Sourcefire VRT Rules Update

Date: 2013-07-25

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.5.0.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:27286 <-> DISABLED <-> SERVER-WEBAPP DuWare DuClassmate default.asp iCity sql injection attempt (server-webapp.rules)
 * 1:27285 <-> ENABLED <-> SERVER-WEBAPP Gazi Download Portal down_indir.asp SQL injection attempt (server-webapp.rules)
 * 1:27284 <-> ENABLED <-> SERVER-WEBAPP SezHoo remote file include in SezHooTabsAndActions.php (server-webapp.rules)
 * 1:27283 <-> DISABLED <-> BROWSER-PLUGINS PPMate PPMPlayer.dll ActiveX clsid access (browser-plugins.rules)
 * 1:27282 <-> DISABLED <-> BROWSER-PLUGINS PPMate PPMPlayer.dll ActiveX clsid access (browser-plugins.rules)
 * 1:27281 <-> DISABLED <-> FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (file-other.rules)
 * 1:27280 <-> DISABLED <-> FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (file-other.rules)
 * 1:27279 <-> DISABLED <-> FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (file-other.rules)
 * 1:27278 <-> DISABLED <-> FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (file-other.rules)
 * 1:27277 <-> ENABLED <-> FILE-IDENTIFY Trimble SketchUp file download request (file-identify.rules)
 * 1:27276 <-> ENABLED <-> FILE-IDENTIFY Trimble SketchUp file attachment detected (file-identify.rules)
 * 1:27275 <-> ENABLED <-> FILE-IDENTIFY Trimble SketchUp file attachment detected (file-identify.rules)
 * 1:27274 <-> ENABLED <-> EXPLOIT-KIT CritX Exploit Kit Java Exploit request structure (exploit-kit.rules)
 * 1:27273 <-> ENABLED <-> EXPLOIT-KIT Unknown exploit kit iframe redirection (exploit-kit.rules)
 * 1:27272 <-> ENABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:27271 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:27270 <-> ENABLED <-> SERVER-OTHER GuildFTPd CWD command heap overflow attempt (server-other.rules)
 * 1:27269 <-> DISABLED <-> SERVER-OTHER GuildFTPd CWD command heap overflow attempt (server-other.rules)
 * 1:27268 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27267 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27266 <-> ENABLED <-> FILE-FLASH Adobe SWF heap buffer overflow attempt (file-flash.rules)
 * 1:27265 <-> ENABLED <-> FILE-FLASH Adobe SWF heap buffer overflow attempt (file-flash.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27263 <-> ENABLED <-> BLACKLIST User-Agent known malicious user agent - yahoonews (blacklist.rules)
 * 1:27262 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 263 buffer overflow attempt (server-other.rules)
 * 1:27261 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 215 buffer overflow attempt (server-other.rules)
 * 1:27260 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Java.Agent.NFK variant connection attempt (malware-cnc.rules)

Modified Rules:


 * 1:9841 <-> DISABLED <-> SERVER-MAIL Micrsoft Office Outlook VEVENT overflow attempt (server-mail.rules)
 * 1:9670 <-> DISABLED <-> BROWSER-PLUGINS Outlook Recipient Control ActiveX function call access (browser-plugins.rules)
 * 1:9668 <-> DISABLED <-> BROWSER-PLUGINS Outlook Recipient Control ActiveX clsid access (browser-plugins.rules)
 * 1:9621 <-> DISABLED <-> PROTOCOL-TFTP 3COM server transport mode buffer overflow attempt (protocol-tftp.rules)
 * 1:8060 <-> DISABLED <-> SERVER-OTHER UltraVNC VNCLog buffer overflow (server-other.rules)
 * 1:7421 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION.GET_V2_DOMAIN_INDEX_TABLES access attempt (server-oracle.rules)
 * 1:6511 <-> DISABLED <-> SERVER-WEBAPP ALT-N WebAdmin user param overflow attempt (server-webapp.rules)
 * 1:5684 <-> DISABLED <-> NETBIOS SMB Session Setup unicode andx username overflow attempt (netbios.rules)
 * 1:5683 <-> DISABLED <-> NETBIOS SMB Session Setup andx username overflow attempt (netbios.rules)
 * 1:5682 <-> DISABLED <-> NETBIOS SMB Session Setup unicode andx username overflow attempt (netbios.rules)
 * 1:5681 <-> DISABLED <-> NETBIOS SMB Session Setup unicode username overflow attempt (netbios.rules)
 * 1:5680 <-> DISABLED <-> NETBIOS SMB Session Setup username overflow attempt (netbios.rules)
 * 1:5679 <-> DISABLED <-> NETBIOS SMB-DS Session Setup unicode username overflow attempt (netbios.rules)
 * 1:5678 <-> DISABLED <-> NETBIOS SMB-DS Session Setup username overflow attempt (netbios.rules)
 * 1:5677 <-> DISABLED <-> NETBIOS SMB Session Setup username overflow attempt (netbios.rules)
 * 1:4646 <-> DISABLED <-> PROTOCOL-IMAP search literal format string attempt (protocol-imap.rules)
 * 1:4192 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HHOpen ActiveX object access (browser-plugins.rules)
 * 1:4171 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Registration Wizard ActiveX object access (browser-plugins.rules)
 * 1:4168 <-> DISABLED <-> BROWSER-PLUGINS Shell Automation Service ActiveX object access (browser-plugins.rules)
 * 1:4167 <-> DISABLED <-> BROWSER-PLUGINS MSN Heartbeat ActiveX clsid access (browser-plugins.rules)
 * 1:4159 <-> DISABLED <-> BROWSER-PLUGINS Multimedia File Property Sheet ActiveX object access (browser-plugins.rules)
 * 1:4128 <-> DISABLED <-> SERVER-WEBAPP 4DWebstar ShellExample.cgi information disclosure (server-webapp.rules)
 * 1:3675 <-> DISABLED <-> SERVER-OTHER IBM DB2 DTS empty format string dos attempt (server-other.rules)
 * 1:3650 <-> DISABLED <-> NETBIOS SMB Trans unicode andx data displacement null pointer DOS attempt (netbios.rules)
 * 1:3649 <-> DISABLED <-> NETBIOS SMB Trans unicode data displacement null pointer DOS attempt (netbios.rules)
 * 1:3648 <-> DISABLED <-> NETBIOS SMB Trans data displacement null pointer DOS attempt (netbios.rules)
 * 1:3647 <-> DISABLED <-> NETBIOS SMB Trans andx data displacement null pointer DOS attempt (netbios.rules)
 * 1:3646 <-> DISABLED <-> NETBIOS SMB-DS Trans unicode andx data displacement null pointer DOS attempt (netbios.rules)
 * 1:3645 <-> DISABLED <-> NETBIOS SMB-DS Trans unicode data displacement null pointer DOS attempt (netbios.rules)
 * 1:3644 <-> DISABLED <-> NETBIOS SMB-DS Trans data displacement null pointer DOS attempt (netbios.rules)
 * 1:3643 <-> DISABLED <-> NETBIOS SMB-DS Trans andx data displacement null pointer DOS attempt (netbios.rules)
 * 1:3642 <-> DISABLED <-> NETBIOS SMB Trans unicode andx data displacement null pointer DOS attempt (netbios.rules)
 * 1:3641 <-> DISABLED <-> NETBIOS SMB Trans unicode data displacement null pointer DOS attempt (netbios.rules)
 * 1:3640 <-> DISABLED <-> NETBIOS SMB Trans data displacement null pointer DOS attempt (netbios.rules)
 * 1:3639 <-> DISABLED <-> NETBIOS SMB Trans andx data displacement null pointer DOS attempt (netbios.rules)
 * 1:3531 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP msg 0x99 client domain overflow (server-other.rules)
 * 1:3530 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP msg 0x99 client name overflow (server-other.rules)
 * 1:3527 <-> DISABLED <-> OS-SOLARIS Oracle Solaris LPD overflow attempt (os-solaris.rules)
 * 1:3485 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9c client domain overflow (server-other.rules)
 * 1:3484 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9c client name overflow (server-other.rules)
 * 1:3483 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9b client domain overflow (server-other.rules)
 * 1:3482 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9b client name overflow (server-other.rules)
 * 1:3481 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP slot info msg client domain overflow (server-other.rules)
 * 1:3480 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP slot info msg client name overflow (server-other.rules)
 * 1:3479 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9c client name overflow (server-other.rules)
 * 1:3478 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9c client domain overflow (server-other.rules)
 * 1:3477 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9b client name overflow (server-other.rules)
 * 1:3476 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9b client domain overflow (server-other.rules)
 * 1:3475 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP slot info msg client domain overflow (server-other.rules)
 * 1:3474 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP slot info msg client name overflow (server-other.rules)
 * 1:3465 <-> DISABLED <-> SERVER-WEBAPP RiSearch show.pl proxy attempt (server-webapp.rules)
 * 1:3086 <-> DISABLED <-> SERVER-WEBAPP 3Com 3CRADSL72 ADSL 11g Wireless Router app_sta.stm access attempt (server-webapp.rules)
 * 1:300 <-> DISABLED <-> OS-SOLARIS Oracle Solaris npls x86 overflow (os-solaris.rules)
 * 1:2926 <-> DISABLED <-> SERVER-WEBAPP PhpGedView PGV base directory manipulation (server-webapp.rules)
 * 1:27227 <-> DISABLED <-> SERVER-WEBAPP txtSQL startup.php remote file include attempt (server-webapp.rules)
 * 1:27219 <-> DISABLED <-> BROWSER-PLUGINS DB Software Laboratory VImpX activex control ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27218 <-> DISABLED <-> SERVER-WEBAPP Themescript remote file include in CheckUpload.php Language (server-webapp.rules)
 * 1:27210 <-> ENABLED <-> SERVER-OTHER IPMI RAKP cipher zero remote authentication bypass attempt (server-other.rules)
 * 1:27177 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Socket ActiveX clsid access (browser-plugins.rules)
 * 1:27176 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Socket ActiveX clsid access (browser-plugins.rules)
 * 1:27175 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Socket ActiveX clsid access (browser-plugins.rules)
 * 1:27174 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Socket ActiveX clsid access (browser-plugins.rules)
 * 1:2704 <-> DISABLED <-> SERVER-WEBAPP Oracle 10g iSQLPlus login.unix connectID overflow attempt (server-webapp.rules)
 * 1:2703 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQLPlus login.uix username overflow attempt (server-webapp.rules)
 * 1:2702 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQLPlus username overflow attempt (server-webapp.rules)
 * 1:2701 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQLPlus sid overflow attempt (server-webapp.rules)
 * 1:26997 <-> DISABLED <-> MALWARE-CNC OSX.Trojan.Morcut outbound connection attempt (malware-cnc.rules)
 * 1:2686 <-> DISABLED <-> SERVER-ORACLE sys.dbms_rectifier_diff.differences buffer overflow attempt (server-oracle.rules)
 * 1:2672 <-> DISABLED <-> SERVER-WEBAPP sresult.exe access (server-webapp.rules)
 * 1:26697 <-> ENABLED <-> MALWARE-CNC Cbeplay Ransomware outbound connection - POST Body (malware-cnc.rules)
 * 1:2666 <-> DISABLED <-> PROTOCOL-POP PASS format string attempt (protocol-pop.rules)
 * 1:2664 <-> DISABLED <-> PROTOCOL-IMAP login format string attempt (protocol-imap.rules)
 * 1:26546 <-> DISABLED <-> BROWSER-PLUGINS SafeNet ActiveX clsid access (browser-plugins.rules)
 * 1:26545 <-> DISABLED <-> BROWSER-PLUGINS SafeNet ActiveX clsid access (browser-plugins.rules)
 * 1:26544 <-> DISABLED <-> BROWSER-PLUGINS SafeNet ActiveX clsid access (browser-plugins.rules)
 * 1:26543 <-> DISABLED <-> BROWSER-PLUGINS SafeNet ActiveX clsid access (browser-plugins.rules)
 * 1:26462 <-> DISABLED <-> FILE-OTHER Shadow Stream Recorder asx file buffer overflow attempt (file-other.rules)
 * 1:26461 <-> DISABLED <-> FILE-OTHER Shadow Stream Recorder asx file buffer overflow attempt (file-other.rules)
 * 1:26460 <-> DISABLED <-> FILE-OTHER Shadow Stream Recorder asx file buffer overflow attempt (file-other.rules)
 * 1:26459 <-> DISABLED <-> FILE-OTHER Shadow Stream Recorder asx file buffer overflow attempt (file-other.rules)
 * 1:26451 <-> DISABLED <-> INDICATOR-OBFUSCATION g01pack Javascript substr function wrapper attempt (indicator-obfuscation.rules)
 * 1:2575 <-> DISABLED <-> SERVER-WEBAPP Opt-X header.php remote file include attempt (server-webapp.rules)
 * 1:2573 <-> DISABLED <-> SERVER-IIS SmarterTools SmarterMail frmCompose.asp access (server-iis.rules)
 * 1:2572 <-> DISABLED <-> SERVER-IIS SmarterTools SmarterMail login.aspx buffer overflow attempt (server-iis.rules)
 * 1:2571 <-> DISABLED <-> SERVER-IIS SmarterTools SmarterMail frmGetAttachment.aspx access (server-iis.rules)
 * 1:2568 <-> DISABLED <-> SERVER-WEBAPP Emumail emumail.fcgi access (server-webapp.rules)
 * 1:2567 <-> DISABLED <-> SERVER-WEBAPP Emumail init.emu access (server-webapp.rules)
 * 1:2566 <-> DISABLED <-> SERVER-WEBAPP PHPBB viewforum.php access (server-webapp.rules)
 * 1:2565 <-> DISABLED <-> SERVER-WEBAPP modules.php access (server-webapp.rules)
 * 1:24867 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS UNC mapped virtual host file source code access attempt (server-iis.rules)
 * 1:24866 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS UNC mapped virtual host file source code access attempt (server-iis.rules)
 * 1:24705 <-> ENABLED <-> SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (server-webapp.rules)
 * 1:24704 <-> ENABLED <-> SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (server-webapp.rules)
 * 1:24659 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules)
 * 1:24658 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules)
 * 1:24657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules)
 * 1:2409 <-> DISABLED <-> PROTOCOL-POP APOP USER overflow attempt (protocol-pop.rules)
 * 1:2408 <-> DISABLED <-> SERVER-WEBAPP Invision Power Board search.pl access (server-webapp.rules)
 * 1:2407 <-> DISABLED <-> SERVER-WEBAPP util.pl access (server-webapp.rules)
 * 1:2405 <-> DISABLED <-> SERVER-WEBAPP phptest.php access (server-webapp.rules)
 * 1:2404 <-> DISABLED <-> NETBIOS SMB-DS Session Setup unicode andx username overflow attempt (netbios.rules)
 * 1:2403 <-> DISABLED <-> NETBIOS SMB Session Setup unicode username overflow attempt (netbios.rules)
 * 1:2402 <-> DISABLED <-> NETBIOS SMB-DS Session Setup andx username overflow attempt (netbios.rules)
 * 1:2401 <-> DISABLED <-> NETBIOS SMB Session Setup andx username overflow attempt (netbios.rules)
 * 1:2400 <-> DISABLED <-> SERVER-WEBAPP edittag.pl access (server-webapp.rules)
 * 1:2393 <-> DISABLED <-> SERVER-WEBAPP /_admin access (server-webapp.rules)
 * 1:2372 <-> DISABLED <-> SERVER-WEBAPP Photopost PHP Pro showphoto.php access (server-webapp.rules)
 * 1:2371 <-> DISABLED <-> SERVER-WEBAPP Sample_showcode.html access (server-webapp.rules)
 * 1:2370 <-> DISABLED <-> SERVER-WEBAPP BugPort config.conf file access (server-webapp.rules)
 * 1:2369 <-> DISABLED <-> SERVER-WEBAPP ISAPISkeleton.dll access (server-webapp.rules)
 * 1:23626 <-> ENABLED <-> SERVER-IIS cmd.exe access (server-iis.rules)
 * 1:2359 <-> DISABLED <-> SERVER-WEBAPP Invision Board ipchat.php file include (server-webapp.rules)
 * 1:2357 <-> DISABLED <-> SERVER-WEBAPP WebChat english.php file include (server-webapp.rules)
 * 1:2356 <-> DISABLED <-> SERVER-WEBAPP WebChat db_mysql.php file include (server-webapp.rules)
 * 1:23480 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino webadmin.nsf directory traversal attempt (server-webapp.rules)
 * 1:23471 <-> DISABLED <-> BROWSER-CHROME Google Chrome net-internals uri fragment identifier XSS attempt (browser-chrome.rules)
 * 1:2344 <-> DISABLED <-> PROTOCOL-FTP XCWD overflow attempt (protocol-ftp.rules)
 * 1:23350 <-> DISABLED <-> MALWARE-OTHER potential clickjacking via css pointer-events attempt (malware-other.rules)
 * 1:2306 <-> DISABLED <-> SERVER-WEBAPP gallery remote file include attempt (server-webapp.rules)
 * 1:2305 <-> DISABLED <-> SERVER-WEBAPP chatbox.php access (server-webapp.rules)
 * 1:2304 <-> DISABLED <-> SERVER-WEBAPP files.inc.php access (server-webapp.rules)
 * 1:2303 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll popup.php access (server-webapp.rules)
 * 1:2302 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll poll_ssi.php access (server-webapp.rules)
 * 1:2301 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll booth.php access (server-webapp.rules)
 * 1:2300 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_tpl_new.php access (server-webapp.rules)
 * 1:2299 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_tpl_misc_new.php access (server-webapp.rules)
 * 1:2298 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_templates.php access (server-webapp.rules)
 * 1:2297 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_templates_misc.php access (server-webapp.rules)
 * 1:2296 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_stats.php access (server-webapp.rules)
 * 1:2295 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_settings.php access (server-webapp.rules)
 * 1:2294 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_preview.php access (server-webapp.rules)
 * 1:2293 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_password.php access (server-webapp.rules)
 * 1:2292 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_logout.php access (server-webapp.rules)
 * 1:2291 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_license.php access (server-webapp.rules)
 * 1:2290 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_help.php access (server-webapp.rules)
 * 1:2289 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_embed.php access (server-webapp.rules)
 * 1:2288 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_edit.php access (server-webapp.rules)
 * 1:2287 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_comment.php access (server-webapp.rules)
 * 1:2155 <-> DISABLED <-> SERVER-WEBAPP ttforum remote file include attempt (server-webapp.rules)
 * 1:2151 <-> DISABLED <-> SERVER-WEBAPP ttCMS header.php access (server-webapp.rules)
 * 1:2150 <-> DISABLED <-> SERVER-WEBAPP ttCMS header.php remote file include attempt (server-webapp.rules)
 * 1:2138 <-> DISABLED <-> SERVER-WEBAPP logicworks.ini access (server-webapp.rules)
 * 1:21248 <-> DISABLED <-> SERVER-OTHER multiple vendors host buffer overflow attempt (server-other.rules)
 * 1:2120 <-> DISABLED <-> PROTOCOL-IMAP create literal buffer overflow attempt (protocol-imap.rules)
 * 1:21163 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook VEVENT overflow attempt (file-office.rules)
 * 1:21150 <-> DISABLED <-> PROTOCOL-VOIP Grandstream networks denial of service (protocol-voip.rules)
 * 1:2115 <-> DISABLED <-> SERVER-WEBAPP album.pl access (server-webapp.rules)
 * 1:2107 <-> DISABLED <-> PROTOCOL-IMAP create buffer overflow attempt (protocol-imap.rules)
 * 1:2078 <-> DISABLED <-> SERVER-WEBAPP phpBB privmsg.php access (server-webapp.rules)
 * 1:2067 <-> DISABLED <-> SERVER-WEBAPP Lotus Notes .exe script source download attempt (server-webapp.rules)
 * 1:20667 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Thunderbird / SeaMonkey Content-Type header buffer overflow attempt (browser-firefox.rules)
 * 1:20666 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Thunderbird / SeaMonkey Content-Type header buffer overflow attempt (browser-firefox.rules)
 * 1:20665 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS UNC mapped virtual host file source code access attempt (server-iis.rules)
 * 1:20664 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS UNC mapped virtual host file source code access attempt (server-iis.rules)
 * 1:2066 <-> DISABLED <-> SERVER-WEBAPP Lotus Notes .pl script source download attempt (server-webapp.rules)
 * 1:20137 <-> DISABLED <-> INDICATOR-OBFUSCATION Possible generic javascript heap spray attempt (indicator-obfuscation.rules)
 * 1:20055 <-> DISABLED <-> FILE-JAVA Oracle Java runtime JPEGImageReader overflow attempt (file-java.rules)
 * 1:20052 <-> DISABLED <-> PROTOCOL-SCADA IntelliCom NetBiter config utility hostname overflow attempt (protocol-scada.rules)
 * 1:1998 <-> DISABLED <-> SERVER-WEBAPP calendar.php access (server-webapp.rules)
 * 1:1971 <-> DISABLED <-> PROTOCOL-FTP SITE EXEC format string attempt (protocol-ftp.rules)
 * 1:1968 <-> DISABLED <-> SERVER-WEBAPP phpbb quick-reply.php access (server-webapp.rules)
 * 1:1967 <-> DISABLED <-> SERVER-WEBAPP phpbb quick-reply.php arbitrary command attempt (server-webapp.rules)
 * 1:1966 <-> DISABLED <-> SERVER-OTHER GlobalSunTech Access Point Information Disclosure attempt (server-other.rules)
 * 1:19217 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules)
 * 1:19216 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules)
 * 1:19206 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:1841 <-> DISABLED <-> FILE-JAVA Oracle Javascript URL host spoofing attempt (file-java.rules)
 * 1:1830 <-> DISABLED <-> SERVER-APACHE Apache Tomcat SnoopServlet servlet access (server-apache.rules)
 * 1:1829 <-> DISABLED <-> SERVER-APACHE Apache Tomcat TroubleShooter servlet access (server-apache.rules)
 * 1:18168 <-> DISABLED <-> INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (indicator-shellcode.rules)
 * 1:18167 <-> DISABLED <-> INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (indicator-shellcode.rules)
 * 1:17597 <-> ENABLED <-> SERVER-WEBAPP TikiWiki jhot.php script file upload attempt (server-webapp.rules)
 * 1:1754 <-> DISABLED <-> SERVER-IIS as_web4.exe access (server-iis.rules)
 * 1:1753 <-> DISABLED <-> SERVER-IIS as_web.exe access (server-iis.rules)
 * 1:16654 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules)
 * 1:16481 <-> DISABLED <-> BROWSER-OTHER Opera Content-Length header integer overflow attempt (browser-other.rules)
 * 1:1645 <-> DISABLED <-> SERVER-WEBAPP testcgi access (server-webapp.rules)
 * 1:16353 <-> ENABLED <-> FILE-MULTIMEDIA FFmpeg OGV file format memory corruption attempt (file-multimedia.rules)
 * 1:1591 <-> DISABLED <-> SERVER-WEBAPP faqmanager.cgi access (server-webapp.rules)
 * 1:1590 <-> DISABLED <-> SERVER-WEBAPP faqmanager.cgi arbitrary file access attempt (server-webapp.rules)
 * 1:1586 <-> DISABLED <-> SERVER-WEBAPP Domino mail.box access (server-webapp.rules)
 * 1:1579 <-> DISABLED <-> SERVER-WEBAPP Domino webadmin.nsf access (server-webapp.rules)
 * 1:1575 <-> DISABLED <-> SERVER-WEBAPP Domino mab.nsf access (server-webapp.rules)
 * 1:15698 <-> DISABLED <-> INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (indicator-shellcode.rules)
 * 1:15378 <-> DISABLED <-> BROWSER-PLUGINS Sopcast SopCore ActiveX function call access (browser-plugins.rules)
 * 1:15376 <-> DISABLED <-> BROWSER-PLUGINS Sopcast SopCore ActiveX clsid access (browser-plugins.rules)
 * 1:15344 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8200 ActiveX function call access (browser-plugins.rules)
 * 1:15342 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8200 ActiveX clsid access (browser-plugins.rules)
 * 1:15340 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8120 ActiveX function call access (browser-plugins.rules)
 * 1:15338 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8120 ActiveX clsid access (browser-plugins.rules)
 * 1:15336 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 7000 ActiveX function call access (browser-plugins.rules)
 * 1:15334 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 7000 ActiveX clsid access (browser-plugins.rules)
 * 1:15234 <-> DISABLED <-> BROWSER-PLUGINS Easy Grid ActiveX function call access (browser-plugins.rules)
 * 1:15232 <-> DISABLED <-> BROWSER-PLUGINS Easy Grid ActiveX clsid access (browser-plugins.rules)
 * 1:15230 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Viewer 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15181 <-> DISABLED <-> BROWSER-PLUGINS SaschArt SasCam Webcam Server ActiveX clsid access (browser-plugins.rules)
 * 1:15156 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server serverdown Authentication bypass attempt (pua-other.rules)
 * 1:15155 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server png Authentication bypass attempt (pua-other.rules)
 * 1:15154 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server gif Authentication bypass attempt (pua-other.rules)
 * 1:15152 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server setup-index Authentication bypass attempt (pua-other.rules)
 * 1:15151 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server logout Authentication bypass attempt (pua-other.rules)
 * 1:15150 <-> ENABLED <-> PUA-OTHER Jive Software Openfire Jabber Server login Authentication bypass attempt (pua-other.rules)
 * 1:15005 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX function call access (browser-plugins.rules)
 * 1:15003 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX clsid access (browser-plugins.rules)
 * 1:1491 <-> DISABLED <-> SERVER-WEBAPP Phorum /support/common.php access (server-webapp.rules)
 * 1:14780 <-> DISABLED <-> BROWSER-PLUGINS Dart Communications PowerTCP FTP ActiveX function call access (browser-plugins.rules)
 * 1:14778 <-> DISABLED <-> BROWSER-PLUGINS Dart Communications PowerTCP FTP ActiveX clsid access (browser-plugins.rules)
 * 1:14754 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks Desktop Management ActiveX function call access (browser-plugins.rules)
 * 1:14752 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks Desktop Management ActiveX clsid access (browser-plugins.rules)
 * 1:14744 <-> DISABLED <-> BROWSER-PLUGINS Hummingbird HostExplorer ActiveX clsid access (browser-plugins.rules)
 * 1:14605 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveReport ARViewer2 ActiveX function call access (browser-plugins.rules)
 * 1:14603 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveReport ARViewer2 ActiveX clsid access (browser-plugins.rules)
 * 1:14598 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne VSFlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:14596 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne VSFlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:14594 <-> DISABLED <-> BROWSER-PLUGINS Peachtree Accounting 2004 ActiveX clsid access (browser-plugins.rules)
 * 1:14245 <-> DISABLED <-> BROWSER-PLUGINS Najdi.si Toolbar ActiveX function call access (browser-plugins.rules)
 * 1:14243 <-> DISABLED <-> BROWSER-PLUGINS Najdi.si Toolbar ActiveX clsid access (browser-plugins.rules)
 * 1:14241 <-> DISABLED <-> BROWSER-PLUGINS Friendly Technologies fwRemoteConfig ActiveX function call access (browser-plugins.rules)
 * 1:14239 <-> DISABLED <-> BROWSER-PLUGINS Friendly Technologies fwRemoteConfig ActiveX clsid access (browser-plugins.rules)
 * 1:14237 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Services ActiveX function call access (browser-plugins.rules)
 * 1:1405 <-> DISABLED <-> SERVER-WEBAPP AHG search.cgi access (server-webapp.rules)
 * 1:13928 <-> ENABLED <-> SERVER-WEBAPP Adobe RoboHelp r0 SQL injection attempt (server-webapp.rules)
 * 1:13885 <-> DISABLED <-> BROWSER-PLUGINS UUSee UUUpgrade ActiveX function call access (browser-plugins.rules)
 * 1:13883 <-> DISABLED <-> BROWSER-PLUGINS UUSee UUUpgrade ActiveX clsid access (browser-plugins.rules)
 * 1:1376 <-> DISABLED <-> SERVER-WEBAPP jrun directory browse attempt (server-webapp.rules)
 * 1:13717 <-> DISABLED <-> PROTOCOL-RPC portmap CA BrightStor ARCserve udp procedure 232 attempt (protocol-rpc.rules)
 * 1:13716 <-> DISABLED <-> PROTOCOL-RPC portmap CA BrightStor ARCserve tcp procedure 232 attempt (protocol-rpc.rules)
 * 1:13683 <-> DISABLED <-> BROWSER-PLUGINS CDNetworks Nefficient Download ActiveX function call access (browser-plugins.rules)
 * 1:13681 <-> DISABLED <-> BROWSER-PLUGINS CDNetworks Nefficient Download ActiveX clsid access (browser-plugins.rules)
 * 1:13661 <-> DISABLED <-> BROWSER-PLUGINS VeralSoft HTTP File Upload ActiveX clsid access (browser-plugins.rules)
 * 1:13597 <-> DISABLED <-> BROWSER-PLUGINS ICQ Toolbar toolbaru.dll ActiveX function call access (browser-plugins.rules)
 * 1:13595 <-> DISABLED <-> BROWSER-PLUGINS ICQ Toolbar toolbaru.dll ActiveX clsid access (browser-plugins.rules)
 * 1:13545 <-> DISABLED <-> BROWSER-PLUGINS Learn2 STRunner ActiveX function call access (browser-plugins.rules)
 * 1:13543 <-> DISABLED <-> BROWSER-PLUGINS Learn2 STRunner ActiveX clsid access (browser-plugins.rules)
 * 1:13537 <-> DISABLED <-> BROWSER-PLUGINS Vivotek RTSP MPEG4 SP Control ActiveX function call access (browser-plugins.rules)
 * 1:13535 <-> DISABLED <-> BROWSER-PLUGINS Vivotek RTSP MPEG4 SP Control ActiveX clsid access (browser-plugins.rules)
 * 1:13533 <-> DISABLED <-> BROWSER-PLUGINS 4xem VatCtrl ActiveX function call access (browser-plugins.rules)
 * 1:13531 <-> DISABLED <-> BROWSER-PLUGINS 4xem VatCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:13529 <-> DISABLED <-> BROWSER-PLUGINS D-Link MPEG4 SHM Audio Control ActiveX function call access (browser-plugins.rules)
 * 1:13527 <-> DISABLED <-> BROWSER-PLUGINS D-Link MPEG4 SHM Audio Control ActiveX clsid access (browser-plugins.rules)
 * 1:13446 <-> DISABLED <-> BROWSER-PLUGINS GlobalLink HanGamePlugin ActiveX clsid access (browser-plugins.rules)
 * 1:13444 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13442 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13440 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (browser-plugins.rules)
 * 1:13438 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (browser-plugins.rules)
 * 1:13436 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13434 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13432 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX function call access (browser-plugins.rules)
 * 1:13430 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13428 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox DataGrid ActiveX function call access (browser-plugins.rules)
 * 1:13426 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox DataGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13352 <-> DISABLED <-> BROWSER-PLUGINS Lycos File Upload Component ActiveX function call access (browser-plugins.rules)
 * 1:13350 <-> DISABLED <-> BROWSER-PLUGINS Move Networks Media Player ActiveX function call access (browser-plugins.rules)
 * 1:13348 <-> DISABLED <-> BROWSER-PLUGINS Move Networks Media Player ActiveX clsid access (browser-plugins.rules)
 * 1:13337 <-> DISABLED <-> BROWSER-PLUGINS Comodo AntiVirus ActiveX clsid access (browser-plugins.rules)
 * 1:13335 <-> DISABLED <-> BROWSER-PLUGINS Lycos File Upload Component ActiveX clsid access (browser-plugins.rules)
 * 1:13327 <-> DISABLED <-> BROWSER-PLUGINS Macrovision FLEXnet Connect ActiveX function call access (browser-plugins.rules)
 * 1:13325 <-> DISABLED <-> BROWSER-PLUGINS Macrovision FLEXnet Connect ActiveX clsid access (browser-plugins.rules)
 * 1:13275 <-> DISABLED <-> BROWSER-PLUGINS DivX Web Player ActiveX function call access (browser-plugins.rules)
 * 1:13273 <-> DISABLED <-> BROWSER-PLUGINS DivX Web Player ActiveX clsid access (browser-plugins.rules)
 * 1:13266 <-> DISABLED <-> BROWSER-PLUGINS SkyFex Client ActiveX clsid access (browser-plugins.rules)
 * 1:13230 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13228 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 1 ActiveX clsid access (browser-plugins.rules)
 * 1:12684 <-> DISABLED <-> MALWARE-BACKDOOR Sygate Remote Administration Engine (malware-backdoor.rules)
 * 1:12442 <-> DISABLED <-> BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12440 <-> DISABLED <-> BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll ActiveX function call access (browser-plugins.rules)
 * 1:12438 <-> DISABLED <-> BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12428 <-> DISABLED <-> BROWSER-PLUGINS GlobalLink glitemflat.dll ActiveX clsid access (browser-plugins.rules)
 * 1:1220 <-> DISABLED <-> SERVER-WEBAPP ultraboard access (server-webapp.rules)
 * 1:1218 <-> DISABLED <-> SERVER-WEBAPP adminlogin access (server-webapp.rules)
 * 1:12021 <-> DISABLED <-> BROWSER-PLUGINS NCTsoft NCTAudioFile2 NCTWMAFile ActiveX function call access (browser-plugins.rules)
 * 1:12019 <-> DISABLED <-> BROWSER-PLUGINS NCTsoft NCTAudioFile2 NCTWMAFile ActiveX clsid access (browser-plugins.rules)
 * 1:12017 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioStudio2 NCT WavChunksEditor ActiveX function call access (browser-plugins.rules)
 * 1:12015 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioStudio2 NCT WavChunksEditor ActiveX clsid access (browser-plugins.rules)
 * 1:11942 <-> DISABLED <-> BROWSER-PLUGINS Westbyte internet download accelerator ActiveX clsid access (browser-plugins.rules)
 * 1:11940 <-> DISABLED <-> BROWSER-PLUGINS Westbyte Internet Download Accelerator ActiveX function call access (browser-plugins.rules)
 * 1:11841 <-> DISABLED <-> BROWSER-PLUGINS TEC-IT TBarCode ActiveX function call access (browser-plugins.rules)
 * 1:11839 <-> DISABLED <-> BROWSER-PLUGINS TEC-IT TBarCode ActiveX clsid access (browser-plugins.rules)
 * 1:1179 <-> DISABLED <-> SERVER-WEBAPP Phorum violation access (server-webapp.rules)
 * 1:1177 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:11682 <-> DISABLED <-> SERVER-OTHER niprint_lpd module attack attempt (server-other.rules)
 * 1:11677 <-> DISABLED <-> BROWSER-PLUGINS Provideo Camimage Class ISSCamControl ActiveX clsid access (browser-plugins.rules)
 * 1:11662 <-> DISABLED <-> BROWSER-PLUGINS EDraw Office Viewer ActiveX function call access (browser-plugins.rules)
 * 1:11660 <-> DISABLED <-> BROWSER-PLUGINS EDraw Office Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:11656 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Thumbnail Browser Control ActiveX function call access (browser-plugins.rules)
 * 1:11654 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Thumbnail Browser Control ActiveX clsid access (browser-plugins.rules)
 * 1:11652 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Variant Object Library ActiveX function call access (browser-plugins.rules)
 * 1:11650 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Variant Object Library ActiveX clsid access (browser-plugins.rules)
 * 1:11648 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Thumbnail Object Library ActiveX function call access (browser-plugins.rules)
 * 1:11646 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Thumbnail Object Library ActiveX clsid access (browser-plugins.rules)
 * 1:11644 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster ISIS Object ActiveX function call access (browser-plugins.rules)
 * 1:11642 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster ISIS Object ActiveX clsid access (browser-plugins.rules)
 * 1:11640 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Document Object Library ActiveX function call access (browser-plugins.rules)
 * 1:11638 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Document Object Library ActiveX clsid access (browser-plugins.rules)
 * 1:11636 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Dialog File_D Object ActiveX function call access (browser-plugins.rules)
 * 1:11634 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Dialog File_D Object ActiveX clsid access (browser-plugins.rules)
 * 1:11632 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Dialog File Object ActiveX function call access (browser-plugins.rules)
 * 1:11630 <-> DISABLED <-> BROWSER-PLUGINS LeadTools Raster Dialog File Object ActiveX clsid access (browser-plugins.rules)
 * 1:11628 <-> DISABLED <-> BROWSER-PLUGINS LeadTools JPEG 2000 COM Object ActiveX function call access (browser-plugins.rules)
 * 1:11626 <-> DISABLED <-> BROWSER-PLUGINS LeadTools ISIS ActiveX function call access (browser-plugins.rules)
 * 1:11624 <-> DISABLED <-> BROWSER-PLUGINS LeadTools ISIS ActiveX clsid access (browser-plugins.rules)
 * 1:1137 <-> DISABLED <-> SERVER-WEBAPP Phorum authentication access (server-webapp.rules)
 * 1:1134 <-> DISABLED <-> SERVER-WEBAPP Phorum admin access (server-webapp.rules)
 * 1:11303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DB Software Laboratory DeWizardX ActiveX function call access (browser-plugins.rules)
 * 1:11301 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DB Software Laboratory DeWizardX ActiveX clsid access (browser-plugins.rules)
 * 1:11299 <-> DISABLED <-> BROWSER-PLUGINS Clever Database Comparer ActiveX function call access (browser-plugins.rules)
 * 1:11297 <-> DISABLED <-> BROWSER-PLUGINS Clever Database Comparer ActiveX clsid access (browser-plugins.rules)
 * 1:11295 <-> DISABLED <-> BROWSER-PLUGINS IDAutomation Linear Bar Code ActiveX function call access (browser-plugins.rules)
 * 1:11293 <-> DISABLED <-> BROWSER-PLUGINS IDAutomation Linear Bar Code ActiveX clsid access (browser-plugins.rules)
 * 1:11291 <-> DISABLED <-> BROWSER-PLUGINS Hewlett Packard HPQVWOCX.DL ActiveX clsid access (browser-plugins.rules)
 * 1:11286 <-> DISABLED <-> BROWSER-PLUGINS AudioCDRipper ActiveX function call access (browser-plugins.rules)
 * 1:11284 <-> DISABLED <-> BROWSER-PLUGINS AudioCDRipper ActiveX clsid access (browser-plugins.rules)
 * 1:11278 <-> DISABLED <-> BROWSER-PLUGINS GDivX Zenith Player AVI Fixer ActiveX function call access (browser-plugins.rules)
 * 1:11276 <-> DISABLED <-> BROWSER-PLUGINS GDivX Zenith Player AVI Fixer ActiveX clsid access (browser-plugins.rules)
 * 1:11274 <-> DISABLED <-> BROWSER-PLUGINS RControl ActiveX clsid access (browser-plugins.rules)
 * 1:11247 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Research In Motion TeamOn Import ActiveX clsid access (browser-plugins.rules)
 * 1:11220 <-> DISABLED <-> BROWSER-PLUGINS SmartCode VNC Manager ActiveX function call access (browser-plugins.rules)
 * 1:11218 <-> DISABLED <-> BROWSER-PLUGINS SmartCode VNC Manager ActiveX clsid access (browser-plugins.rules)
 * 1:11216 <-> DISABLED <-> BROWSER-PLUGINS VeralSoft HTTP File Uploader ActiveX function call access (browser-plugins.rules)
 * 1:11214 <-> DISABLED <-> BROWSER-PLUGINS VeralSoft HTTP File Uploader ActiveX clsid access (browser-plugins.rules)
 * 1:11212 <-> DISABLED <-> BROWSER-PLUGINS Sienzo Digital Music Mentor ActiveX function call access (browser-plugins.rules)
 * 1:11210 <-> DISABLED <-> BROWSER-PLUGINS Sienzo Digital Music Mentor ActiveX clsid access (browser-plugins.rules)
 * 1:11208 <-> DISABLED <-> BROWSER-PLUGINS East Wind Software ADVDAUDIO ActiveX function call access (browser-plugins.rules)
 * 1:11206 <-> DISABLED <-> BROWSER-PLUGINS East Wind Software ADVDAUDIO ActiveX clsid access (browser-plugins.rules)
 * 1:11201 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Viewer ActiveX function call access (browser-plugins.rules)
 * 1:11199 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:11197 <-> DISABLED <-> BROWSER-PLUGINS ActiveX Soft DVD Tools ActiveX function call access (browser-plugins.rules)
 * 1:11189 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Word Viewer ActiveX function call access (browser-plugins.rules)
 * 1:11187 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Word Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:11183 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Excel Viewer ActiveX function call access (browser-plugins.rules)
 * 1:11181 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Excel Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:11178 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office PowerPoint Viewer ActiveX function call access (browser-plugins.rules)
 * 1:11176 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office PowerPoint Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:10993 <-> DISABLED <-> BROWSER-PLUGINS Microgaming Download Helper ActiveX function call access (browser-plugins.rules)
 * 1:10991 <-> DISABLED <-> BROWSER-PLUGINS Microgaming Download Helper ActiveX clsid access (browser-plugins.rules)
 * 1:10417 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus SameTime STJNILoader ActiveX function call access (browser-plugins.rules)
 * 1:10414 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus SameTime STJNILoader Alt CLSID ActiveX function call access (browser-plugins.rules)
 * 1:1027 <-> DISABLED <-> SERVER-IIS perl-browse space attempt (server-iis.rules)
 * 1:1026 <-> DISABLED <-> SERVER-IIS perl-browse newline attempt (server-iis.rules)
 * 1:10170 <-> DISABLED <-> BROWSER-PLUGINS Verisign ConfigCHK ActiveX clsid access (browser-plugins.rules)
 * 1:10162 <-> DISABLED <-> BROWSER-PLUGINS BrowseDialog ActiveX clsid access (browser-plugins.rules)
 * 1:10156 <-> DISABLED <-> BROWSER-PLUGINS ActiveX Soft DVD Tools ActiveX clsid access (browser-plugins.rules)
 * 1:10128 <-> DISABLED <-> BROWSER-PLUGINS Aliplay ActiveX clsid access (browser-plugins.rules)
 * 1:10013 <-> DISABLED <-> BROWSER-PLUGINS CCRP FolderTreeView ActiveX clsid access (browser-plugins.rules)