trojan.Duqu contact to C&C server attempt (botnet-cnc.rules)
 * 1:20524 <-> DISABLED <-> BLACKLIST known malicious IP address 77.241.93.160 - contact to Duqu command and control server (blacklist.rules)
 * 1:20526 <-> ENABLED <-> BLACKLIST DNS request for known malware domain kasperskychk.dyndns.org (blacklist.rules)
 * 1:20495 <-> DISABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detection (file-identify.rules)
 * 1:20508 <-> DISABLED <-> FILE-IDENTIFY shockwave file magic detection (file-identify.rules)
 * 1:20482 <-> DISABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:20504 <-> DISABLED <-> FILE-IDENTIFY mov file magic detection (file-identify.rules)
 * 1:20461 <-> DISABLED <-> FILE-IDENTIFY Microsoft CAB file magic detection (file-identify.rules)
 * 1:20478 <-> DISABLED <-> FILE-IDENTIFY PNG file magic detection (file-identify.rules)
 * 1:20483 <-> DISABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:20442 <-> ENABLED <-> EXPLOIT CA BrightStor cheyenneds mailslot overflow (exploit.rules)
 * 1:20484 <-> DISABLED <-> FILE-IDENTIFY SIS file magic detection (file-identify.rules)
 * 1:20449 <-> ENABLED <-> BACKDOOR Worm Win32.Busifom.A outbound connection (backdoor.rules)
 * 1:20487 <-> DISABLED <-> FILE-IDENTIFY 7zip file magic detection (file-identify.rules)
 * 1:20476 <-> DISABLED <-> FILE-IDENTIFY TNEF file magic detection (file-identify.rules)
 * 1:20469 <-> DISABLED <-> FILE-IDENTIFY Zip file magic detection (file-identify.rules)
 * 1:20463 <-> DISABLED <-> FILE-IDENTIFY Zip file magic detection (file-identify.rules)
 * 1:20455 <-> DISABLED <-> FILE-IDENTIFY BinHex file magic detection (file-identify.rules)
 * 1:20429 <-> ENABLED <-> WEB-CLIENT Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (web-client.rules)
 * 1:20451 <-> DISABLED <-> FILE-IDENTIFY MPEG sys stream file magic detection (file-identify.rules)
 * 1:20432 <-> DISABLED <-> BACKDOOR Win32.Hiloti outbound connection (backdoor.rules)
 * 1:20440 <-> ENABLED <-> EXPLOIT CA BrightStor cheyenneds mailslot overflow (exploit.rules)
 * 1:20448 <-> ENABLED <-> BACKDOOR Win32.Meciv.A outbound connection (backdoor.rules)
 * 1:20470 <-> DISABLED <-> FILE-IDENTIFY RIFF file magic detection (file-identify.rules)
 * 1:20458 <-> DISABLED <-> FILE-IDENTIFY bzip file magic detection (file-identify.rules)
 * 1:20474 <-> DISABLED <-> FILE-IDENTIFY Symantec file magic detection (file-identify.rules)
 * 1:20428 <-> DISABLED <-> BACKDOOR Win32.Zewit.A outbound connection (backdoor.rules)
 * 1:20437 <-> DISABLED <-> DOS multiple TLSv1 Encrypted Handshake messages - THC-SSL tool, potential DoS (dos.rules)
 * 1:20459 <-> DISABLED <-> FILE-IDENTIFY GIF file magic detection (file-identify.rules)
 * 1:20443 <-> DISABLED <-> POLICY Apple OSX Remote Mouse usage (policy.rules)
 * 1:20450 <-> DISABLED <-> FILE-IDENTIFY MPEG video stream file magic detection (file-identify.rules)
 * 1:20471 <-> DISABLED <-> FILE-IDENTIFY RIFX file magic detection (file-identify.rules)
 * 1:20433 <-> ENABLED <-> SPYWARE-PUT XP Guardian 2010 anutayadokalug host runtime traffic detection (spyware-put.rules)
 * 1:20475 <-> DISABLED <-> FILE-IDENTIFY ARJ file magic detection (file-identify.rules)
 * 1:20479 <-> DISABLED <-> FILE-IDENTIFY CryptFF file magic detection (file-identify.rules)
 * 1:20468 <-> DISABLED <-> FILE-IDENTIFY Zip file magic detection (file-identify.rules)
 * 1:20435 <-> ENABLED <-> BACKDOOR TrojanSpy Win32.Zbot.Svr runtime traffic detected (backdoor.rules)
 * 1:20436 <-> DISABLED <-> DOS multiple SSLv3 Encrypted Handshake messages - THC-SSL tool, potential DoS (dos.rules)
 * 1:20467 <-> DISABLED <-> FILE-IDENTIFY Zip file magic detection (file-identify.rules)
 * 1:20462 <-> DISABLED <-> FILE-IDENTIFY Ogg Stream file magic detection (file-identify.rules)
 * 1:20457 <-> DISABLED <-> FILE-IDENTIFY bmp file magic detection (file-identify.rules)
 * 1:20431 <-> ENABLED <-> WEB-CLIENT Wireshark DECT packet dissector overflow attempt (web-client.rules)
 * 1:20477 <-> DISABLED <-> FILE-IDENTIFY ELF file magic detection (file-identify.rules)
 * 1:20454 <-> DISABLED <-> FILE-IDENTIFY Postscript file magic detection (file-identify.rules)
 * 1:20453 <-> DISABLED <-> FILE-IDENTIFY Script encoder file magic detection (file-identify.rules)
 * 1:20492 <-> DISABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detection (file-identify.rules)
 * 1:20506 <-> DISABLED <-> DELETED FILE-IDENTIFY flac file magic detection (deleted.rules)
 * 1:20499 <-> DISABLED <-> FILE-IDENTIFY Word file magic detection (file-identify.rules)
 * 1:20507 <-> DISABLED <-> FILE-IDENTIFY shockwave file magic detection (file-identify.rules)
 * 1:20497 <-> DISABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detection (file-identify.rules)
 * 1:20490 <-> DISABLED <-> FILE-IDENTIFY MachO Big Endian file magic detection (file-identify.rules)
 * 1:20502 <-> DISABLED <-> FILE-IDENTIFY mov file magic detection (file-identify.rules)
 * 1:20503 <-> DISABLED <-> FILE-IDENTIFY mov file magic detection (file-identify.rules)
 * 1:20500 <-> DISABLED <-> FILE-IDENTIFY mov file magic detection (file-identify.rules)
 * 1:20505 <-> DISABLED <-> FILE-IDENTIFY mdb file magic detection (file-identify.rules)
 * 1:20488 <-> DISABLED <-> FILE-IDENTIFY MachO Little Endian file magic detection (file-identify.rules)
 * 1:20494 <-> DISABLED <-> FILE-IDENTIFY PDF file magic detection (file-identify.rules)
 * 1:20501 <-> DISABLED <-> FILE-IDENTIFY mov file magic detection (file-identify.rules)
 * 1:20491 <-> DISABLED <-> FILE-IDENTIFY MachO x64 Big Endian file magic detection (file-identify.rules)
 * 1:20493 <-> DISABLED <-> FILE-IDENTIFY jarpack file magic detection (file-identify.rules)
 * 1:20472 <-> DISABLED <-> FILE-IDENTIFY RAR file magic detection (file-identify.rules)
 * 1:20446 <-> ENABLED <-> WEB-MISC DiskPulseServer GetServerInfo request buffer overflow (web-misc.rules)
 * 1:20447 <-> ENABLED <-> BACKDOOR Trojan Win32.Agent.JAAK outbound connection (backdoor.rules)
 * 1:20445 <-> ENABLED <-> WEB-CLIENT Foxit Reader title overflow attempt (web-client.rules)
 * 1:20473 <-> DISABLED <-> FILE-IDENTIFY RAR file magic detection (file-identify.rules)
 * 1:20441 <-> ENABLED <-> EXPLOIT CA BrightStor cheyenneds mailslot overflow (exploit.rules)
 * 1:20465 <-> DISABLED <-> FILE-IDENTIFY Zip file magic detection (file-identify.rules)
 * 1:20464 <-> DISABLED <-> FILE-IDENTIFY Zip file magic detection (file-identify.rules)
 * 1:20430 <-> ENABLED <-> WEB-CLIENT Oracle Java Web Start BasicServiceImpl security policy bypass attempt (web-client.rules)
 * 1:20481 <-> DISABLED <-> FILE-IDENTIFY mp3 file magic detection (file-identify.rules)
 * 1:20434 <-> ENABLED <-> SPYWARE-PUT XP Guardian 2010 proantivirus21 host runtime traffic detection (spyware-put.rules)
 * 1:20509 <-> DISABLED <-> FILE-IDENTIFY wav file magic detection (file-identify.rules)
 * 1:20489 <-> DISABLED <-> FILE-IDENTIFY MachO x64 Little Endian file magic detection (file-identify.rules)
 * 1:20498 <-> DISABLED <-> FILE-IDENTIFY Word file magic detection (file-identify.rules)

Modified Rules:


 * 1:15964 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Exchange OWA XSS and spoofing attempt (specific-threats.rules)
 * 1:15999 <-> ENABLED <-> SPECIFIC-THREATS Mozilla products frame comment objects manipulation memory corruption attempt (specific-threats.rules)
 * 1:19083 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player memory corruption attempt (specific-threats.rules)
 * 1:8701 <-> DISABLED <-> WEB-MISC IceCast header buffer overflow attempt (web-misc.rules)
 * 1:19684 <-> ENABLED <-> SPECIFIC-THREATS Adobe CFF font storage memory corruption attempt (specific-threats.rules)
 * 1:17542 <-> ENABLED <-> SPECIFIC-THREATS Excel MalformedPalete Record Memory Corruption attempt (specific-threats.rules)
 * 1:18991 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader and Acrobat TTF SING table parsing remote code execution attempt (specific-threats.rules)
 * 1:18990 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader and Acrobat TTF SING table parsing remote code execution attempt (specific-threats.rules)
 * 1:19010 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari WebKit menu onchange memory corruption attempt (specific-threats.rules)
 * 1:17543 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel Column record handling memory corruption attempt (specific-threats.rules)
 * 1:19003 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit run-in use-after-free attempt (specific-threats.rules)
 * 1:19009 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari WebKit menu onchange memory corruption attempt (specific-threats.rules)
 * 1:20055 <-> DISABLED <-> SPECIFIC-THREATS Sun Java runtime JPEGImageReader overflow attempt (specific-threats.rules)
 * 1:20070 <-> ENABLED <-> WEB-CLIENT BIN file download request (web-client.rules)
 * 1:20130 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel MergeCells record parsing code execution attempt (specific-threats.rules)
 * 1:20169 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader embedded BMP parsing corruption attempt (specific-threats.rules)
 * 1:20170 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader embedded BMP parsing corruption attempt (specific-threats.rules)
 * 1:20171 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader embedded BMP parsing corruption attempt (specific-threats.rules)
 * 1:20282 <-> ENABLED <-> WEB-MISC S3M file request (web-misc.rules)
 * 1:3486 <-> ENABLED <-> MISC SSLv3 invalid data version attempt (misc.rules)
 * 1:3535 <-> DISABLED <-> WEB-CLIENT GIF transfer (web-client.rules)
 * 1:3633 <-> DISABLED <-> WEB-CLIENT bitmap transfer (web-client.rules)
 * 1:18604 <-> ENABLED <-> SPECIFIC-THREATS lizamoon script injection (specific-threats.rules)
 * 1:18615 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Works 4.x converter font name buffer overflow attempt (specific-threats.rules)
 * 1:18616 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Works 4.x converter font name buffer overflow attempt (specific-threats.rules)
 * 1:15383 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox XBL Event Handler Tags Removal memory corruption attempt (specific-threats.rules)
 * 1:15678 <-> ENABLED <-> SPECIFIC-THREATS Microsoft DirectShow ActiveX exploit via JavaScript (specific-threats.rules)
 * 1:15492 <-> DISABLED <-> SPECIFIC-THREATS Adobe PDF spell.customDictionaryOpen exploit attempt (specific-threats.rules)
 * 1:15472 <-> ENABLED <-> WEB-CLIENT Multiple MP3 player PLS buffer overflow attempt (web-client.rules)
 * 1:13477 <-> DISABLED <-> SPECIFIC-THREATS Adobe PDF collab.collectEmailInfo exploit attempt - compressed (specific-threats.rules)
 * 1:12772 <-> ENABLED <-> SPECIFIC-THREATS obfuscated PPStream PowerPlayer ActiveX exploit attempt (specific-threats.rules)
 * 1:13478 <-> DISABLED <-> SPECIFIC-THREATS Adobe PDF collab.collectEmailInfo exploit attempt (specific-threats.rules)
 * 1:18635 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Powerpoint malformed record call to freed object attempt  (specific-threats.rules)
 * 1:18636 <-> ENABLED <-> SPECIFIC-THREATS Microsoft PowerPoint SlideAtom record exploit attempt  (specific-threats.rules)
 * 1:18637 <-> ENABLED <-> WEB-CLIENT Microsoft Office PowerPoint OfficeArt atom memory corruption attempt (web-client.rules)
 * 1:18642 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Word Converter sprmTSplit overflow attempt  (specific-threats.rules)
 * 1:18643 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Word Converter sprmTTextFflow overflow attempt  (specific-threats.rules)
 * 1:18644 <-> ENABLED <-> SPECIFIC-THREATS OpenType Fonts CompactFontFormat FontMatrix tranform memory corruption attempt  (specific-threats.rules)
 * 1:18645 <-> ENABLED <-> SPECIFIC-THREATS Microsoft GDI+ arbitrary code execution attempt  (specific-threats.rules)
 * 1:18646 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer 6/7 CSS swapNode memory corruption attempt  (specific-threats.rules)
 * 1:17526 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat and Adobe Reader U3D RHAdobeMeta Buffer Overflow (specific-threats.rules)
 * 1:17497 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Powerpoint malformed NamedShows record code execution attempt (specific-threats.rules)
 * 1:17523 <-> ENABLED <-> SPECIFIC-THREATS Apple QuickTime H.264 Movie File Buffer Overflow (specific-threats.rules)
 * 1:17496 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Powerpoint malformed NamedShows record code execution attempt (specific-threats.rules)
 * 1:17488 <-> ENABLED <-> SPECIFIC-THREATS Excel Malformed Range Code Execution attempt (specific-threats.rules)
 * 1:17470 <-> ENABLED <-> SPECIFIC-THREATS Apple QuickTime STSD JPEG atom heap corruption attempt (specific-threats.rules)
 * 1:17472 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat JavaScript getIcon method buffer overflow attempt (specific-threats.rules)
 * 1:17466 <-> ENABLED <-> SPECIFIC-THREATS IBM Lotus Domino Web Access 7 ActiveX exploit attempt (specific-threats.rules)
 * 1:17444 <-> ENABLED <-> SPECIFIC-THREATS Firefox 3 xsl parsing heap overflow attempt (specific-threats.rules)
 * 1:17461 <-> ENABLED <-> SPECIFIC-THREATS RealNetworks RealPlayer zipped skin file buffer overflow attempt (specific-threats.rules)
 * 1:17422 <-> ENABLED <-> SPECIFIC-THREATS Firefox defineSetter function pointer memory corruption attempt (specific-threats.rules)
 * 1:17402 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer nested tag memory corruption attempt (specific-threats.rules)
 * 1:17411 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer CDF cross-domain scripting attempt (specific-threats.rules)
 * 1:17389 <-> ENABLED <-> SPECIFIC-THREATS mozilla firefox DOMNodeRemoved attack attempt (specific-threats.rules)
 * 1:17395 <-> ENABLED <-> SPECIFIC-THREATS Sun Java Web Start Splashscreen GIF decoding buffer overflow attempt (specific-threats.rules)
 * 1:17381 <-> ENABLED <-> SPECIFIC-THREATS Apple QuickTime PDAT Atom parsing buffer overflow attempt (specific-threats.rules)
 * 1:17377 <-> ENABLED <-> SPECIFIC-THREATS Microsoft excel Malformed Filter Records Handling Code Execution attempt (specific-threats.rules)
 * 1:17380 <-> ENABLED <-> WEB-CLIENT PNG file download request (web-client.rules)
 * 1:17361 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat Reader PDF Catalog Handling denial of service attempt (specific-threats.rules)
 * 1:17312 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt (specific-threats.rules)
 * 1:1734 <-> DISABLED <-> FTP USER overflow attempt (ftp.rules)
 * 1:17286 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Visual Basic for Applications document properties overflow attempt (specific-threats.rules)
 * 1:17311 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt (specific-threats.rules)
 * 1:17268 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox sidebar panel arbitrary code execution attempt (specific-threats.rules)
 * 1:17257 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player and Reader remote code execution attempt (specific-threats.rules)
 * 1:17263 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt (specific-threats.rules)
 * 1:17233 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader and Acrobat TTF SING table parsing remote code execution attempt (specific-threats.rules)
 * 1:17223 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player navigateToURL cross-site scripting attempt (specific-threats.rules)
 * 1:17228 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows Media Player skin decompression code execution attempt (specific-threats.rules)
 * 1:17147 <-> DISABLED <-> SPECIFIC-THREATS Adobe Photoshop CS4 ABR file processing buffer overflow attempt (specific-threats.rules)
 * 1:17222 <-> ENABLED <-> SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt (specific-threats.rules)
 * 1:17058 <-> DISABLED <-> SPECIFIC-THREATS Trojan-Downloader.JS.Agent.ewh Javascript download attempt (specific-threats.rules)
 * 1:16790 <-> ENABLED <-> SPECIFIC-THREATS Chilkat Crypt 2 ActiveX WriteFile method arbitrary file overwrite attempt - 2 (specific-threats.rules)
 * 1:16800 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel FRTWrapper record buffer overflow attempt  (specific-threats.rules)
 * 1:16786 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Web Components Spreadsheet ActiveX buffer overflow attempt (specific-threats.rules)
 * 1:16731 <-> ENABLED <-> SPECIFIC-THREATS ProShow Gold PSH file handling overflow attempt (specific-threats.rules)
 * 1:16738 <-> ENABLED <-> SPECIFIC-THREATS Xenorate Media Player XPL file handling overflow attempt - 2 (specific-threats.rules)
 * 1:16711 <-> ENABLED <-> SPECIFIC-THREATS E-Book Systems FlipViewer FlipViewerX.dll ActiveX multiple buffer overflow attempt (specific-threats.rules)
 * 1:16672 <-> ENABLED <-> SPECIFIC-THREATS Symantec Backup Exec ActiveX control buffer overflow attempt (specific-threats.rules)
 * 1:16634 <-> ENABLED <-> WEB-CLIENT Adobe Flash use-after-free attack  (web-client.rules)
 * 1:16666 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari window.parent.close unspecified remote code execution vulnerability (specific-threats.rules)
 * 1:16633 <-> ENABLED <-> WEB-CLIENT Adobe PDF File containing Flash use-after-free attack  (web-client.rules)
 * 1:16631 <-> DISABLED <-> SPECIFIC-THREATS Safari image use after remove attempt (specific-threats.rules)
 * 1:16609 <-> DISABLED <-> SPECIFIC-THREATS RealPlayer ActiveX Import playlist name buffer overflow attempt (specific-threats.rules)
 * 1:16610 <-> DISABLED <-> SPECIFIC-THREATS IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (specific-threats.rules)
 * 1:16598 <-> ENABLED <-> SPECIFIC-THREATS Green Dam URL handling overflow attempt (specific-threats.rules)
 * 1:16602 <-> DISABLED <-> SPECIFIC-THREATS Microsoft DirectShow 3 ActiveX exploit via JavaScript (specific-threats.rules)
 * 1:16589 <-> ENABLED <-> SPECIFIC-THREATS iseemedia LPViewer ActiveX buffer overflows attempt (specific-threats.rules)
 * 1:16592 <-> ENABLED <-> SPECIFIC-THREATS Opera asynchronous document modifications attempted memory corruption (specific-threats.rules)
 * 1:16580 <-> DISABLED <-> SPECIFIC-THREATS NCTAudioFile2 ActiveX clsid access via object tag (specific-threats.rules)
 * 1:16545 <-> ENABLED <-> WEB-CLIENT Adobe Reader malformed Richmedia annotation exploit attempt  (web-client.rules)
 * 1:16557 <-> DISABLED <-> SPECIFIC-THREATS 2imaegshack/lmageshack IM worm inbound communication attempt (specific-threats.rules)
 * 1:16520 <-> ENABLED <-> WEB-CLIENT Free Download Manager .torrent parsing path overflow attempt (web-client.rules)
 * 1:16542 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Publisher 2007 and earlier stack buffer overflow attempt  (specific-threats.rules)
 * 1:16518 <-> ENABLED <-> WEB-CLIENT Free Download Manager .torrent parsing announce overflow attempt (web-client.rules)
 * 1:16517 <-> ENABLED <-> WEB-CLIENT Free Download Manager .torrent parsing comment overflow attempt (web-client.rules)
 * 1:16461 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel EntExU2 write access violation attempt  (specific-threats.rules)
 * 1:16490 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader malformed TIFF remote code execution attempt (specific-threats.rules)
 * 1:16344 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox top-level script object offset calculation memory corruption attempt (specific-threats.rules)
 * 1:16334 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader compressed media.newPlayer memory corruption attempt (specific-threats.rules)
 * 1:16340 <-> ENABLED <-> SPECIFIC-THREATS DHTML Editing ActiveX clsid access (specific-threats.rules)
 * 1:16325 <-> ENABLED <-> SPECIFIC-THREATS Adobe JPEG2k uninitialized QCC memory corruption attempt  (specific-threats.rules)
 * 1:16288 <-> ENABLED <-> SPECIFIC-THREATS Sun Java Runtime AWT setDiffICM stack buffer overflow attempt (specific-threats.rules)
 * 1:16205 <-> DISABLED <-> WEB-MISC bitmap file download request (web-misc.rules)
 * 1:16284 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox ClearTextRun exploit attempt (specific-threats.rules)
 * 1:16145 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit floating point buffer overflow attempt (specific-threats.rules)
 * 1:16148 <-> DISABLED <-> SPECIFIC-THREATS Apple QuickTime and iTunes heap memory corruption attempt (specific-threats.rules)
 * 1:16090 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Core XML core services XMLHTTP control open method code execution attempt (specific-threats.rules)
 * 1:16142 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox PKCS11 module installation code execution attempt (specific-threats.rules)
 * 1:16089 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows embedded web font handling buffer overflow attempt (specific-threats.rules)
 * 1:16070 <-> DISABLED <-> SPECIFIC-THREATS X.org PCF parsing buffer overflow attempt (specific-threats.rules)
 * 1:16087 <-> ENABLED <-> SPECIFIC-THREATS Multiple vendor AV gateway virus detection bypass attempt (specific-threats.rules)
 * 1:16068 <-> ENABLED <-> SPECIFIC-THREATS Yahoo Music Jukebox ActiveX exploit (specific-threats.rules)
 * 1:16064 <-> DISABLED <-> SPECIFIC-THREATS internet explorer onBeforeUnload address bar spoofing attempt (specific-threats.rules)
 * 1:16067 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer DOM object cache management memory corruption attempt (specific-threats.rules)
 * 1:16065 <-> DISABLED <-> SPECIFIC-THREATS internet explorer location.replace memory corruption attempt (specific-threats.rules)
 * 1:16051 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Publisher 2007 conversion library code execution attempt (specific-threats.rules)
 * 1:16059 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Excel malformed file format parsing code execution attempt (specific-threats.rules)
 * 1:16047 <-> DISABLED <-> SPECIFIC-THREATS Mozilla Firefox layout frame constructor memory corruption attempt (specific-threats.rules)
 * 1:17539 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel unspecified memory corruption attempt (specific-threats.rules)
 * 1:16045 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt (specific-threats.rules)
 * 1:18691 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows AFD.SYS null write attempt  (specific-threats.rules)
 * 1:18740 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel sheet object type confusion exploit attempt  (specific-threats.rules)
 * 1:18766 <-> ENABLED <-> SPECIFIC-THREATS OpenSSL CMS structure OriginatorInfo memory corruption attempt (specific-threats.rules)
 * 1:18794 <-> ENABLED <-> WEB-MISC RedHat JBoss Enterprise Application Platform JMX authentication bypass attempt (web-misc.rules)
 * 1:18806 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel RealTimeData record exploit attempt  (specific-threats.rules)
 * 1:18948 <-> ENABLED <-> SPECIFIC-THREATS Microsoft PowerPoint converter bad indirection remote code execution attempt (specific-threats.rules)
 * 1:18951 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer onPropertyChange deleteTable memory corruption attempt (specific-threats.rules)
 * 1:18952 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows uniscribe fonts parsing memory corruption attempt (specific-threats.rules)
 * 1:18953 <-> ENABLED <-> SPECIFIC-THREATS rich text format unexpected field type memory corruption attempt (specific-threats.rules)
 * 1:18954 <-> ENABLED <-> SPECIFIC-THREATS rich text format unexpected field type memory corruption attempt (specific-threats.rules)
 * 1:18957 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit attribute child removal code execution attempt (specific-threats.rules)
 * 1:18958 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit attribute child removal code execution attempt (specific-threats.rules)
 * 1:16001 <-> ENABLED <-> SPECIFIC-THREATS Apple QuickDraw PICT images ARGB records handling memory corruption attempt (specific-threats.rules)
 * 1:18963 <-> ENABLED <-> SPECIFIC-THREATS Adobe ActionScript 3 addEventListener exploit attempt (specific-threats.rules)
 * 1:16005 <-> DISABLED <-> SPECIFIC-THREATS Mozilla browsers JavaScript argument passing code execution attempt (specific-threats.rules)
 * 1:18964 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash file DefineFont4 remote code execution attempt (specific-threats.rules)
 * 1:16007 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (specific-threats.rules)
 * 1:18965 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash file ActionScript 2 ActionJump remote code execution attempt (specific-threats.rules)
 * 1:16024 <-> DISABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript Function focus overflow attempt (specific-threats.rules)
 * 1:18968 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash ActionScript3 stack integer overflow attempt (specific-threats.rules)
 * 1:18966 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash file DefineFont4 remote code execution attempt (specific-threats.rules)
 * 1:18969 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player ActionScript ActionIf integer overflow attempt (specific-threats.rules)
 * 1:18970 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player null pointer dereference attempt (specific-threats.rules)
 * 1:18971 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash beginGradientfill improper color validation attempt (specific-threats.rules)
 * 1:18989 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader and Acrobat TTF SING table parsing remote code execution attempt (specific-threats.rules)
 * 1:17778 <-> ENABLED <-> SPECIFIC-THREATS BitDefender Internet Security script code execution attempt (specific-threats.rules)
 * 1:17780 <-> ENABLED <-> SPECIFIC-THREATS CBO CBL CBM buffer overflow attempt (specific-threats.rules)
 * 1:17781 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt (specific-threats.rules)
 * 1:17803 <-> ENABLED <-> WEB-CLIENT Adobe Shockwave Director rcsL chunk memory corruption attempt (web-client.rules)
 * 1:17806 <-> ENABLED <-> SPECIFIC-THREATS Adobe Shockwave Director rcsL chunk remote code execution attempt (specific-threats.rules)
 * 1:17807 <-> ENABLED <-> SPECIFIC-THREATS Adobe Shockwave Director rcsL chunk remote code execution attempt (specific-threats.rules)
 * 1:17808 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash authplay.dll memory corruption attempt (specific-threats.rules)
 * 1:17817 <-> ENABLED <-> SPECIFIC-THREATS Thinkpoint fake antivirus binary download (specific-threats.rules)
 * 1:18078 <-> ENABLED <-> SPECIFIC-THREATS Mozilla products CSS rendering out-of-bounds array write attempt (specific-threats.rules)
 * 1:18077 <-> ENABLED <-> SPECIFIC-THREATS Mozilla products CSS rendering out-of-bounds array write attempt (specific-threats.rules)
 * 1:18132 <-> ENABLED <-> SPECIFIC-THREATS malware-associated JavaScript obfuscation function (specific-threats.rules)
 * 1:18170 <-> DISABLED <-> SPECIFIC-THREATS Mozilla Firefox and SeaMonkey onUnload event handler memory corruption attempt (specific-threats.rules)
 * 1:18174 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer CSS memory corruption attempt (specific-threats.rules)
 * 1:18176 <-> ENABLED <-> SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (specific-threats.rules)
 * 1:18175 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer CSS memory corruption attempt (specific-threats.rules)
 * 1:18177 <-> ENABLED <-> SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (specific-threats.rules)
 * 1:18178 <-> ENABLED <-> SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (specific-threats.rules)
 * 1:18188 <-> ENABLED <-> SPECIFIC-THREATS Multiple browser marquee tag denial of service attempt (specific-threats.rules)
 * 1:18186 <-> ENABLED <-> SPECIFIC-THREATS Mozilla products -moz-grid and -moz-grid-group display styles code execution attempt (specific-threats.rules)
 * 1:18193 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt (specific-threats.rules)
 * 1:18194 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt (specific-threats.rules)
 * 1:18212 <-> ENABLED <-> SPECIFIC-THREATS MS Publisher tyo.oty field heap overflow attempt  (specific-threats.rules)
 * 1:18214 <-> ENABLED <-> SPECIFIC-THREATS MS Publisher 97 conversion remote code execution attempt  (specific-threats.rules)
 * 1:18218 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer time element memory corruption attempt  (specific-threats.rules)
 * 1:18229 <-> ENABLED <-> SPECIFIC-THREATS Microsoft FlashPix tile length overflow attempt  (specific-threats.rules)
 * 1:18230 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Publisher memory corruption attempt  (specific-threats.rules)
 * 1:18236 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office TIFFIM32.FLT filter memory corruption attempt  (specific-threats.rules)
 * 1:18244 <-> ENABLED <-> WEB-CLIENT Oracle Java browser plugin docbase overflow attempt (web-client.rules)
 * 1:18245 <-> ENABLED <-> SPECIFIC-THREATS Sun Java browser plugin docbase overflow attempt (specific-threats.rules)
 * 1:18250 <-> ENABLED <-> SPECIFIC-THREATS Mozilla products EscapeAttributeValue integer overflow attempt (specific-threats.rules)
 * 1:18261 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript engine String.toSource memory corruption attempt (specific-threats.rules)
 * 1:18262 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript engine function arguments memory corruption attempt (specific-threats.rules)
 * 1:18263 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript deleted frame or window reference attempt (specific-threats.rules)
 * 1:18264 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript deleted frame or window reference attempt (specific-threats.rules)
 * 1:18276 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Data Access Components library attempt  (specific-threats.rules)
 * 1:18286 <-> ENABLED <-> SPECIFIC-THREATS Mozilla products element style change memory corruption code execution attempt (specific-threats.rules)
 * 1:18294 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit floating point buffer overflow attempt (specific-threats.rules)
 * 1:18295 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit floating point buffer overflow attempt (specific-threats.rules)
 * 1:18296 <-> ENABLED <-> SPECIFIC-THREATS Mozilla products frame comment objects manipulation memory corruption attempt (specific-threats.rules)
 * 1:18298 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript large regex memory corruption attempt (specific-threats.rules)
 * 1:18301 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox GeckoActiveXObject memory corruption attempt (specific-threats.rules)
 * 1:18600 <-> ENABLED <-> SPECIFIC-THREATS QuickTime PictureViewer buffer overflow attempt (specific-threats.rules)
 * 1:18302 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox new function garbage collection remote code execution attempt (specific-threats.rules)
 * 1:16046 <-> DISABLED <-> SPECIFIC-THREATS RealNetworks RealPlayer RealMedia file format processing heap corruption attempt (specific-threats.rules)
 * 1:18303 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer script action handler overflow attempt (specific-threats.rules)
 * 1:18305 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer span tag memory corruption attempt (specific-threats.rules)
 * 1:18306 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer span tag memory corruption attempt (specific-threats.rules)
 * 1:18307 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer frameset memory corruption attempt (specific-threats.rules)
 * 1:16006 <-> DISABLED <-> SPECIFIC-THREATS Quicktime color table id memory corruption attempt (specific-threats.rules)
 * 1:18313 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt (specific-threats.rules)
 * 1:16292 <-> DISABLED <-> SPECIFIC-THREATS Mozilla CSS value counter overflow attempt (specific-threats.rules)
 * 1:18399 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel BRAI record remote code execution attempt  (specific-threats.rules)
 * 1:16347 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox browser engine memory corruption attempt (specific-threats.rules)
 * 1:18402 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows ATMFD Adobe font driver remote code execution attempt  (specific-threats.rules)
 * 1:16519 <-> ENABLED <-> WEB-CLIENT Free Download Manager .torrent parsing name overflow attempt (web-client.rules)
 * 1:18406 <-> ENABLED <-> SPECIFIC-THREATS Windows Server 2003 update service principal name spn dos executable attempt  (specific-threats.rules)
 * 1:16575 <-> DISABLED <-> SPECIFIC-THREATS RKD Software BarCode ActiveX buffer overflow attempt (specific-threats.rules)
 * 1:18415 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Visio deserialization double free attempt  (specific-threats.rules)
 * 1:18416 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Visio ORMinfo classes length overflow attempt  (specific-threats.rules)
 * 1:16599 <-> ENABLED <-> SPECIFIC-THREATS AtHocGov IWSAlerts ActiveX control buffer overflow attempt (specific-threats.rules)
 * 1:18417 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Visio ORMinfo classes length overflow attempt  (specific-threats.rules)
 * 1:16632 <-> DISABLED <-> SPECIFIC-THREATS Safari image use after reparent attempt (specific-threats.rules)
 * 1:18418 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash player ActionScript apply function memory corruption attempt  (specific-threats.rules)
 * 1:16675 <-> ENABLED <-> SPECIFIC-THREATS CA BrightStor ListCtrl ActiveX exploit attempt (specific-threats.rules)
 * 1:18420 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash player ActionScript ASnative function remote code execution attempt  (specific-threats.rules)
 * 1:16789 <-> ENABLED <-> SPECIFIC-THREATS Chilkat Crypt 2 ActiveX WriteFile method arbitrary file overwrite attempt - 1 (specific-threats.rules)
 * 1:18448 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat Universal 3D stream memory corruption attempt  (specific-threats.rules)
 * 1:17160 <-> ENABLED <-> SPECIFIC-THREATS Liquid XML Studio LtXmlComHelp8.dll ActiveX OpenFile buffer overflow attempt (specific-threats.rules)
 * 1:18450 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader malformed BMP RGBQUAD attempt  (specific-threats.rules)
 * 1:18451 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat ICC color integer overflow attempt  (specific-threats.rules)
 * 1:17235 <-> ENABLED <-> SPECIFIC-THREATS VBMania mass mailing worm download attempt (specific-threats.rules)
 * 1:18452 <-> ENABLED <-> SPECIFIC-THREATS Adobe malicious IFF memory corruption attempt  (specific-threats.rules)
 * 1:17288 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat font parsing integer overflow attempt (specific-threats.rules)
 * 1:18453 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat universal 3D format memory corruption attempt  (specific-threats.rules)
 * 1:17373 <-> ENABLED <-> SPECIFIC-THREATS QuickTime panorama atoms buffer overflow attempt (specific-threats.rules)
 * 1:18454 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat universal 3D format memory corruption attempt  (specific-threats.rules)
 * 1:18455 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader malformed jpeg2000 superbox attempt  (specific-threats.rules)
 * 1:17394 <-> ENABLED <-> WEB-CLIENT GIF file download request (web-client.rules)
 * 1:18457 <-> ENABLED <-> SPECIFIC-THREATS Adoboe Reader U3D rgba parsing overflow attempt  (specific-threats.rules)
 * 1:17425 <-> ENABLED <-> SPECIFIC-THREATS RealPlayer ActiveX Import playlist name buffer overflow attempt (specific-threats.rules)
 * 1:18482 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer History.go method double free corruption attempt (specific-threats.rules)
 * 1:17471 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat JavaScript getIcon method buffer overflow attempt (specific-threats.rules)
 * 1:18485 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox JavaScript handler race condition memory corruption attempt (specific-threats.rules)
 * 1:17519 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow (specific-threats.rules)
 * 1:18498 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Media Player dvr-ms file parsing remote code execution attempt  (specific-threats.rules)
 * 1:16042 <-> DISABLED <-> SPECIFIC-THREATS Mozilla browsers CSS moz-binding cross domain scripting attempt (specific-threats.rules)
 * 1:18503 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player ActionScript flash.geom.Point constructor memory corruption attempt  (specific-threats.rules)
 * 1:18514 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Powerpoint malformed shapeid arbitrary code execution attempt (specific-threats.rules)
 * 1:18515 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Visio VSD file icon memory corruption (specific-threats.rules)
 * 1:18516 <-> ENABLED <-> WEB-CLIENT Word file download request (web-client.rules)
 * 1:18536 <-> DISABLED <-> SPECIFIC-THREATS OpenOffice.org Microsoft Word file processing integer underflow attempt (specific-threats.rules)
 * 1:18538 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel PtgName invalid index exploit attempt (specific-threats.rules)
 * 1:18541 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel 2007 invalid comments.xml uninitialized pointer access attempt 3 (specific-threats.rules)
 * 1:19469 <-> ENABLED <-> SPECIFIC-THREATS Microsoft invalid message kernel-mode memory disclosure attempt (specific-threats.rules)
 * 1:18542 <-> ENABLED <-> SPECIFIC-THREATS Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (specific-threats.rules)
 * 1:15981 <-> ENABLED <-> SPECIFIC-THREATS zlib Denial of Service (specific-threats.rules)
 * 1:10997 <-> ENABLED <-> WEB-MISC SSLv2 OpenSSl KEY_ARG buffer overflow attempt (web-misc.rules)
 * 1:12771 <-> ENABLED <-> SPECIFIC-THREATS obfuscated BaoFeng Storm MPS.dll ActiveX exploit attempt (specific-threats.rules)
 * 1:12770 <-> ENABLED <-> SPECIFIC-THREATS obfuscated RDS.Dataspace ActiveX exploit attempt (specific-threats.rules)
 * 1:15679 <-> ENABLED <-> SPECIFIC-THREATS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (specific-threats.rules)
 * 1:15922 <-> ENABLED <-> WEB-CLIENT mp3 file download request (web-client.rules)
 * 1:13912 <-> ENABLED <-> SPECIFIC-THREATS isComponentInstalled Metasploit attack attempt (specific-threats.rules)
 * 1:15880 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer popup window object tag code execution attempt (specific-threats.rules)
 * 1:15699 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox 3.5 unicode stack overflow attempt (specific-threats.rules)
 * 1:13801 <-> ENABLED <-> WEB-CLIENT RTF file download (web-client.rules)
 * 1:15493 <-> DISABLED <-> SPECIFIC-THREATS Adobe PDF getAnnots exploit attempt (specific-threats.rules)
 * 1:15431 <-> ENABLED <-> SPECIFIC-THREATS Firefox 3 xsl parsing heap overflow attempt (specific-threats.rules)
 * 1:15164 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Products SVG Layout Engine Index Parameter memory corruption attempt (specific-threats.rules)
 * 1:15444 <-> ENABLED <-> WEB-MISC Core Audio Format file download attempt (web-misc.rules)
 * 1:15940 <-> ENABLED <-> SPECIFIC-THREATS RealNetworks RealPlayer Multiple Products RA file processing overflow attempt (specific-threats.rules)
 * 1:12773 <-> ENABLED <-> SPECIFIC-THREATS obfuscated Xunlei Thunder PPLAYER.DLL ActiveX exploit attempt (specific-threats.rules)
 * 1:15483 <-> ENABLED <-> WEB-MISC Adobe Shockwave Flash file request (web-misc.rules)
 * 1:12774 <-> ENABLED <-> SPECIFIC-THREATS obfuscated GlobalLink ConnectAndEnterRoom ActiveX exploit attempt (specific-threats.rules)
 * 1:15013 <-> ENABLED <-> WEB-MISC Adobe Portable Document Format file download attempt (web-misc.rules)
 * 1:15191 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox animated PNG processing integer overflow (specific-threats.rules)
 * 1:15163 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Visio Object Header Buffer Overflow attempt (specific-threats.rules)
 * 1:18543 <-> ENABLED <-> SPECIFIC-THREATS embedded Shockwave dropper download  (specific-threats.rules)
 * 1:18585 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader malformed TIFF remote code execution attempt (specific-threats.rules)
 * 1:18590 <-> ENABLED <-> SPECIFIC-THREATS Outlook Express WAB file parsing buffer overflow attempt (specific-threats.rules)
 * 1:18592 <-> DISABLED <-> SPECIFIC-THREATS Yahoo Music Jukebox ActiveX exploit (specific-threats.rules)
 * 1:18594 <-> DISABLED <-> SPECIFIC-THREATS Trend Micro Web Deployment ActiveX clsid access (specific-threats.rules)
 * 1:18595 <-> DISABLED <-> SPECIFIC-THREATS Trend Micro Web Deployment ActiveX clsid access (specific-threats.rules)
 * 1:18596 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader and Acrobat util.printf buffer overflow attempt (specific-threats.rules)
 * 1:18597 <-> ENABLED <-> SPECIFIC-THREATS Opera file URI handling buffer overflow (specific-threats.rules)
 * 1:18599 <-> ENABLED <-> SPECIFIC-THREATS QuickTime PictureViewer buffer overflow attempt (specific-threats.rules)
 * 1:19063 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows Movie Maker string size overflow attempt (specific-threats.rules)
 * 1:18601 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Common Controls Animation Object ActiveX clsid access (specific-threats.rules)
 * 1:17527 <-> ENABLED <-> SPECIFIC-THREATS VideoLAN VLC Media Player MP4_BoxDumpStructure Buffer Overflow (specific-threats.rules)
 * 1:19004 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit run-in use-after-free attempt (specific-threats.rules)
 * 1:17537 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel unspecified memory corruption attempt (specific-threats.rules)
 * 1:17531 <-> ENABLED <-> SPECIFIC-THREATS Apple Quicktime MOV file JVTCompEncodeFrame heap overflow attempt (specific-threats.rules)
 * 1:17538 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel unspecified memory corruption attempt (specific-threats.rules)
 * 1:19081 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer CSS style memory corruption attempt (specific-threats.rules)
 * 1:17550 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Word Font Parsing Buffer Overflow attempt (specific-threats.rules)
 * 1:19078 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox html tag attributes memory corruption (specific-threats.rules)
 * 1:17760 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel RealTimeData record exploit attempt  (specific-threats.rules)
 * 1:19076 <-> ENABLED <-> SPECIFIC-THREATS Firefox appendChild use-after-free attempt (specific-threats.rules)
 * 1:17541 <-> ENABLED <-> SPECIFIC-THREATS Avast! Antivirus Engine Remote LHA buffer overflow attempt (specific-threats.rules)
 * 1:19079 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer getElementById object corruption (specific-threats.rules)
 * 1:19080 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player memory corruption attempt (specific-threats.rules)
 * 1:17759 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel invalid SerAr object exploit attempt  (specific-threats.rules)
 * 1:19811 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Powerpoint malformed record call to freed object attempt (specific-threats.rules)
 * 1:17764 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel PtgName invalid index exploit attempt  (specific-threats.rules)
 * 1:17604 <-> ENABLED <-> SPECIFIC-THREATS Java AWT ConvolveOp memory corruption attempt (specific-threats.rules)
 * 1:19129 <-> ENABLED <-> MULTIMEDIA realplayer .r1m download attempt (multimedia.rules)
 * 1:19112 <-> ENABLED <-> SPECIFIC-THREATS Adobe Shockwave 3D stucture heap overflow (specific-threats.rules)
 * 1:17551 <-> DISABLED <-> CHAT MSN Messenger and Windows Live Messenger Code Execution attempt (chat.rules)
 * 1:19300 <-> ENABLED <-> SPECIFIC-THREATS probable multi-mesh injection attack (specific-threats.rules)
 * 1:19308 <-> ENABLED <-> SPECIFIC-THREATS Microsoft embeded OpenType EOT font integer overflow attempt (specific-threats.rules)
 * 1:19413 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Publisher 2007 and earlier stack buffer overflow attempt (specific-threats.rules)
 * 1:19098 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit ContentEditable code exeuction attempt (specific-threats.rules)
 * 1:19195 <-> DISABLED <-> SPECIFIC-THREATS Oracle Document Capture ActiveX function call access (specific-threats.rules)
 * 1:19249 <-> ENABLED <-> SPECIFIC-THREATS Adobe Universal3D meshes.removeItem exploit attempt (specific-threats.rules)
 * 1:17701 <-> ENABLED <-> SPECIFIC-THREATS Office Viewer ActiveX arbitrary command execution attempt (specific-threats.rules)
 * 1:19266 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer layout-grid-char value exploit attempt (specific-threats.rules)
 * 1:17579 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Drawing Record msofbtOPT Code Execution attempt (specific-threats.rules)
 * 1:19317 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Word sprmTDiagLine80 record parsing stack buffer overflow attempt (specific-threats.rules)
 * 1:19115 <-> ENABLED <-> SPECIFIC-THREATS Adobe Shockwave 3D structure opcode 89 overflow attempt (specific-threats.rules)
 * 1:19316 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office TIFF filter remote code execution attempt (specific-threats.rules)
 * 1:17566 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer 7 Event Handler Memory Corruption (specific-threats.rules)
 * 1:17606 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash ASnative command execution attempt (specific-threats.rules)
 * 1:17740 <-> ENABLED <-> SPECIFIC-THREATS Apple Quicktime FlashPix processing overflow attempt (specific-threats.rules)
 * 1:17644 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer object clone deletion memory corruption attempt (specific-threats.rules)
 * 1:19097 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit ContentEditable code execution attempt (specific-threats.rules)
 * 1:19261 <-> ENABLED <-> SPECIFIC-THREATS Excel BIFF8 invalid Selection.cref exploit attempt (specific-threats.rules)
 * 1:17555 <-> ENABLED <-> SPECIFIC-THREATS Macrovision InstallShield Update Service ActiveX exploit attempt (specific-threats.rules)
 * 1:19118 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader script injection vulnerability (specific-threats.rules)
 * 1:19222 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel ObjBiff validation exploit attempt (specific-threats.rules)
 * 1:19232 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel XF record exploit attempt (specific-threats.rules)
 * 1:19211 <-> DISABLED <-> POLICY Zip archive file download (policy.rules)
 * 1:19259 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel WOpt record memory corruption attempt (specific-threats.rules)
 * 1:19196 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows ATMFD Adobe font driver remote code execution attempt (specific-threats.rules)
 * 1:17704 <-> ENABLED <-> SPECIFIC-THREATS McAfee LHA file parsing buffer overflow attempt (specific-threats.rules)
 * 1:19247 <-> ENABLED <-> SPECIFIC-THREATS Adobe jpeg 2000 image exploit attempt (specific-threats.rules)
 * 1:19114 <-> ENABLED <-> SPECIFIC-THREATS Adobe Shockwave 3D structure opcode 45 overflow attempt (specific-threats.rules)
 * 1:19096 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit CSS Charset Text transformation code execution attempt (specific-threats.rules)
 * 1:17580 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer span tag memory corruption attempt (specific-threats.rules)
 * 1:17587 <-> ENABLED <-> SPECIFIC-THREATS AcroPDF.PDF ActiveX exploit attempt (specific-threats.rules)
 * 1:19459 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Word sprmCMajority record buffer overflow attempt (specific-threats.rules)
 * 1:19128 <-> ENABLED <-> MULTIMEDIA realplayer .rec download attempt (multimedia.rules)
 * 1:19265 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer layout-grid-char value exploit attempt (specific-threats.rules)
 * 1:19250 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat and Adobe Reader U3D file include overflow attempt (specific-threats.rules)
 * 1:17570 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox IFRAME style change handling code execution (specific-threats.rules)
 * 1:19181 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer iframe uninitialized memory corruption attempt (specific-threats.rules)
 * 1:19179 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player cross-site request forgery attempt (specific-threats.rules)
 * 1:19134 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel PtgExtraArray data parsing vulnerability exploit attempt (specific-threats.rules)
 * 1:17727 <-> ENABLED <-> SPECIFIC-THREATS Sun JDK image parsing library ICC buffer overflow attempt (specific-threats.rules)
 * 1:19458 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Word sprmCMajority record buffer overflow attempt (specific-threats.rules)
 * 1:17581 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox tag order memory corruption attempt (specific-threats.rules)
 * 1:17726 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer address bar spoofing attempt (specific-threats.rules)
 * 1:19293 <-> DISABLED <-> SPECIFIC-THREATS Adobe Flash Player memory corruption attempt (specific-threats.rules)
 * 1:19292 <-> ENABLED <-> SPECIFIC-THREATS Firefox appendChild use-after-free attempt (specific-threats.rules)
 * 1:19242 <-> ENABLED <-> SPECIFIC-THREATS VML imagedata page deconstruction attempt (specific-threats.rules)
 * 1:19146 <-> ENABLED <-> SPECIFIC-THREATS Microsoft quartz.dll MJPEG content processing memory corruption attempt (specific-threats.rules)
 * 1:19442 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office embedded Office Art drawings execution attempt (specific-threats.rules)
 * 1:17719 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox ClearTextRun exploit attempt (specific-threats.rules)
 * 1:19322 <-> DISABLED <-> SPECIFIC-THREATS IE and Sharepoint toStaticHTML information disclosure attempt (specific-threats.rules)
 * 1:17654 <-> ENABLED <-> SPECIFIC-THREATS Facebook Photo Uploader ActiveX exploit attempt (specific-threats.rules)
 * 1:19119 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows ATMFD font driver remote code execution attempt (specific-threats.rules)
 * 1:19236 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer drag event memory corruption attempt (specific-threats.rules)
 * 1:17703 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer popup title bar spoofing attempt (specific-threats.rules)
 * 1:19414 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Publisher 2007 and earlier stack buffer overflow attempt (specific-threats.rules)
 * 1:19405 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Outlook SMB attach by reference code execution attempt (specific-threats.rules)
 * 1:19188 <-> ENABLED <-> SPECIFIC-THREATS Microsoft ATMFD font driver malicious font file remote code execution attempt (specific-threats.rules)
 * 1:17628 <-> ENABLED <-> SPECIFIC-THREATS Sun Microsystems Java gif handling memory corruption attempt (specific-threats.rules)
 * 1:19258 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel SxView record memory pointer corruption attempt (specific-threats.rules)
 * 1:19185 <-> ENABLED <-> SPECIFIC-THREATS Microsoft .NET ArraySegment escape exploit attempt (specific-threats.rules)
 * 1:17624 <-> ENABLED <-> SPECIFIC-THREATS Sun Java Runtime Environment Type1 Font parsing integer overflow attempt (specific-threats.rules)
 * 1:19235 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer copy/paste memory corruption attempt (specific-threats.rules)
 * 1:19156 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office .CGM file cell array heap overflow attempt (specific-threats.rules)
 * 1:19306 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Publisher pubconv.dll corruption attempt (specific-threats.rules)
 * 1:17758 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel PtgExtraArray data parsing vulnerability exploit attempt  (specific-threats.rules)
 * 1:17658 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash frame type identifier memory corruption attempt (specific-threats.rules)
 * 1:17679 <-> ENABLED <-> WEB-MISC Apple disk image download request (web-misc.rules)
 * 1:17626 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows embedded web font handling buffer overflow attempt (specific-threats.rules)
 * 1:17622 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer object reference memory corruption attempt (specific-threats.rules)
 * 1:19178 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player cross-site request forgery attempt (specific-threats.rules)
 * 1:17618 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows hraphics engine EMF rendering vulnerability (specific-threats.rules)
 * 1:19443 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office embedded Office Art drawings execution attempt (specific-threats.rules)
 * 1:19260 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel malformed MsoDrawingObject record attempt (specific-threats.rules)
 * 1:19241 <-> ENABLED <-> SPECIFIC-THREATS VML imagedata page deconstruction attempt (specific-threats.rules)
 * 1:17660 <-> ENABLED <-> SPECIFIC-THREATS Java Web Start arbitrary command execution attempt (specific-threats.rules)
 * 1:19411 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer Cross-Domain information disclosure attempt (specific-threats.rules)
 * 1:19095 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit CSS Charset Text transformation code execution attempt (specific-threats.rules)
 * 1:19180 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel pivot item index boundary corruption attempt (specific-threats.rules)
 * 1:19248 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader malformed U3D texture continuation integer overflow attempt (specific-threats.rules)
 * 1:17623 <-> ENABLED <-> SPECIFIC-THREATS Sun Java Runtime Environment Type1 Font parsing integer overflow attempt (specific-threats.rules)
 * 1:19113 <-> ENABLED <-> SPECIFIC-THREATS Adobe Shockwave 3D structure opcode 81 overflow attempt (specific-threats.rules)
 * 1:19117 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader malformed U3D integer overflow (specific-threats.rules)
 * 1:17641 <-> ENABLED <-> SPECIFIC-THREATS CUPS and Xpdf JBIG2 symbol dictionary buffer overflow attempt (specific-threats.rules)
 * 1:17729 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer EMBED element memory corruption attempt (specific-threats.rules)
 * 1:19255 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader ICC ProfileDescriptionTag overflow attempt (specific-threats.rules)
 * 1:19133 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel EntExU2 write access violation attempt (specific-threats.rules)
 * 1:19154 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel PtgExtraArray parsing attempt (specific-threats.rules)
 * 1:17554 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer DOM object cache management memory corruption attempt (specific-threats.rules)
 * 1:19707 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Word Converter sprmTSplit overflow attempt (specific-threats.rules)
 * 1:15993 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player ActionScript intrf_count integer overflow attempt (specific-threats.rules)
 * 1:15966 <-> ENABLED <-> SPECIFIC-THREATS F-Secure Anti-Virus LHA processing buffer overflow attempt (specific-threats.rules)
 * 1:8738 <-> ENABLED <-> WEB-ACTIVEX Macrovision InstallShield Update Service ActiveX clsid access (web-activex.rules)
 * 1:9844 <-> DISABLED <-> WEB-CLIENT VLC Media Player udp URI format string attempt (web-client.rules)
 * 1:15992 <-> DISABLED <-> SPECIFIC-THREATS Trend Micro Products Antivirus Library overflow attempt (specific-threats.rules)
 * 1:8703 <-> DISABLED <-> EXPLOIT IceCast header buffer overflow attempt (exploit.rules)
 * 1:8058 <-> ENABLED <-> WEB-CLIENT Mozilla javascript navigator object access (web-client.rules)
 * 1:8702 <-> DISABLED <-> EXPLOIT IceCast header buffer overflow attempt (exploit.rules)
 * 1:19667 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer cross-domain scripting attack (specific-threats.rules)
 * 1:19468 <-> ENABLED <-> SPECIFIC-THREATS Microsoft stale data code execution attempt (specific-threats.rules)
 * 1:15950 <-> ENABLED <-> SPECIFIC-THREATS McAfee LHA Type-2 file handling overflow attempt (specific-threats.rules)
 * 1:15587 <-> ENABLED <-> WEB-CLIENT Word file download request (web-client.rules)
 * 1:15894 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Color Management Module remote code execution attempt (specific-threats.rules)
 * 1:15123 <-> ENABLED <-> WEB-CLIENT Rich Text Format file request (web-client.rules)
 * 1:15238 <-> DISABLED <-> SPECIFIC-THREATS Apple QuickTime for Java toQTPointer function memory corruption attempt (specific-threats.rules)
 * 1:12775 <-> ENABLED <-> SPECIFIC-THREATS obfuscated RealPlayer Ierpplug.dll ActiveX exploit attempt (specific-threats.rules)
 * 1:15865 <-> ENABLED <-> WEB-CLIENT MP4 file request (web-client.rules)
 * 1:19825 <-> ENABLED <-> DOS Apache Killer denial of service tool exploit attempt (dos.rules)
 * 1:15949 <-> DISABLED <-> SPECIFIC-THREATS McAfee LHA file handling overflow attempt (specific-threats.rules)
 * 1:19082 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player memory corruption attempt (specific-threats.rules)
 * 1:19686 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash uninitialized bitmap structure memory corruption attempt (specific-threats.rules)
 * 1:19467 <-> ENABLED <-> SPECIFIC-THREATS Microsoft CSRSS NULL Fontface pointer attempt (specific-threats.rules)
 * 1:19464 <-> ENABLED <-> SPECIFIC-THREATS Microsoft CSRSS integer overflow attempt (specific-threats.rules)
 * 1:19909 <-> DISABLED <-> SPECIFIC-THREATS Cisco AnyConnect ActiveX clsid access (specific-threats.rules)
 * 1:19809 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer covered object memory corruption attempt (specific-threats.rules)
 * 1:19077 <-> ENABLED <-> SPECIFIC-THREATS Firefox appendChild use-after-free attempt (specific-threats.rules)
 * 1:18992 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash player content parsing execution attempt (specific-threats.rules)
 * 1:18995 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari Webkit removeAllRanges use-after-free attempt (specific-threats.rules)
 * 1:16010 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer Javascript Page update race condition attempt (specific-threats.rules)
 * 1:16009 <-> DISABLED <-> SPECIFIC-THREATS Mozilla products overflow event handling memory corruption attempt (specific-threats.rules)
 * 1:16011 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer CSS property method handling memory corruption attempt (specific-threats.rules)
 * 1:16041 <-> DISABLED <-> SPECIFIC-THREATS Apple QuickTime FLIC animation file buffer overflow attempt (specific-threats.rules)
 * 3:13879 <-> ENABLED <-> WEB-CLIENT Windows BMP image conversion arbitrary code execution attempt (web-client.rules)