Talos Rules 2018-01-31
This release adds and modifies rules in several categories.

Talos has added and modified multiple rules in the browser-firefox, browser-ie, browser-plugins, exploit-kit, file-executable, file-flash, file-identify, file-image, file-java, file-multimedia, file-office, file-other, file-pdf, indicator-compromise, indicator-obfuscation, indicator-scan, malware-cnc, malware-other, netbios, os-linux, os-windows, policy-other, protocol-dns, protocol-ftp, protocol-imap, protocol-telnet, protocol-voip, pua-other, server-apache, server-iis, server-mail, server-mssql, server-mysql, server-oracle, server-other, server-samba and sql rule sets to provide coverage for emerging threats from these technologies.

Change logs

2018-02-01 01:09:42 UTC

Snort Subscriber Rules Update

Date: 2018-01-31

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091101.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:45587 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45586 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player or Explorer Malformed MIDI File DOS attempt (file-multimedia.rules)
 * 1:45585 <-> DISABLED <-> SERVER-WEBAPP PMSotware Simple Web Server connection header buffer overflow attempt (server-webapp.rules)
 * 1:45584 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP SIP servers discovery attempt (protocol-voip.rules)
 * 1:45583 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP SIP servers discovery attempt (protocol-voip.rules)
 * 1:45582 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP subscribe request denial of service attempt (protocol-voip.rules)
 * 1:45581 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP options request denial of service attempt (protocol-voip.rules)
 * 1:45580 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP invite request denial of service attempt (protocol-voip.rules)
 * 1:45579 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP subscribe request denial of service attempt (protocol-voip.rules)
 * 1:45578 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP options request denial of service attempt (protocol-voip.rules)
 * 1:45577 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP invite request denial of service attempt (protocol-voip.rules)
 * 1:45576 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (browser-firefox.rules)
 * 1:45574 <-> ENABLED <-> MALWARE-CNC Win.Trojan.xxmm second stage configuration download attempt (malware-cnc.rules)
 * 1:45571 <-> DISABLED <-> SERVER-OTHER Commvault Communications Service command injection attempt (server-other.rules)
 * 1:17663 <-> DISABLED <-> SERVER-OTHER Apple CUPS SGI image decoding buffer overflow attempt (server-other.rules)
 * 1:45591 <-> DISABLED <-> PROTOCOL-FTP LabF nfsAxe FTP Client buffer overflow attempt (protocol-ftp.rules)
 * 1:45590 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45589 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45588 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 3:45575 <-> ENABLED <-> SERVER-OTHER Cisco ASA VPN aggregateAuthDataHandler double free attempt (server-other.rules)

Modified Rules:


 * 1:12064 <-> DISABLED <-> SERVER-IIS w3svc _vti_bin null pointer dereference attempt (server-iis.rules)
 * 1:12079 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:10062 <-> DISABLED <-> FILE-IMAGE Oracle Java Virtual Machine malformed GIF buffer overflow attempt (file-image.rules)
 * 1:10063 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox query interface suspicious function call access attempt (browser-firefox.rules)
 * 1:10087 <-> DISABLED <-> SERVER-OTHER VNC password request buffer overflow attempt (server-other.rules)
 * 1:10188 <-> DISABLED <-> PROTOCOL-FTP Ipswitch Ws_ftp XMD5 overflow attempt (protocol-ftp.rules)
 * 1:10390 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX clsid access (browser-plugins.rules)
 * 1:10392 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX function call access (browser-plugins.rules)
 * 1:10395 <-> DISABLED <-> BROWSER-PLUGINS Symantec SupportSoft SmartIssue ActiveX function call access (browser-plugins.rules)
 * 1:10603 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP dns R_DnssrvUpdateRecord2 overflow attempt (os-windows.rules)
 * 1:11186 <-> DISABLED <-> SERVER-OTHER CA eTrust key handling dos (password -- server-other.rules)
 * 1:11196 <-> DISABLED <-> SERVER-OTHER MaxDB WebDBM get buffer overflow (server-other.rules)
 * 1:11257 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (browser-ie.rules)
 * 1:11324 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor 3 ActiveX function call access (browser-plugins.rules)
 * 1:11443 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt (netbios.rules)
 * 1:11823 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX clsid unicode access (browser-plugins.rules)
 * 1:11824 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call access (browser-plugins.rules)
 * 1:11825 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call unicode access (browser-plugins.rules)
 * 1:11828 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Voice Control ActiveX function call access (browser-plugins.rules)
 * 1:11832 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Direct Speech Recognition ActiveX function call access (browser-plugins.rules)
 * 1:11837 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail file execution attempt (server-mail.rules)
 * 1:12114 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12115 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12195 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Widgets Engine ActiveX function call access (browser-plugins.rules)
 * 1:12197 <-> DISABLED <-> SERVER-OTHER CA message queuing server buffer overflow attempt (server-other.rules)
 * 1:12205 <-> DISABLED <-> BROWSER-PLUGINS VMWare Vielib.dll ActiveX function call access (browser-plugins.rules)
 * 1:12212 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail literal search date command buffer overflow attempt (server-mail.rules)
 * 1:12217 <-> DISABLED <-> SERVER-OTHER Borland interbase string length buffer overflow attempt (server-other.rules)
 * 1:12261 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX clsid access (browser-plugins.rules)
 * 1:12263 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX function call access (browser-plugins.rules)
 * 1:12265 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX clsid access (browser-plugins.rules)
 * 1:12267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX function call access (browser-plugins.rules)
 * 1:12270 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TLIApplication ActiveX function call (browser-plugins.rules)
 * 1:12273 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid access (browser-plugins.rules)
 * 1:12275 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX function call access (browser-plugins.rules)
 * 1:12277 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS memory corruption exploit (browser-ie.rules)
 * 1:12281 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (browser-ie.rules)
 * 1:12282 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (browser-ie.rules)
 * 1:12332 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _TakeActionOnAFile attempt (netbios.rules)
 * 1:12341 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_a0030 attempt (netbios.rules)
 * 1:12444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX clsid access (browser-plugins.rules)
 * 1:12446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX function call access (browser-plugins.rules)
 * 1:12450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent Control ActiveX function call access (browser-plugins.rules)
 * 1:12452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent File Provider ActiveX clsid access (browser-plugins.rules)
 * 1:12463 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Visual Studio Crystal Reports RPT file handling buffer overflow attempt (os-windows.rules)
 * 1:12595 <-> DISABLED <-> SERVER-IIS malicious ASP file upload attempt (server-iis.rules)
 * 1:12612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX clsid access (browser-plugins.rules)
 * 1:12616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access attempt (browser-plugins.rules)
 * 1:12631 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging small offset malformed jpeg tables (os-windows.rules)
 * 1:12632 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging large offset malformed jpeg tables (os-windows.rules)
 * 1:12634 <-> DISABLED <-> FILE-IMAGE Microsoft Windows 2000 Kodak Imaging large offset malformed tiff 2 (file-image.rules)
 * 1:12642 <-> DISABLED <-> OS-WINDOWS RPC NTLMSSP malformed credentials (os-windows.rules)
 * 1:12643 <-> DISABLED <-> OS-WINDOWS Microsoft Windows URI External handler arbitrary command attempt (os-windows.rules)
 * 1:12664 <-> DISABLED <-> BROWSER-IE Microsoft Windows ShellExecute and Internet Explorer 7 url handling code execution attempt (browser-ie.rules)
 * 1:12687 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:12731 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX function call access (browser-plugins.rules)
 * 1:12742 <-> DISABLED <-> SERVER-OTHER Apple Quicktime UDP RTSP sdp type buffer overflow attempt (server-other.rules)
 * 1:12768 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules)
 * 1:12775 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer obfuscated Ierpplug.dll ActiveX exploit attempt (browser-plugins.rules)
 * 1:12780 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access attempt (browser-plugins.rules)
 * 1:12782 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access attempt (browser-plugins.rules)
 * 1:12985 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt (netbios.rules)
 * 1:13158 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format interchange data integer overflow attempt (file-multimedia.rules)
 * 1:13159 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format audio error masking integer overflow attempt (file-multimedia.rules)
 * 1:13160 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming audio spread error correction data length integer overflow attempt (file-multimedia.rules)
 * 1:13162 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (netbios.rules)
 * 1:13216 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX function call access (browser-plugins.rules)
 * 1:13222 <-> DISABLED <-> SERVER-OTHER Motorola Timbuktu crafted login request buffer overflow attempt (server-other.rules)
 * 1:13226 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar YShortcut ActiveX function call access (browser-plugins.rules)
 * 1:13269 <-> DISABLED <-> OS-WINDOWS Multiple product nntp uri handling code execution attempt (os-windows.rules)
 * 1:13270 <-> DISABLED <-> OS-WINDOWS Multiple product news uri handling code execution attempt (os-windows.rules)
 * 1:13271 <-> DISABLED <-> OS-WINDOWS Multiple product telnet uri handling code execution attempt (os-windows.rules)
 * 1:13272 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:13298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX function call access (browser-plugins.rules)
 * 1:13305 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX function call access (browser-plugins.rules)
 * 1:13316 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing ART buffer overflow attempt (file-multimedia.rules)
 * 1:13318 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cmt buffer overflow attempt (file-multimedia.rules)
 * 1:13319 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing des buffer overflow attempt (file-multimedia.rules)
 * 1:13320 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cpy buffer overflow attempt (file-multimedia.rules)
 * 1:13323 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX function call access (browser-plugins.rules)
 * 1:13421 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX function call access (browser-plugins.rules)
 * 1:13430 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13432 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX function call access (browser-plugins.rules)
 * 1:13434 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13436 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13438 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (browser-plugins.rules)
 * 1:13440 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (browser-plugins.rules)
 * 1:13442 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13444 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13448 <-> DISABLED <-> OS-WINDOWS Microsoft Windows vbscript/jscript scripting engine begin buffer overflow attempt (os-windows.rules)
 * 1:13453 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid access (browser-ie.rules)
 * 1:13454 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid unicode access (browser-ie.rules)
 * 1:13456 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX function call unicode access (browser-ie.rules)
 * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox streaming malicious metadata (server-other.rules)
 * 1:13541 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX function call access (browser-plugins.rules)
 * 1:13554 <-> DISABLED <-> SERVER-OTHER Sybase SQL Anywhere Mobilink version string buffer overflow (server-other.rules)
 * 1:13555 <-> DISABLED <-> SERVER-OTHER Sybase SQL Anywhere Mobilink remoteID string buffer overflow (server-other.rules)
 * 1:13580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components remote code execution attempt ActiveX clsid access (browser-plugins.rules)
 * 1:13583 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file download request (file-identify.rules)
 * 1:13584 <-> ENABLED <-> FILE-IDENTIFY CSV file download request (file-identify.rules)
 * 1:13585 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:13591 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan CGI password decryption buffer overflow attempt (server-webapp.rules)
 * 1:13605 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:13607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX clsid access (browser-plugins.rules)
 * 1:13609 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX function call access (browser-plugins.rules)
 * 1:13623 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX function call access (browser-plugins.rules)
 * 1:13629 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:13630 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:13633 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:13668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX clsid access (browser-plugins.rules)
 * 1:13670 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX function call access (browser-plugins.rules)
 * 1:13674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control 2 ActiveX function call access (browser-plugins.rules)
 * 1:13699 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:13720 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 3 ActiveX clsid access (browser-plugins.rules)
 * 1:13722 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 4 ActiveX clsid access (browser-plugins.rules)
 * 1:13724 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 5 ActiveX clsid access (browser-plugins.rules)
 * 1:13726 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 6 ActiveX clsid access (browser-plugins.rules)
 * 1:13728 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 7 ActiveX clsid access (browser-plugins.rules)
 * 1:13730 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 8 ActiveX clsid access (browser-plugins.rules)
 * 1:13732 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 9 ActiveX clsid access (browser-plugins.rules)
 * 1:13736 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 11 ActiveX clsid access (browser-plugins.rules)
 * 1:13738 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 12 ActiveX clsid access (browser-plugins.rules)
 * 1:13740 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 13 ActiveX clsid access (browser-plugins.rules)
 * 1:13742 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 14 ActiveX clsid access (browser-plugins.rules)
 * 1:13744 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 15 ActiveX clsid access (browser-plugins.rules)
 * 1:13746 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 16 ActiveX clsid access (browser-plugins.rules)
 * 1:13748 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 17 ActiveX clsid access (browser-plugins.rules)
 * 1:13750 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 18 ActiveX clsid access (browser-plugins.rules)
 * 1:13752 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 19 ActiveX clsid access (browser-plugins.rules)
 * 1:13754 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 20 ActiveX clsid access (browser-plugins.rules)
 * 1:13756 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 21 ActiveX clsid access (browser-plugins.rules)
 * 1:13804 <-> DISABLED <-> SERVER-OTHER Borland Software InterBase ibserver.exe Service Attach Request buffer overflow attempt (server-other.rules)
 * 1:13821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13823 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX SAMI file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:13824 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (file-multimedia.rules)
 * 1:13888 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13889 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13890 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13891 <-> DISABLED <-> SERVER-MSSQL Memory page overwrite attempt  (server-mssql.rules)
 * 1:13892 <-> DISABLED <-> SERVER-MSSQL Convert function style overwrite  (server-mssql.rules)
 * 1:13903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13912 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer isComponentInstalled attack attempt (browser-ie.rules)
 * 1:13918 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13922 <-> DISABLED <-> SERVER-IIS Microsoft IIS HTMLEncode Unicode string buffer overflow  (server-iis.rules)
 * 1:13948 <-> DISABLED <-> PROTOCOL-DNS large number of NXDOMAIN replies - possible DNS cache poisoning (protocol-dns.rules)
 * 1:13960 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (browser-ie.rules)
 * 1:13963 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (browser-ie.rules)
 * 1:13964 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption attempt (browser-ie.rules)
 * 1:14023 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:14027 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14029 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:14031 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14040 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt (server-other.rules)
 * 1:14041 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt - 2 (server-other.rules)
 * 1:14042 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer General Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:14044 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX function call access (browser-plugins.rules)
 * 1:14046 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14048 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14050 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14052 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX function call access (browser-plugins.rules)
 * 1:14257 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (browser-plugins.rules)
 * 1:14607 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:14613 <-> DISABLED <-> BROWSER-PLUGINS VMWare VMCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft RSClientPrint ActiveX clsid access (browser-plugins.rules)
 * 1:14647 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search Search filename size integer underflow attempt (os-windows.rules)
 * 1:14648 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14650 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14651 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14652 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14653 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14654 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14726 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt (os-windows.rules)
 * 1:14758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX function call access (browser-plugins.rules)
 * 1:14762 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX function call access (browser-plugins.rules)
 * 1:14765 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service Agent ActiveX function call (browser-plugins.rules)
 * 1:14773 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer handshake buffer overflow attempt (server-other.rules)
 * 1:14783 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (os-windows.rules)
 * 1:14896 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB v4 srvsvc NetrpPathCononicalize unicode path cononicalization stack overflow attempt (os-windows.rules)
 * 1:14897 <-> DISABLED <-> BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX function call access (browser-plugins.rules)
 * 1:14988 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt (netbios.rules)
 * 1:14990 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory SOAP Accept Charset header overflow attempt (server-webapp.rules)
 * 1:15012 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML DLL memory corruption attempt (browser-ie.rules)
 * 1:15084 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX clsid access (browser-plugins.rules)
 * 1:15086 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX function call access (browser-plugins.rules)
 * 1:15096 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15102 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:15109 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15112 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX function call access (browser-plugins.rules)
 * 1:15146 <-> DISABLED <-> SERVER-OTHER Apple CUPS RGB+Alpha PNG filter overly large image height integer overflow attempt (server-other.rules)
 * 1:15186 <-> DISABLED <-> SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (server-other.rules)
 * 1:15191 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox animated PNG processing integer overflow (browser-firefox.rules)
 * 1:15197 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15198 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode param_count underflow attempt (os-windows.rules)
 * 1:15199 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15200 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15201 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15202 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15203 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15204 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15205 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15207 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15208 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15209 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15210 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15211 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15212 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15213 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15214 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15215 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15216 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15217 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15218 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15219 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15221 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode param_count underflow attempt (os-windows.rules)
 * 1:15224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15245 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX function call access (browser-plugins.rules)
 * 1:15256 <-> DISABLED <-> SERVER-ORACLE BPEL process manager XSS injection attempt (server-oracle.rules)
 * 1:15257 <-> DISABLED <-> SERVER-ORACLE Secure Backup common.php variable based command injection attempt (server-oracle.rules)
 * 1:15268 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode ActiveX function call access (browser-plugins.rules)
 * 1:15299 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (file-office.rules)
 * 1:15303 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Malformed IconBitsComponent arbitrary code execution attempt (file-office.rules)
 * 1:15313 <-> DISABLED <-> BROWSER-PLUGINS Research In Motion AxLoader ActiveX function call access (browser-plugins.rules)
 * 1:15358 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:15422 <-> DISABLED <-> SERVER-OTHER Sun One web proxy server overflow attempt (server-other.rules)
 * 1:15430 <-> DISABLED <-> FILE-OTHER Microsoft EMF+ GpFont.SetData buffer overflow attempt (file-other.rules)
 * 1:15455 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office Text Converters XST parsing buffer overflow attempt (file-office.rules)
 * 1:15457 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (os-windows.rules)
 * 1:15459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted/unitialized object memory corruption attempt (browser-ie.rules)
 * 1:15460 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ActiveX load/unload race condition attempt (browser-ie.rules)
 * 1:15468 <-> ENABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:15479 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP Request Proxy-Require header heap buffer overflow attempt (server-other.rules)
 * 1:15482 <-> DISABLED <-> SERVER-OTHER Oracle Java System sockd authentication buffer overflow attempt (server-other.rules)
 * 1:15508 <-> DISABLED <-> SERVER-OTHER DCERPC NCADG-IP-UDP lsarpc LsarLookupSids translated_names overflow attempt (server-other.rules)
 * 1:15523 <-> DISABLED <-> OS-WINDOWS Microsoft Windows srvsvc NetrShareEnum netname overflow attempt (os-windows.rules)
 * 1:15524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15526 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:15529 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain navigation cookie stealing attempt (browser-ie.rules)
 * 1:15554 <-> DISABLED <-> SERVER-ORACLE Application Server 10g OPMN service format string vulnerability exploit attempt (server-oracle.rules)
 * 1:15588 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15590 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 10 ActiveX clsid access (browser-plugins.rules)
 * 1:15592 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 11 ActiveX clsid access (browser-plugins.rules)
 * 1:15594 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 12 ActiveX clsid access (browser-plugins.rules)
 * 1:15596 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 13 ActiveX clsid access (browser-plugins.rules)
 * 1:15598 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 14 ActiveX clsid access (browser-plugins.rules)
 * 1:15600 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 15 ActiveX clsid access (browser-plugins.rules)
 * 1:15602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 16 ActiveX clsid access (browser-plugins.rules)
 * 1:15604 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 17 ActiveX clsid access (browser-plugins.rules)
 * 1:15606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 18 ActiveX clsid access (browser-plugins.rules)
 * 1:15608 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 19 ActiveX clsid access (browser-plugins.rules)
 * 1:15610 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 20 ActiveX clsid access (browser-plugins.rules)
 * 1:15614 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 21 ActiveX clsid access (browser-plugins.rules)
 * 1:15616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 22 ActiveX clsid access (browser-plugins.rules)
 * 1:15618 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 23 ActiveX clsid access (browser-plugins.rules)
 * 1:15620 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 24 ActiveX clsid access (browser-plugins.rules)
 * 1:15622 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 25 ActiveX clsid access (browser-plugins.rules)
 * 1:15624 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 26 ActiveX clsid access (browser-plugins.rules)
 * 1:15626 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 27 ActiveX clsid access (browser-plugins.rules)
 * 1:15628 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 28 ActiveX clsid access (browser-plugins.rules)
 * 1:15630 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 29 ActiveX clsid access (browser-plugins.rules)
 * 1:15632 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 3 ActiveX clsid access (browser-plugins.rules)
 * 1:15634 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 30 ActiveX clsid access (browser-plugins.rules)
 * 1:15636 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 31 ActiveX clsid access (browser-plugins.rules)
 * 1:15640 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 33 ActiveX clsid access (browser-plugins.rules)
 * 1:15642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 34 ActiveX clsid access (browser-plugins.rules)
 * 1:15644 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 35 ActiveX clsid access (browser-plugins.rules)
 * 1:15646 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 36 ActiveX clsid access (browser-plugins.rules)
 * 1:15648 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 37 ActiveX clsid access (browser-plugins.rules)
 * 1:15650 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 38 ActiveX clsid access (browser-plugins.rules)
 * 1:15652 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 39 ActiveX clsid access (browser-plugins.rules)
 * 1:15654 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 4 ActiveX clsid access (browser-plugins.rules)
 * 1:15656 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 40 ActiveX clsid access (browser-plugins.rules)
 * 1:15658 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 41 ActiveX clsid access (browser-plugins.rules)
 * 1:15660 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 42 ActiveX clsid access (browser-plugins.rules)
 * 1:15662 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 43 ActiveX clsid access (browser-plugins.rules)
 * 1:15664 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 44 ActiveX clsid access (browser-plugins.rules)
 * 1:15666 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 45 ActiveX clsid access (browser-plugins.rules)
 * 1:15668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 5 ActiveX clsid access (browser-plugins.rules)
 * 1:15671 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX function call (browser-plugins.rules)
 * 1:15674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 8 ActiveX clsid access (browser-plugins.rules)
 * 1:15676 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 9 ActiveX clsid access (browser-plugins.rules)
 * 1:15678 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:15679 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (browser-plugins.rules)
 * 1:15684 <-> DISABLED <-> OS-WINDOWS Multiple product snews uri handling code execution attempt (os-windows.rules)
 * 1:15687 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 10 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15689 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:15691 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15695 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (file-other.rules)
 * 1:15703 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15704 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMSS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15705 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PCAST protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15706 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes DAAP protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15849 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (os-windows.rules)
 * 1:15852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components Datasource ActiveX clsid access (browser-plugins.rules)
 * 1:15855 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (browser-plugins.rules)
 * 1:15881 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters Name Field attempt (netbios.rules)
 * 1:15894 <-> DISABLED <-> OS-WINDOWS Microsoft Color Management Module remote code execution attempt (os-windows.rules)
 * 1:15907 <-> DISABLED <-> OS-LINUX Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (os-linux.rules)
 * 1:15911 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt (netbios.rules)
 * 1:15924 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:15943 <-> DISABLED <-> SERVER-OTHER CA Multiple Products Console Server login credentials handling overflow attempt (server-other.rules)
 * 1:15949 <-> DISABLED <-> FILE-OTHER McAfee LHA file handling overflow attempt (file-other.rules)
 * 1:15952 <-> DISABLED <-> SERVER-MYSQL create function libc arbitrary code execution attempt (server-mysql.rules)
 * 1:15992 <-> DISABLED <-> FILE-OTHER Trend Micro Products Antivirus Library overflow attempt (file-other.rules)
 * 1:16002 <-> DISABLED <-> FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (file-other.rules)
 * 1:16003 <-> DISABLED <-> FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (file-other.rules)
 * 1:16023 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Vista Windows mail file execution attempt (file-executable.rules)
 * 1:16024 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (browser-firefox.rules)
 * 1:16034 <-> DISABLED <-> SERVER-SAMBA Samba spools RPC smb_io_notify_option_type_data request handling buffer overflow attempt (server-samba.rules)
 * 1:16043 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html tag memory corruption attempt (browser-ie.rules)
 * 1:16050 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (browser-firefox.rules)
 * 1:16068 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music Jukebox ActiveX exploit (browser-plugins.rules)
 * 1:16073 <-> DISABLED <-> OS-WINDOWS MS-SQL convert function unicode overflow (os-windows.rules)
 * 1:16074 <-> DISABLED <-> SQL Suspicious SQL ansi_padding option (sql.rules)
 * 1:16191 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration server authentication bypass attempt - via GET (server-oracle.rules)
 * 1:16193 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent SMTP AUTH LOGIN command buffer overflow attempt (server-mail.rules)
 * 1:16194 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory HTTP request content-length heap buffer overflow attempt (server-webapp.rules)
 * 1:16198 <-> DISABLED <-> SERVER-APACHE Apache mod_auth_pgsql module logging facility format string exploit attempt (server-apache.rules)
 * 1:16296 <-> DISABLED <-> FILE-OTHER Kaspersky antivirus library heap buffer overflow - with optional fields (file-other.rules)
 * 1:16364 <-> DISABLED <-> SERVER-OTHER IBM DB2 database server SQLSTT denial of service attempt (server-other.rules)
 * 1:16432 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:16521 <-> DISABLED <-> SERVER-OTHER Squid Proxy http version number overflow attempt (server-other.rules)
 * 1:16578 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder 9 ActiveX buffer overflow attempt (os-windows.rules)
 * 1:16588 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX clsid access (browser-plugins.rules)
 * 1:16602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow 3 ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:16607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX control access attempt (browser-plugins.rules)
 * 1:16610 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (browser-plugins.rules)
 * 1:16679 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDIplus integer overflow attempt (os-windows.rules)
 * 1:16690 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:16748 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX function call access (browser-plugins.rules)
 * 1:16751 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16762 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX andx attempt (netbios.rules)
 * 1:16764 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX unicode andx attempt (netbios.rules)
 * 1:16766 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow andx attempt (netbios.rules)
 * 1:16777 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16778 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16786 <-> DISABLED <-> FILE-OFFICE Microsoft Office Web Components Spreadsheet ActiveX buffer overflow attempt (file-office.rules)
 * 1:16798 <-> DISABLED <-> FILE-OTHER Orbit Downloader long URL buffer overflow attempt (file-other.rules)
 * 1:17050 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration Server authentication bypass attempt (server-webapp.rules)
 * 1:17052 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17053 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17054 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17213 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (browser-firefox.rules)
 * 1:17220 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17221 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17222 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17226 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX initialization via script (browser-plugins.rules)
 * 1:17228 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player skin decompression code execution attempt (os-windows.rules)
 * 1:17262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17269 <-> DISABLED <-> PROTOCOL-TELNET Client env_opt_add Buffer Overflow attempt (protocol-telnet.rules)
 * 1:17272 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer AVI parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17280 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (server-webapp.rules)
 * 1:17313 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17348 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17349 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17370 <-> ENABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17374 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:17379 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (browser-firefox.rules)
 * 1:17384 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17385 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17386 <-> DISABLED <-> SERVER-WEBAPP Lighttpd mod_fastcgi Extension CGI Variable Overwriting Vulnerability attempt (server-webapp.rules)
 * 1:17388 <-> DISABLED <-> FILE-IMAGE OpenOffice EMF file EMR record parsing integer overflow attempt (file-image.rules)
 * 1:17405 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17406 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17413 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:17415 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (browser-firefox.rules)
 * 1:17440 <-> DISABLED <-> SERVER-IIS RSA authentication agent for web redirect buffer overflow attempt (server-iis.rules)
 * 1:17459 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17460 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17464 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX clsid access (browser-plugins.rules)
 * 1:17467 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17468 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17471 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17472 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17474 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17475 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17476 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt (server-oracle.rules)
 * 1:17477 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17478 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17479 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17480 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17489 <-> DISABLED <-> FILE-OTHER Microsoft Windows Help File Heap Buffer Overflow attempt (file-other.rules)
 * 1:17498 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17499 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17500 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17501 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17502 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17508 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file download request (file-identify.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:17512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17513 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17514 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17516 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17546 <-> DISABLED <-> FILE-IDENTIFY Microsoft Media Player compressed skin download request (file-identify.rules)
 * 1:17568 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:17570 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (browser-firefox.rules)
 * 1:17598 <-> ENABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17619 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17624 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (file-java.rules)
 * 1:17626 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (os-windows.rules)
 * 1:17628 <-> DISABLED <-> FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (file-image.rules)
 * 1:17634 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian object call overflow attempt (netbios.rules)
 * 1:17636 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 object call overflow attempt (netbios.rules)
 * 1:17637 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 overflow attempt (netbios.rules)
 * 1:17643 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCServe logger servie null-pointer dereference attempt (server-other.rules)
 * 1:17644 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (browser-ie.rules)
 * 1:17646 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:17652 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS source code disclosure attempt (server-iis.rules)
 * 1:17664 <-> DISABLED <-> FILE-OFFICE Microsoft Office GIF image descriptor memory corruption attempt (file-office.rules)
 * 1:17678 <-> DISABLED <-> FILE-IMAGE Adobe BMP image handler buffer overflow attempt (file-image.rules)
 * 1:17691 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17695 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:17736 <-> DISABLED <-> SERVER-OTHER McAfee LHA Type-2 file handling overflow attempt (server-other.rules)
 * 1:17808 <-> DISABLED <-> FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (file-flash.rules)
 * 1:18171 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18172 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18173 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18189 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18190 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18191 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18192 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18193 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18194 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18248 <-> DISABLED <-> SERVER-OTHER Unisys Business Information Server stack buffer overflow attempt (server-other.rules)
 * 1:18250 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products EscapeAttributeValue integer overflow attempt (browser-firefox.rules)
 * 1:18283 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:18284 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:18285 <-> DISABLED <-> SERVER-OTHER BrightStor ARCserve backup tape engine buffer overflow attempt (server-other.rules)
 * 1:18291 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 77 Attempt (server-other.rules)
 * 1:18292 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 84 Attempt (server-other.rules)
 * 1:18296 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products frame comment objects manipulation memory corruption attempt (browser-firefox.rules)
 * 1:18303 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler overflow attempt (browser-ie.rules)
 * 1:18304 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18305 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18306 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18313 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:18317 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail RCPT TO proxy overflow attempt (server-mail.rules)
 * 1:18319 <-> DISABLED <-> SERVER-SAMBA Samba DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (server-samba.rules)
 * 1:18476 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:18484 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (file-multimedia.rules)
 * 1:18512 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:18518 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:18520 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18521 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18522 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18523 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules)
 * 1:18574 <-> DISABLED <-> SERVER-MAIL RCPT TO overflow (server-mail.rules)
 * 1:18579 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager OpenView5 CGI buffer overflow attempt (server-webapp.rules)
 * 1:18591 <-> DISABLED <-> FILE-OTHER CoolPlayer Playlist File Handling Buffer Overflow (file-other.rules)
 * 1:18600 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:18603 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (server-mail.rules)
 * 1:18616 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18635 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:18710 <-> DISABLED <-> SERVER-OTHER McAfee ePolicy Orchestrator Framework Services buffer overflow attempt (server-other.rules)
 * 1:18771 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18772 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18800 <-> DISABLED <-> FILE-OTHER Adobe RoboHelp Server Arbitrary File Upload (file-other.rules)
 * 1:18905 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18906 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18907 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18908 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18909 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18910 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18911 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18912 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18913 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18914 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18915 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18916 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18917 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18918 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18919 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18920 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18921 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18922 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18923 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18924 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18925 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18962 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:18992 <-> DISABLED <-> FILE-FLASH Adobe Flash Player content parsing execution attempt (file-flash.rules)
 * 1:19079 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getElementById object corruption (browser-ie.rules)
 * 1:19087 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19088 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19089 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19090 <-> DISABLED <-> SERVER-OTHER CA Discovery Serice Overflow Attempt (server-other.rules)
 * 1:19293 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:1930 <-> DISABLED <-> PROTOCOL-IMAP auth literal overflow attempt (protocol-imap.rules)
 * 1:19559 <-> DISABLED <-> INDICATOR-SCAN SSH brute force login attempt (indicator-scan.rules)
 * 1:19599 <-> DISABLED <-> SERVER-ORACLE Warehouse builder WE_OLAP_AW_REMOVE_SOLVE_ID SQL Injection attempt (server-oracle.rules)
 * 1:19618 <-> DISABLED <-> FILE-OTHER Multiple products dwmapi.dll dll-load exploit attempt (file-other.rules)
 * 1:19693 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:19714 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:19811 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:19815 <-> DISABLED <-> SERVER-OTHER HP Operations Manager Server Default Credientials in use attempt (server-other.rules)
 * 1:19892 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System modem string buffer overflow attempt (server-other.rules)
 * 1:19925 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX client browser plugin call-back-url buffer overflow attempt (browser-plugins.rules)
 * 1:20071 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID access (browser-plugins.rules)
 * 1:20204 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Taidoor variant outbound connection (malware-cnc.rules)
 * 1:20277 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:20278 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:20279 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:20546 <-> DISABLED <-> SERVER-OTHER BakBone NetVault client heap overflow attempt (server-other.rules)
 * 1:20552 <-> DISABLED <-> SERVER-MAIL Mercury Mail Transport System buffer overflow attempt (server-mail.rules)
 * 1:20554 <-> ENABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:20555 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:20575 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:20576 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:20590 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:20671 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory Crafted LDAP ModifyRequest (os-windows.rules)
 * 1:20744 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player DirectShow MPEG-2 memory corruption attempt (os-windows.rules)
 * 1:20878 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:20879 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:20882 <-> ENABLED <-> FILE-OFFICE Microsoft Windows embedded packager object identifier (file-office.rules)
 * 1:20883 <-> DISABLED <-> FILE-OFFICE Microsoft Windows embedded packager object with .application extension bypass attempt (file-office.rules)
 * 1:21003 <-> DISABLED <-> MALWARE-CNC Cute Pack cute-ie.html request (malware-cnc.rules)
 * 1:21004 <-> DISABLED <-> MALWARE-CNC Cute Pack cute-ie.html landing page (malware-cnc.rules)
 * 1:21006 <-> DISABLED <-> MALWARE-CNC Yang Pack yg.htm landing page (malware-cnc.rules)
 * 1:21041 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - main.php?page= (exploit-kit.rules)
 * 1:21042 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?f= (exploit-kit.rules)
 * 1:21043 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?e= (exploit-kit.rules)
 * 1:21044 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:21045 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:2105 <-> DISABLED <-> PROTOCOL-IMAP authenticate literal overflow attempt (protocol-imap.rules)
 * 1:2106 <-> DISABLED <-> PROTOCOL-IMAP lsub overflow attempt (protocol-imap.rules)
 * 1:21068 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit landing page (exploit-kit.rules)
 * 1:21069 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit exploit fetch request (exploit-kit.rules)
 * 1:21070 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit pdf exploit page request (exploit-kit.rules)
 * 1:21071 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit post-exploit page request (exploit-kit.rules)
 * 1:21084 <-> DISABLED <-> SERVER-MSSQL MSSQL CONVERT function buffer overflow attempt (server-mssql.rules)
 * 1:21085 <-> DISABLED <-> SERVER-MSSQL MSSQL CONVERT function unicode buffer overflow attempt (server-mssql.rules)
 * 1:21096 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit control panel access (exploit-kit.rules)
 * 1:21097 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit post-exploit download request (exploit-kit.rules)
 * 1:21098 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:21099 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit malicious pdf request (exploit-kit.rules)
 * 1:21141 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit control panel access (exploit-kit.rules)
 * 1:21156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21158 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21163 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook VEVENT overflow attempt (file-office.rules)
 * 1:21186 <-> DISABLED <-> SERVER-ORACLE MDSYS drop table trigger injection attempt (server-oracle.rules)
 * 1:21233 <-> DISABLED <-> SERVER-WEBAPP Symantec Antivirus admin scan interface negative Content-Length attempt (server-webapp.rules)
 * 1:21259 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit response (exploit-kit.rules)
 * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21298 <-> DISABLED <-> SERVER-WEBAPP Microsoft SharePoint chart webpart XSS attempt (server-webapp.rules)
 * 1:21309 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules)
 * 1:21310 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules)
 * 1:21343 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit pdf request (exploit-kit.rules)
 * 1:21344 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit pdf download (exploit-kit.rules)
 * 1:21345 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit malicious jar request (exploit-kit.rules)
 * 1:21346 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit malicious jar download (exploit-kit.rules)
 * 1:21347 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - .php?page= (exploit-kit.rules)
 * 1:21348 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - search.php?page= (exploit-kit.rules)
 * 1:21414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules)
 * 1:21438 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit JavaScript carat string splitting with hostile applet (exploit-kit.rules)
 * 1:21462 <-> DISABLED <-> FILE-JAVA Oracle Java Plugin security bypass (file-java.rules)
 * 1:21492 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21529 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 Find_First2 filename overflow attempt (os-windows.rules)
 * 1:21539 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific header (exploit-kit.rules)
 * 1:21549 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific header (exploit-kit.rules)
 * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21567 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21581 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - BBB (exploit-kit.rules)
 * 1:21640 <-> DISABLED <-> EXPLOIT-KIT Phoenix exploit kit landing page (exploit-kit.rules)
 * 1:21646 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21647 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:21657 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:21658 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:21659 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Home/index.php (exploit-kit.rules)
 * 1:21660 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Index/index.php (exploit-kit.rules)
 * 1:21661 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - catch (exploit-kit.rules)
 * 1:21754 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:21766 <-> DISABLED <-> FILE-IMAGE Apple QuickDraw PICT images ARGB records handling memory corruption attempt (file-image.rules)
 * 1:21770 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21771 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21772 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21773 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21774 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21775 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21791 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21794 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:21806 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:21860 <-> ENABLED <-> MALWARE-CNC Phoenix exploit kit post-compromise behavior (malware-cnc.rules)
 * 1:21874 <-> ENABLED <-> EXPLOIT-KIT Possible exploit kit post compromise activity - StrReverse (exploit-kit.rules)
 * 1:21875 <-> ENABLED <-> EXPLOIT-KIT Possible exploit kit post compromise activity - taskkill (exploit-kit.rules)
 * 1:21876 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit landing page with specific structure - Loading (exploit-kit.rules)
 * 1:21917 <-> DISABLED <-> SERVER-OTHER Novell Groupwise HTTP response message parsing overflow (server-other.rules)
 * 1:21928 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:21931 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:21932 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:21933 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (file-office.rules)
 * 1:21942 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:21943 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:22003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:22004 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22005 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22006 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22007 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22008 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22010 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22011 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22012 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22039 <-> DISABLED <-> EXPLOIT-KIT Blackhole suspected landing page (exploit-kit.rules)
 * 1:22040 <-> DISABLED <-> EXPLOIT-KIT Blackhole suspected landing page (exploit-kit.rules)
 * 1:22041 <-> DISABLED <-> EXPLOIT-KIT Blackhole landing redirection page (exploit-kit.rules)
 * 1:22081 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:22949 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:22951 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (server-webapp.rules)
 * 1:23010 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules)
 * 1:23055 <-> DISABLED <-> PROTOCOL-FTP Cisco IOS FTP MKD buffer overflow attempt (protocol-ftp.rules)
 * 1:23091 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23092 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23093 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23094 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23095 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23105 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23127 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET xbap STGMEDIUM.unionmember arbitrary number overwrite attempt (file-executable.rules)
 * 1:23142 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23143 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23144 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23145 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23146 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23150 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed graphic record code execution attempt (file-office.rules)
 * 1:23153 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23154 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23155 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23156 <-> DISABLED <-> EXPLOIT-KIT Nuclear Pack exploit kit landing page (exploit-kit.rules)
 * 1:23157 <-> ENABLED <-> EXPLOIT-KIT Nuclear Pack exploit kit binary download (exploit-kit.rules)
 * 1:23158 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:23159 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:23162 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Online ncrypt.dll dll-load exploit attempt (os-windows.rules)
 * 1:23163 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Online wlanapi.dll dll-load exploit attempt (os-windows.rules)
 * 1:23165 <-> DISABLED <-> SERVER-OTHER Microsoft Lync Online wlanapi.dll dll-load exploit attempt (server-other.rules)
 * 1:23181 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework xbap DataObject object pointer attempt (file-executable.rules)
 * 1:23211 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook arbitrary command line attempt (file-office.rules)
 * 1:23218 <-> ENABLED <-> EXPLOIT-KIT Redkit Repeated Exploit Request Pattern (exploit-kit.rules)
 * 1:23224 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page Requested - 8Digit.html (exploit-kit.rules)
 * 1:23228 <-> DISABLED <-> BROWSER-PLUGINS Oracle Webcenter ActiveX clsid access (browser-plugins.rules)
 * 1:23240 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:23259 <-> DISABLED <-> SERVER-WEBAPP LANDesk Thinkmanagement Suite ServerSetup directory traversal attempt (server-webapp.rules)
 * 1:23266 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23267 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23268 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23270 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules)
 * 1:23272 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23279 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (server-webapp.rules)
 * 1:23283 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23287 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23288 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23289 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23290 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23291 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23292 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23293 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23294 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23295 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23296 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23297 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23299 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23300 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23301 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23302 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23304 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23371 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:23407 <-> DISABLED <-> SERVER-WEBAPP Apple iChat url format string exploit attempt (server-webapp.rules)
 * 1:23499 <-> DISABLED <-> FILE-OTHER Microsoft Windows CUR file parsing overflow attempt (file-other.rules)
 * 1:23500 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt (file-pdf.rules)
 * 1:23501 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23502 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23503 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23505 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compressed media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23508 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:23509 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules)
 * 1:23510 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules)
 * 1:23511 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules)
 * 1:23512 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules)
 * 1:23526 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:23527 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:23528 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules)
 * 1:23534 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:23535 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Download of version 4.0 file (file-office.rules)
 * 1:23536 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint CurrentUserAtom remote code execution attempt (file-office.rules)
 * 1:23537 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint HashCode10Atom memory corruption attempt (file-office.rules)
 * 1:23538 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PP7 Component buffer overflow attempt (file-office.rules)
 * 1:23539 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:23545 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules)
 * 1:23546 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules)
 * 1:23547 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules)
 * 1:23548 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:23549 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:23550 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules)
 * 1:23551 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:23552 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:23553 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:23554 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:23558 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:23559 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:23560 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23561 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules)
 * 1:23562 <-> DISABLED <-> FILE-OTHER Microsoft MHTML XSS attempt (file-other.rules)
 * 1:23563 <-> DISABLED <-> FILE-OTHER Microsoft Windows MHTML XSS attempt (file-other.rules)
 * 1:23565 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI DirectShow QuickTime parsing overflow attempt (file-multimedia.rules)
 * 1:23567 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI Header insufficient data corruption attempt (file-multimedia.rules)
 * 1:23568 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23569 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23570 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (file-multimedia.rules)
 * 1:23571 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (file-multimedia.rules)
 * 1:23572 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (file-multimedia.rules)
 * 1:23573 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (file-multimedia.rules)
 * 1:23574 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (file-multimedia.rules)
 * 1:23575 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23576 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23579 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules)
 * 1:23581 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23582 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules)
 * 1:23583 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23584 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules)
 * 1:23585 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:23586 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23591 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:23592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules)
 * 1:23619 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch broken (exploit-kit.rules)
 * 1:23622 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page request - tkr (exploit-kit.rules)
 * 1:23623 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime VR Track Header Atom heap corruption attempt (file-multimedia.rules)
 * 1:23699 <-> DISABLED <-> FILE-IDENTIFY SAP Crystal Reports file magic detected (file-identify.rules)
 * 1:23700 <-> DISABLED <-> FILE-IDENTIFY Microsoft Word for Mac 5 file magic detected (file-identify.rules)
 * 1:23701 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:23715 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access file magic detected (file-identify.rules)
 * 1:23716 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:23717 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:23718 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:23781 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:23785 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.floor catch (exploit-kit.rules)
 * 1:23786 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.round catch (exploit-kit.rules)
 * 1:23797 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection page (exploit-kit.rules)
 * 1:23837 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB host announcement format string exploit attempt (os-windows.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:23843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23848 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:23849 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:23850 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - hwehes (exploit-kit.rules)
 * 1:23943 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Visual Basic 6.0 malformed AVI buffer overflow attempt (file-multimedia.rules)
 * 1:23956 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23962 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - fewbgazr catch (exploit-kit.rules)
 * 1:23992 <-> DISABLED <-> FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (file-office.rules)
 * 1:24053 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (exploit-kit.rules)
 * 1:24054 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (exploit-kit.rules)
 * 1:24124 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:24186 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF variable name overflow attempt (file-office.rules)
 * 1:24187 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:24188 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:24189 <-> DISABLED <-> FILE-IMAGE XPM file format overflow attempt (file-image.rules)
 * 1:24197 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules)
 * 1:24198 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (server-webapp.rules)
 * 1:24200 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules)
 * 1:24203 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24204 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24205 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24220 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules)
 * 1:24226 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page received (exploit-kit.rules)
 * 1:24228 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page Received (exploit-kit.rules)
 * 1:24237 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (file-executable.rules)
 * 1:24238 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (file-executable.rules)
 * 1:24240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24242 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24272 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:24273 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:24274 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24275 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24276 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24277 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:24278 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:24279 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:24280 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request attempt (server-webapp.rules)
 * 1:24314 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24379 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24380 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24452 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG rendering buffer overflow attempt (browser-ie.rules)
 * 1:24501 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit fallback executable download (exploit-kit.rules)
 * 1:24535 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table integer overflow attempt (file-other.rules)
 * 1:24543 <-> DISABLED <-> EXPLOIT-KIT Blackhole admin page inbound access attempt (exploit-kit.rules)
 * 1:24544 <-> DISABLED <-> EXPLOIT-KIT Blackhole admin page outbound access attempt (exploit-kit.rules)
 * 1:24546 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24547 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24548 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24550 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (file-multimedia.rules)
 * 1:24556 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24557 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24558 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24593 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page received - specific structure (exploit-kit.rules)
 * 1:24599 <-> ENABLED <-> FILE-IDENTIFY Alt-N MDaemon IMAP Server (file-identify.rules)
 * 1:24608 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24636 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (exploit-kit.rules)
 * 1:24637 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (exploit-kit.rules)
 * 1:24638 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:24641 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie buffer overflow attempt (file-multimedia.rules)
 * 1:24657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules)
 * 1:24672 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules)
 * 1:24681 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24682 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24683 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24684 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24685 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24695 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules)
 * 1:24699 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24719 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP call state message offhook (protocol-voip.rules)
 * 1:24728 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24771 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:24772 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:24815 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio VSD file icon memory corruption attempt (file-office.rules)
 * 1:24823 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:24839 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:24840 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - JAR redirection (exploit-kit.rules)
 * 1:24904 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24905 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24906 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24907 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup exec_qr command injection attempt (server-oracle.rules)
 * 1:24913 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules)
 * 1:24915 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24997 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24999 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:25000 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:25043 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit url structure detected (exploit-kit.rules)
 * 1:25044 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25051 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit landing page redirection (exploit-kit.rules)
 * 1:25052 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit Java Exploit requested - 3 digit (exploit-kit.rules)
 * 1:25053 <-> DISABLED <-> EXPLOIT-KIT Redkit outbound class retrieval (exploit-kit.rules)
 * 1:25065 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:25066 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:25067 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riler variant outbound connection (malware-cnc.rules)
 * 1:25068 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riler inbound connection (malware-cnc.rules)
 * 1:25232 <-> DISABLED <-> BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (browser-firefox.rules)
 * 1:25233 <-> DISABLED <-> BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (browser-firefox.rules)
 * 1:25246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:25251 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules)
 * 1:25298 <-> DISABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules)
 * 1:25311 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules)
 * 1:25383 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.exe (exploit-kit.rules)
 * 1:25384 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - contacts.exe (exploit-kit.rules)
 * 1:25385 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - calc.exe (exploit-kit.rules)
 * 1:25386 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - about.exe (exploit-kit.rules)
 * 1:25387 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - readme.exe (exploit-kit.rules)
 * 1:25388 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:25389 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25390 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25391 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit obfuscated payload download (exploit-kit.rules)
 * 1:25502 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft GDI EMF malformed file buffer overflow attempt (file-multimedia.rules)
 * 1:25568 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:25569 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page (exploit-kit.rules)
 * 1:25587 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:25588 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader FlateDecode integer overflow attempt (file-pdf.rules)
 * 1:25611 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:25649 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:25797 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules)
 * 1:25800 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit Javascript request (exploit-kit.rules)
 * 1:25802 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit encoded portable executable request (exploit-kit.rules)
 * 1:25856 <-> DISABLED <-> PROTOCOL-TELNET Client env_opt_add Buffer Overflow attempt (protocol-telnet.rules)
 * 1:25969 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (file-office.rules)
 * 1:25972 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit three number PDF Request (exploit-kit.rules)
 * 1:26066 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26067 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26068 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26069 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26089 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio version number anomaly (file-office.rules)
 * 1:26109 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Obji Atom parsing stack buffer overflow attempt (file-multimedia.rules)
 * 1:26174 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:26175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:26227 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:26329 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel format record code execution attempt (file-office.rules)
 * 1:26330 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint TxMasterStyle10Atom atom numLevels buffer overflow attempt (file-office.rules)
 * 1:26337 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26338 <-> ENABLED <-> EXPLOIT-KIT IFRAMEr injection detection - leads to exploit kit (exploit-kit.rules)
 * 1:26339 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval - ff.php (exploit-kit.rules)
 * 1:26341 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:26342 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26343 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:26372 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:26373 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:26421 <-> DISABLED <-> BROWSER-PLUGINS Metalink file download parameter buffer overflow attempt (browser-plugins.rules)
 * 1:26434 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit jar file downloaded (exploit-kit.rules)
 * 1:26453 <-> DISABLED <-> FILE-OFFICE OpenOffice OLE File Stream Buffer Overflow attempt (file-office.rules)
 * 1:26472 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:26473 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26474 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26475 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26476 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26477 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26478 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26508 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.dll (exploit-kit.rules)
 * 1:26535 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26536 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:26599 <-> ENABLED <-> EXPLOIT-KIT Impact/Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26600 <-> ENABLED <-> EXPLOIT-KIT Impact/Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26602 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet name memory corruption attempt (file-office.rules)
 * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:2665 <-> DISABLED <-> PROTOCOL-IMAP login literal format string attempt (protocol-imap.rules)
 * 1:26663 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:26667 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes playlist overflow attempt (file-multimedia.rules)
 * 1:26672 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26676 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:26706 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26707 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26708 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26709 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26710 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26711 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed ftCMO record remote code execution attempt (file-office.rules)
 * 1:26724 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (file-multimedia.rules)
 * 1:26799 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26800 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26801 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26832 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control exploit attempt (file-office.rules)
 * 1:26856 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (file-image.rules)
 * 1:26857 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sRGB overflow attempt (file-image.rules)
 * 1:26858 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (file-image.rules)
 * 1:26859 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (file-image.rules)
 * 1:26861 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (file-image.rules)
 * 1:26862 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sPLT overflow attempt (file-image.rules)
 * 1:26863 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (file-image.rules)
 * 1:26864 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (file-image.rules)
 * 1:26866 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (file-image.rules)
 * 1:26978 <-> DISABLED <-> FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (file-image.rules)
 * 1:27001 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks Remote Management overflow attempt (server-other.rules)
 * 1:27071 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:27072 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:27081 <-> ENABLED <-> EXPLOIT-KIT Nailed exploit kit Internet Explorer exploit download - autopwn (exploit-kit.rules)
 * 1:27082 <-> ENABLED <-> EXPLOIT-KIT Nailed exploit kit flash remote code execution exploit download - autopwn (exploit-kit.rules)
 * 1:27166 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27167 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27168 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27212 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27213 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27214 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27215 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint schemes record buffer overflow (file-office.rules)
 * 1:27216 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint printer record buffer overflow (file-office.rules)
 * 1:27222 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:27243 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirectAction (server-apache.rules)
 * 1:27251 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (file-other.rules)
 * 1:27271 <-> ENABLED <-> EXPLOIT-KIT iFramer toolkit injected iframe detected - specific structure (exploit-kit.rules)
 * 1:27544 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab runtime traffic detected (malware-cnc.rules)
 * 1:27545 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27546 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27547 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27548 <-> ENABLED <-> MALWARE-OTHER Osx.Trojan.Janicab file download attempt (malware-other.rules)
 * 1:27549 <-> ENABLED <-> MALWARE-OTHER Osx.Trojan.Janicab file download attempt (malware-other.rules)
 * 1:27580 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27581 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27584 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27585 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27586 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27587 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27588 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27589 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27590 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27591 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27634 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (file-office.rules)
 * 1:27635 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Record Code Execution attempt (file-office.rules)
 * 1:27671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (file-flash.rules)
 * 1:27695 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27696 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27697 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit successful Java exploit (exploit-kit.rules)
 * 1:27718 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file buffer overflow attempt (os-windows.rules)
 * 1:27719 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (os-windows.rules)
 * 1:27757 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX clsid access (browser-plugins.rules)
 * 1:27758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:27788 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access (browser-plugins.rules)
 * 1:27789 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27790 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27791 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27792 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (browser-plugins.rules)
 * 1:27793 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access (browser-plugins.rules)
 * 1:27798 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27799 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules)
 * 1:27800 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (browser-plugins.rules)
 * 1:27865 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Darkleech exploit kit landing page request (exploit-kit.rules)
 * 1:27881 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Flash Player (exploit-kit.rules)
 * 1:27883 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Oracle Java (exploit-kit.rules)
 * 1:27885 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27886 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27892 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Acrobat Reader (exploit-kit.rules)
 * 1:27893 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27894 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - about.dll (exploit-kit.rules)
 * 1:27895 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.dll (exploit-kit.rules)
 * 1:27896 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - contacts.dll (exploit-kit.rules)
 * 1:27897 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - calc.dll (exploit-kit.rules)
 * 1:27898 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - readme.dll (exploit-kit.rules)
 * 1:27908 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules)
 * 1:27909 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules)
 * 1:27945 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules)
 * 1:27947 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:27948 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:28029 <-> ENABLED <-> EXPLOIT-KIT Magnitude/Popads/Nuclear exploit kit jnlp request (exploit-kit.rules)
 * 1:28108 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Adobe Flash exploit download attempt (exploit-kit.rules)
 * 1:28113 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (file-office.rules)
 * 1:28124 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (file-other.rules)
 * 1:28128 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28130 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28133 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28228 <-> DISABLED <-> SERVER-WEBAPP Microsoft Interactive Training buffer overflow attempt (server-webapp.rules)
 * 1:28236 <-> ENABLED <-> EXPLOIT-KIT Magnitude/Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:28263 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:28311 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28312 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28313 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28314 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28316 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28317 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28318 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28319 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28320 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28321 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28322 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28413 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit embedded redirection attempt (exploit-kit.rules)
 * 1:28428 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit landing page (exploit-kit.rules)
 * 1:28429 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit outbound jnlp download attempt (exploit-kit.rules)
 * 1:28430 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit zip file download (exploit-kit.rules)
 * 1:28440 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file invalid memory allocation exploit attempt (file-office.rules)
 * 1:28441 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28442 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28443 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28482 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Terminator RAT variant outbound connection (malware-cnc.rules)
 * 1:28493 <-> ENABLED <-> MALWARE-CNC DeputyDog diskless method outbound connection (malware-cnc.rules)
 * 1:28612 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28613 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit landing page - specific-structure (exploit-kit.rules)
 * 1:28614 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit landing page (exploit-kit.rules)
 * 1:28616 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit payload download attempt (exploit-kit.rules)
 * 1:28677 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28678 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28686 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28989 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Egobot variant outbound connection (malware-cnc.rules)
 * 1:29032 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MasterPagePackedText structure CharacterFormatArrayOuterHeaderSize buffer overflow (file-office.rules)
 * 1:29033 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MasterPagePackedText structure CharacterFormatArrayOuterHeaderSize buffer overflow (file-office.rules)
 * 1:29066 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit XORed payload download attempt (exploit-kit.rules)
 * 1:29128 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit plugin detection page (exploit-kit.rules)
 * 1:29130 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit malicious payload download attempt (exploit-kit.rules)
 * 1:29264 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtX memory corruption attempt (file-office.rules)
 * 1:29326 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules)
 * 1:29327 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules)
 * 1:29328 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules)
 * 1:29329 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtX memory corruption attempt (file-office.rules)
 * 1:29404 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel country record arbitrary code execution attempt (file-office.rules)
 * 1:29434 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file overread buffer overflow attempt (file-image.rules)
 * 1:29435 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:29436 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:29502 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules)
 * 1:29511 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM jovgraph.exe CGI hostname parameter bugger overflow attempt (server-webapp.rules)
 * 1:29513 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows RAP API NetServerEnum2 long comment buffer overflow attempt (os-windows.rules)
 * 1:29523 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:29528 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 46 integer overflow attempt (server-other.rules)
 * 1:29529 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 47 integer overflow attempt (server-other.rules)
 * 1:29530 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 54 integer overflow attempt (server-other.rules)
 * 1:29531 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 25 integer overflow attempt (server-other.rules)
 * 1:29532 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 81 integer overflow attempt (server-other.rules)
 * 1:29536 <-> DISABLED <-> SERVER-OTHER Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (server-other.rules)
 * 1:29580 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox SVG data processing obfuscated memory corruption attempt (browser-firefox.rules)
 * 1:29581 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:29617 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules)
 * 1:29621 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (netbios.rules)
 * 1:29624 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow attempt (browser-firefox.rules)
 * 1:29625 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow attempt (browser-firefox.rules)
 * 1:29754 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules)
 * 1:29796 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:29797 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:29804 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29805 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29806 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29814 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer null attribute DoS attempt (browser-ie.rules)
 * 1:29936 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - CookieInterceptor (server-apache.rules)
 * 1:29937 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules)
 * 1:29943 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB2 client NetBufferList NULL entry remote code execution attempt (os-windows.rules)
 * 1:30037 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zaleelq variant outbound connection (malware-cnc.rules)
 * 1:30232 <-> DISABLED <-> OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (os-windows.rules)
 * 1:30233 <-> DISABLED <-> OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (os-windows.rules)
 * 1:3066 <-> DISABLED <-> PROTOCOL-IMAP append overflow attempt (protocol-imap.rules)
 * 1:30941 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:30990 <-> ENABLED <-> MALWARE-CNC Shiqiang Gang malicious XLS targeted attack detection (malware-cnc.rules)
 * 1:30991 <-> ENABLED <-> MALWARE-CNC Shiqiang Gang malicious XLS targeted attack detection (malware-cnc.rules)
 * 1:31017 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Adobe Reader Extension race condition attempt (browser-plugins.rules)
 * 1:31018 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Adobe Reader Extension race condition attempt (browser-plugins.rules)
 * 1:31031 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word WordPerfect converter buffer overflow attempt (file-office.rules)
 * 1:31032 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word WordPerfect converter buffer overflow attempt (file-office.rules)
 * 1:31279 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31296 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules)
 * 1:31301 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules)
 * 1:31365 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager remote code execution attempt (server-webapp.rules)
 * 1:31373 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:31374 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Qsir and Qsif record remote code execution attempt (file-office.rules)
 * 1:31420 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:31421 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:31427 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules)
 * 1:31428 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:31434 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Section Table Array Buffer Overflow attempt (file-office.rules)
 * 1:31437 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:31439 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31440 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules)
 * 1:31462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules)
 * 1:31473 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31474 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31475 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31476 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31504 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:31562 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (file-office.rules)
 * 1:31591 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:31592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:31650 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail file execution attempt (server-mail.rules)
 * 1:3171 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:31716 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Otupsys variant outbound connection (malware-cnc.rules)
 * 1:31756 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:31757 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:31758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (browser-plugins.rules)
 * 1:31759 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX clsid access (browser-plugins.rules)
 * 1:31760 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31761 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31762 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31763 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31777 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing announce overflow attempt (file-other.rules)
 * 1:31778 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing comment overflow attempt (file-other.rules)
 * 1:31779 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing name overflow attempt (file-other.rules)
 * 1:31780 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing path overflow attempt (file-other.rules)
 * 1:31843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules)
 * 1:31844 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules)
 * 1:31845 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules)
 * 1:31846 <-> DISABLED <-> POLICY-OTHER HP Universal CMDB default credentials authentication attempt (policy-other.rules)
 * 1:31875 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (file-office.rules)
 * 1:31876 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (file-office.rules)
 * 1:31946 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start arbitrary command execution attempt (file-java.rules)
 * 1:32062 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32063 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32064 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Filter Records Handling Code Execution attempt (file-office.rules)
 * 1:32083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed file format parsing code execution attempt (file-office.rules)
 * 1:32094 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalete Record Memory Corruption attempt (file-office.rules)
 * 1:32095 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (file-office.rules)
 * 1:32122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtWnDesk record memory corruption exploit attempt (file-office.rules)
 * 1:32131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:32132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:32133 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XBM image processing buffer overflow attempt (browser-firefox.rules)
 * 1:32136 <-> DISABLED <-> FILE-OTHER GNU gzip LZH decompression make_table overflow attempt (file-other.rules)
 * 1:32206 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style record overflow attempt (file-office.rules)
 * 1:32223 <-> DISABLED <-> SERVER-OTHER Firebird database invalid state integer overflow attempt (server-other.rules)
 * 1:32224 <-> DISABLED <-> SERVER-OTHER Firebird database invalid state integer overflow attempt (server-other.rules)
 * 1:32365 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (browser-ie.rules)
 * 1:32532 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules)
 * 1:32615 <-> DISABLED <-> OS-WINDOWS Microsoft Windows search protocol remote command injection attempt (os-windows.rules)
 * 1:32625 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DV record buffer overflow attempt (file-office.rules)
 * 1:32629 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:32630 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:32631 <-> DISABLED <-> NETBIOS SMB server response heap overflow attempt (netbios.rules)
 * 1:32642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:32643 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:32644 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:32738 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:32739 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:32754 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX clsid access (browser-plugins.rules)
 * 1:32786 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:32840 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:32842 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:32843 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:32844 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules)
 * 1:32869 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:32870 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:32871 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:33041 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:33043 <-> DISABLED <-> FILE-MULTIMEDIA Multiple media players M3U playlist file handling buffer overflow attempt (file-multimedia.rules)
 * 1:33044 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33045 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access attempt (browser-plugins.rules)
 * 1:33115 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:33116 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:33198 <-> DISABLED <-> OS-WINDOWS Outlook Express WAB file parsing buffer overflow attempt (os-windows.rules)
 * 1:33479 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt (os-windows.rules)
 * 1:33492 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33493 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33494 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33495 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33548 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Access multiple control instantiation memory corruption attempt (browser-plugins.rules)
 * 1:33566 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules)
 * 1:33575 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33576 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33577 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33578 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33579 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33582 <-> DISABLED <-> SERVER-SAMBA Samba WINS Server Name Registration handling stack buffer overflow attempt (server-samba.rules)
 * 1:33584 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:33585 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:33586 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (file-multimedia.rules)
 * 1:33589 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:33590 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:33591 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:33601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:33602 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:33670 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size1 dos attempt (server-other.rules)
 * 1:33671 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size2 dos attempt (server-other.rules)
 * 1:33672 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size3 dos attempt (server-other.rules)
 * 1:33684 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:33740 <-> DISABLED <-> FILE-IMAGE Microsoft emf file download request (file-image.rules)
 * 1:33824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:33827 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:33828 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:33829 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:33979 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:33980 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:34048 <-> DISABLED <-> SERVER-APACHE Apache mod_log_config cookie handling denial of service attempt (server-apache.rules)
 * 1:34055 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34056 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34061 <-> DISABLED <-> SERVER-IIS Microsoft IIS Range header integer overflow attempt (server-iis.rules)
 * 1:34135 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (file-image.rules)
 * 1:34293 <-> DISABLED <-> FILE-IMAGE Microsoft Windows wmf integer overflow attempt (file-image.rules)
 * 1:34294 <-> DISABLED <-> FILE-IMAGE Microsoft Windows wmf integer overflow attempt (file-image.rules)
 * 1:3453 <-> DISABLED <-> SERVER-OTHER Arkeia client backup system info probe (server-other.rules)
 * 1:3454 <-> DISABLED <-> SERVER-OTHER Arkeia client backup generic info probe (server-other.rules)
 * 1:3458 <-> DISABLED <-> SERVER-OTHER Arkeia backup client type 84 overflow attempt (server-other.rules)
 * 1:34632 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes WPD attachment handling buffer overflow attempt (server-mail.rules)
 * 1:3474 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP slot info msg client name overflow (server-other.rules)
 * 1:3475 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP slot info msg client domain overflow (server-other.rules)
 * 1:3476 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9b client domain overflow (server-other.rules)
 * 1:3477 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9b client name overflow (server-other.rules)
 * 1:3478 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9c client domain overflow (server-other.rules)
 * 1:3479 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9c client name overflow (server-other.rules)
 * 1:3480 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP slot info msg client name overflow (server-other.rules)
 * 1:3481 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP slot info msg client domain overflow (server-other.rules)
 * 1:3482 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9b client name overflow (server-other.rules)
 * 1:3483 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9b client domain overflow (server-other.rules)
 * 1:3484 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9c client name overflow (server-other.rules)
 * 1:34847 <-> ENABLED <-> MALWARE-CNC Linux.Trojan.ChinaZ outbound connection (malware-cnc.rules)
 * 1:3485 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9c client domain overflow (server-other.rules)
 * 1:34857 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Fanny outbound connection (malware-cnc.rules)
 * 1:34890 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32ZLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34891 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32Zlib.dll dll-load exploit attempt (file-other.rules)
 * 1:34892 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:34893 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:34894 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34895 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34896 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:34897 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:34898 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:34899 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:34900 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:34901 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:34902 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34903 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34904 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34905 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:34906 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:34907 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34908 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34909 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34910 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34911 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:34912 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:34913 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:34914 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:34915 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro quserex.dll dll-load exploit attempt (netbios.rules)
 * 1:34916 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro u32zlib.dll dll-load exploit attempt (netbios.rules)
 * 1:3521 <-> DISABLED <-> SERVER-OTHER Computer Associates license GCR CHECKSUMS overflow attempt (server-other.rules)
 * 1:3524 <-> DISABLED <-> SERVER-OTHER Computer Associates license invalid GCR CHECKSUMS attempt (server-other.rules)
 * 1:3525 <-> DISABLED <-> SERVER-OTHER Computer Associates license invalid GCR NETWORK attempt (server-other.rules)
 * 1:3529 <-> DISABLED <-> SERVER-OTHER Computer Associates license GETCONFIG client overflow attempt (server-other.rules)
 * 1:3530 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP msg 0x99 client name overflow (server-other.rules)
 * 1:3531 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP msg 0x99 client domain overflow (server-other.rules)
 * 1:3553 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM null DHTML element insertion attempt (browser-ie.rules)
 * 1:35747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:35748 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:35771 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:35772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:3591 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMDeleteObject overflow attempt (os-windows.rules)
 * 1:36363 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS show_rechis cross site scripting attempt (server-webapp.rules)
 * 1:36364 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS index cross site scripting attempt (server-webapp.rules)
 * 1:36365 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS show_rechis cross site scripting attempt (server-webapp.rules)
 * 1:36366 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS index cross site scripting attempt (server-webapp.rules)
 * 1:3637 <-> DISABLED <-> SERVER-OTHER Computer Associates license PUTOLF directory traversal attempt (server-other.rules)
 * 1:36431 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:36432 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:36453 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (browser-ie.rules)
 * 1:36559 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:36560 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:3659 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 1000 buffer overflow attempt (server-other.rules)
 * 1:3660 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 00 little endian buffer overflow attempt (server-other.rules)
 * 1:3661 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 00 buffer overflow attempt (server-other.rules)
 * 1:3662 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 03 little endian buffer overflow attempt (server-other.rules)
 * 1:3663 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 03 buffer overflow attempt (server-other.rules)
 * 1:36644 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:36645 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:36646 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:36772 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Scriptlet Component ActiveX clsid access (browser-plugins.rules)
 * 1:36782 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:36783 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:37029 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37030 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37031 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37032 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37033 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37034 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37035 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37293 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt  (file-office.rules)
 * 1:37294 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt  (file-office.rules)
 * 1:37423 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:37710 <-> ENABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:3822 <-> DISABLED <-> SERVER-WEBAPP RealNetworks RealPlayer realtext long URI request attempt (server-webapp.rules)
 * 1:38576 <-> ENABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38577 <-> ENABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38669 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onpropertychange use-after-free attempt (browser-ie.rules)
 * 1:38670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onpropertychange use-after-free attempt (browser-ie.rules)
 * 1:39601 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39602 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39603 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39604 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39605 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39606 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39607 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39608 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39609 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39610 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39611 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39612 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39613 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39614 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39615 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39616 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39617 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39618 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39619 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39620 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39621 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39622 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39623 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39624 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39625 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39626 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39627 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39628 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39629 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39630 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39631 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39632 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39763 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:39764 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:39870 <-> DISABLED <-> INDICATOR-COMPROMISE Oracle E-Business Suite arbitrary node deletion (indicator-compromise.rules)
 * 1:39875 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt (netbios.rules)
 * 1:40243 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40244 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40245 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40246 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40247 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40248 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:4072 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_DetectResourceConflict attempt (os-windows.rules)
 * 1:41094 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:4129 <-> DISABLED <-> SERVER-OTHER Novell ZenWorks Remote Management Agent large login packet DoS attempt (server-other.rules)
 * 1:4172 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent v1.5 ActiveX clsid access (browser-plugins.rules)
 * 1:41728 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:41729 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:41730 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:41731 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:42440 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42441 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42442 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42443 <-> ENABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42444 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42445 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42446 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:43067 <-> ENABLED <-> PROTOCOL-IMAP IMAP CRAM-MD5 authentication attempt (protocol-imap.rules)
 * 1:43068 <-> DISABLED <-> SERVER-OTHER IBM Lotus Domino IMAP server CRAM-MD5 authentication buffer overflow attempt (server-other.rules)
 * 1:43337 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:43338 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:43606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (browser-plugins.rules)
 * 1:43674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:43675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:43698 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:43699 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:43830 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:43831 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:43989 <-> DISABLED <-> INDICATOR-OBFUSCATION newlines embedded in rtf header (indicator-obfuscation.rules)
 * 1:43990 <-> DISABLED <-> INDICATOR-OBFUSCATION RTF obfuscation string (indicator-obfuscation.rules)
 * 1:44031 <-> DISABLED <-> FILE-OFFICE Powerpoint Viewer malformed msoDrawing property table buffer overflow attempt (file-office.rules)
 * 1:44032 <-> DISABLED <-> FILE-OFFICE Powerpoint Viewer malformed msoDrawing property table buffer overflow attempt (file-office.rules)
 * 1:44035 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:44044 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox invalid watchpoint memory corruption attempt (browser-firefox.rules)
 * 1:44045 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox invalid watchpoint memory corruption attempt (browser-firefox.rules)
 * 1:44046 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44047 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44048 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44049 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44068 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:44069 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:44129 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:44130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:44131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:44132 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:44146 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JSXML integer overflow attempt (browser-firefox.rules)
 * 1:44147 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JSXML integer overflow attempt (browser-firefox.rules)
 * 1:44188 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption attempt (browser-ie.rules)
 * 1:44281 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:44282 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:44283 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:44284 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:44290 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:44296 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:44455 <-> DISABLED <-> FILE-IMAGE Apple PICT Quickdraw image converter packType 4 buffer overflow attempt (file-image.rules)
 * 1:44456 <-> DISABLED <-> FILE-IMAGE Apple PICT Quickdraw image converter packType 4 buffer overflow attempt (file-image.rules)
 * 1:44729 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler buffer overflow attempt (browser-ie.rules)
 * 1:44730 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler buffer overflow attempt (browser-ie.rules)
 * 1:44877 <-> DISABLED <-> SERVER-OTHER  Citrix XenApp and XenDesktop XML service memory corruption attempt (server-other.rules)
 * 1:45142 <-> ENABLED <-> BROWSER-IE Microsoft Edge Array type confusion attempt (browser-ie.rules)
 * 1:45143 <-> ENABLED <-> BROWSER-IE Microsoft Edge Array type confusion attempt (browser-ie.rules)
 * 1:45148 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:45149 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:45154 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:4826 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetRootDeviceInstance attempt (os-windows.rules)
 * 1:4890 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer IAVIStream & IAVIFile Proxy ActiveX object access (browser-plugins.rules)
 * 1:4891 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer cfw Class ActiveX object access (browser-plugins.rules)
 * 1:4892 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MTSEvents Class ActiveX object access (browser-plugins.rules)
 * 1:4893 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Trident HTMLEditor ActiveX object access (browser-plugins.rules)
 * 1:4894 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSEnumVariant ActiveX object access (browser-plugins.rules)
 * 1:4895 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeInfo ActiveX object access (browser-plugins.rules)
 * 1:4896 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeLib ActiveX object access (browser-plugins.rules)
 * 1:4897 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSOAInterface ActiveX object access (browser-plugins.rules)
 * 1:4898 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeComp ActiveX object access (browser-plugins.rules)
 * 1:4900 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Outlook Progress Ctl ActiveX object access (browser-plugins.rules)
 * 1:4901 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR Allocator Presenter 9 ActiveX object access (browser-plugins.rules)
 * 1:4902 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Video Mixing Renderer 9 ActiveX object access (browser-plugins.rules)
 * 1:4903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR ImageSync 9 ActiveX object access (browser-plugins.rules)
 * 1:4904 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Alias ActiveX object access (browser-plugins.rules)
 * 1:4905 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Object ActiveX object access (browser-plugins.rules)
 * 1:4906 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Interface Definition ActiveX object access (browser-plugins.rules)
 * 1:4907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Collection Definition ActiveX object access (browser-plugins.rules)
 * 1:4908 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Method Definition ActiveX object access (browser-plugins.rules)
 * 1:4909 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Property Definition ActiveX object access (browser-plugins.rules)
 * 1:4910 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Relationship Definition ActiveX object access (browser-plugins.rules)
 * 1:4911 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Type Library ActiveX object access (browser-plugins.rules)
 * 1:4912 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Root ActiveX object access (browser-plugins.rules)
 * 1:4913 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Workspace ActiveX object access (browser-plugins.rules)
 * 1:4914 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Script Definition ActiveX object access (browser-plugins.rules)
 * 1:4915 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shortcut Handler ActiveX object access (browser-plugins.rules)
 * 1:4986 <-> DISABLED <-> SERVER-WEBAPP Twiki view rev command injection attempt (server-webapp.rules)
 * 1:4987 <-> DISABLED <-> SERVER-WEBAPP Twiki viewfile rev command injection attempt (server-webapp.rules)
 * 1:5319 <-> DISABLED <-> OS-WINDOWS Microsoft Windows picture and fax viewer wmf arbitrary code execution attempt (os-windows.rules)
 * 1:5485 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:5702 <-> DISABLED <-> PROTOCOL-IMAP subscribe directory traversal attempt (protocol-imap.rules)
 * 1:5705 <-> DISABLED <-> PROTOCOL-IMAP CAPABILITY overflow attempt (protocol-imap.rules)
 * 1:5711 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player zero length bitmap heap overflow attempt (file-image.rules)
 * 1:6405 <-> DISABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager overflow attempt (server-other.rules)
 * 1:6412 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Address Book attachment detected (server-mail.rules)
 * 1:6413 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Address Book Base64 encoded attachment detected (server-mail.rules)
 * 1:6502 <-> DISABLED <-> FILE-IMAGE Mozilla GIF single packet heap overflow - ANIMEXTS1.0 (file-image.rules)
 * 1:6507 <-> DISABLED <-> SERVER-WEBAPP novell edirectory imonitor overflow attempt (server-webapp.rules)
 * 1:6510 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mhtml uri shortcut buffer overflow attempt (browser-ie.rules)
 * 1:6690 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iCCP overflow attempt (file-image.rules)
 * 1:6691 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (file-image.rules)
 * 1:6693 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (file-image.rules)
 * 1:6694 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (file-image.rules)
 * 1:6696 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (file-image.rules)
 * 1:6698 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (file-image.rules)
 * 1:6699 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (file-image.rules)
 * 1:6701 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (file-image.rules)
 * 1:7003 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX function call access (browser-plugins.rules)
 * 1:7028 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:7029 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:7035 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans mailslot heap overflow attempt (os-windows.rules)
 * 1:7036 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode mailslot heap overflow attempt (os-windows.rules)
 * 1:7037 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans mailslot heap overflow attempt (os-windows.rules)
 * 1:7038 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode mailslot heap overflow attempt (os-windows.rules)
 * 1:7039 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7040 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7041 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7042 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7207 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION SQL injection attempt (server-oracle.rules)
 * 1:7208 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_METADATA access attempt (server-oracle.rules)
 * 1:7210 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:7425 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 9x8Resize ActiveX clsid access (browser-plugins.rules)
 * 1:7427 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Allocator Fix ActiveX clsid access (browser-plugins.rules)
 * 1:7429 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Bitmap ActiveX clsid access (browser-plugins.rules)
 * 1:7431 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectFrame.DirectControl.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7433 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectX Transform Wrapper Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:7436 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Dynamic Casts ActiveX function call (browser-plugins.rules)
 * 1:7437 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Frame Eater ActiveX clsid access (browser-plugins.rules)
 * 1:7439 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Help ActiveX clsid access (browser-plugins.rules)
 * 1:7442 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mmAEPlugIn.AEPlugIn.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Mmedia.AsyncMHandler.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Record Queue ActiveX clsid access (browser-plugins.rules)
 * 1:7448 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ShotDetect ActiveX clsid access (browser-plugins.rules)
 * 1:7450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Stetch ActiveX clsid access (browser-plugins.rules)
 * 1:7452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM Color Converter Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7454 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2ae.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7456 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxa.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7458 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxb.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7460 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Audio Analyzer ActiveX clsid access (browser-plugins.rules)
 * 1:7462 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Black Frame Generator ActiveX clsid access (browser-plugins.rules)
 * 1:7464 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7466 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:7468 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DirectX Transform Wrapper ActiveX clsid access (browser-plugins.rules)
 * 1:7470 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DV Extract Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7472 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:7474 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion ActiveX clsid access (browser-plugins.rules)
 * 1:7476 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Import Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7478 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Interlacer ActiveX clsid access (browser-plugins.rules)
 * 1:7480 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Log Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7482 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT MuxDeMux Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7484 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Sample Info Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7486 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen Capture Filter Task Page ActiveX clsid access (browser-plugins.rules)
 * 1:7488 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen capture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7490 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Switch Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7492 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Renderer ActiveX clsid access (browser-plugins.rules)
 * 1:7494 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Source ActiveX clsid access (browser-plugins.rules)
 * 1:7496 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Volume ActiveX clsid access (browser-plugins.rules)
 * 1:7498 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM TV Out Smooth Picture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7500 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM VIH2 Fix ActiveX clsid access (browser-plugins.rules)
 * 1:7862 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsAppExpired ActiveX function call access (browser-plugins.rules)
 * 1:7863 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsOldAppInstalled ActiveX function call access (browser-plugins.rules)
 * 1:7866 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Connection ActiveX clsid access (browser-plugins.rules)
 * 1:7868 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX clsid access (browser-plugins.rules)
 * 1:7870 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Data Source Control 9.0 ActiveX clsid access (browser-plugins.rules)
 * 1:7914 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX clsid access (browser-plugins.rules)
 * 1:7928 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7934 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7938 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7942 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer http Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7944 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer https Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7958 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mk Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7978 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (browser-plugins.rules)
 * 1:7981 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:8060 <-> DISABLED <-> SERVER-OTHER UltraVNC VNCLog buffer overflow (server-other.rules)
 * 1:8377 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8381 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8383 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8385 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8387 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8389 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8405 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ActiveX clsid access (browser-plugins.rules)
 * 1:8409 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8425 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX function call access (browser-plugins.rules)
 * 1:8740 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX function call access (browser-plugins.rules)
 * 1:8846 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Character Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8848 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8850 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8854 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX function call access (browser-plugins.rules)
 * 1:8856 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v1.5 ActiveX function call access (browser-plugins.rules)
 * 1:9131 <-> DISABLED <-> BROWSER-PLUGINS WinZip FileView 6.1 ActiveX function call access (browser-plugins.rules)
 * 1:9132 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwrOpenEnumNdsStubTrees_Any overflow attempt (os-windows.rules)
 * 1:9228 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwGetConnectionInformation overflow attempt (os-windows.rules)
 * 1:9421 <-> ENABLED <-> MALWARE-OTHER zotob attempt (malware-other.rules)
 * 1:9432 <-> DISABLED <-> OS-WINDOWS Microsoft Agent buffer overflow attempt (os-windows.rules)
 * 1:9433 <-> DISABLED <-> OS-WINDOWS Microsoft Agent buffer overflow attempt (os-windows.rules)
 * 1:9441 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath overflow attempt (netbios.rules)
 * 1:9634 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9C remote buffer overflow attempt TCP (server-other.rules)
 * 1:9635 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9B remote buffer overflow attempt UDP (server-other.rules)
 * 1:9636 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9C remote buffer overflow attempt UDP (server-other.rules)
 * 1:9769 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:9848 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vector Markup Language recolorinfo tag numfills parameter buffer overflow attempt (os-windows.rules)

2018-02-01 01:09:42 UTC

Snort Subscriber Rules Update

Date: 2018-01-31

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091100.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:45579 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP subscribe request denial of service attempt (protocol-voip.rules)
 * 1:45581 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP options request denial of service attempt (protocol-voip.rules)
 * 1:45578 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP options request denial of service attempt (protocol-voip.rules)
 * 1:45587 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45586 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player or Explorer Malformed MIDI File DOS attempt (file-multimedia.rules)
 * 1:45577 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP invite request denial of service attempt (protocol-voip.rules)
 * 1:45585 <-> DISABLED <-> SERVER-WEBAPP PMSotware Simple Web Server connection header buffer overflow attempt (server-webapp.rules)
 * 1:45591 <-> DISABLED <-> PROTOCOL-FTP LabF nfsAxe FTP Client buffer overflow attempt (protocol-ftp.rules)
 * 1:45582 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP subscribe request denial of service attempt (protocol-voip.rules)
 * 1:45576 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (browser-firefox.rules)
 * 1:45580 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP invite request denial of service attempt (protocol-voip.rules)
 * 1:45571 <-> DISABLED <-> SERVER-OTHER Commvault Communications Service command injection attempt (server-other.rules)
 * 1:45589 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45574 <-> ENABLED <-> MALWARE-CNC Win.Trojan.xxmm second stage configuration download attempt (malware-cnc.rules)
 * 1:45584 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP SIP servers discovery attempt (protocol-voip.rules)
 * 1:45590 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:17663 <-> DISABLED <-> SERVER-OTHER Apple CUPS SGI image decoding buffer overflow attempt (server-other.rules)
 * 1:45583 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP SIP servers discovery attempt (protocol-voip.rules)
 * 1:45588 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 3:45575 <-> ENABLED <-> SERVER-OTHER Cisco ASA VPN aggregateAuthDataHandler double free attempt (server-other.rules)

Modified Rules:


 * 1:32739 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:32840 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:32644 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:32738 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:32842 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:32754 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX clsid access (browser-plugins.rules)
 * 1:10062 <-> DISABLED <-> FILE-IMAGE Oracle Java Virtual Machine malformed GIF buffer overflow attempt (file-image.rules)
 * 1:10063 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox query interface suspicious function call access attempt (browser-firefox.rules)
 * 1:10087 <-> DISABLED <-> SERVER-OTHER VNC password request buffer overflow attempt (server-other.rules)
 * 1:10188 <-> DISABLED <-> PROTOCOL-FTP Ipswitch Ws_ftp XMD5 overflow attempt (protocol-ftp.rules)
 * 1:10390 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX clsid access (browser-plugins.rules)
 * 1:10392 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX function call access (browser-plugins.rules)
 * 1:10395 <-> DISABLED <-> BROWSER-PLUGINS Symantec SupportSoft SmartIssue ActiveX function call access (browser-plugins.rules)
 * 1:10603 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP dns R_DnssrvUpdateRecord2 overflow attempt (os-windows.rules)
 * 1:11186 <-> DISABLED <-> SERVER-OTHER CA eTrust key handling dos (password -- server-other.rules)
 * 1:11196 <-> DISABLED <-> SERVER-OTHER MaxDB WebDBM get buffer overflow (server-other.rules)
 * 1:11257 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (browser-ie.rules)
 * 1:11324 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor 3 ActiveX function call access (browser-plugins.rules)
 * 1:11443 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt (netbios.rules)
 * 1:11823 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX clsid unicode access (browser-plugins.rules)
 * 1:11824 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call access (browser-plugins.rules)
 * 1:11825 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call unicode access (browser-plugins.rules)
 * 1:11828 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Voice Control ActiveX function call access (browser-plugins.rules)
 * 1:11832 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Direct Speech Recognition ActiveX function call access (browser-plugins.rules)
 * 1:11837 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail file execution attempt (server-mail.rules)
 * 1:12064 <-> DISABLED <-> SERVER-IIS w3svc _vti_bin null pointer dereference attempt (server-iis.rules)
 * 1:12079 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12114 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12115 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12195 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Widgets Engine ActiveX function call access (browser-plugins.rules)
 * 1:12197 <-> DISABLED <-> SERVER-OTHER CA message queuing server buffer overflow attempt (server-other.rules)
 * 1:12205 <-> DISABLED <-> BROWSER-PLUGINS VMWare Vielib.dll ActiveX function call access (browser-plugins.rules)
 * 1:12212 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail literal search date command buffer overflow attempt (server-mail.rules)
 * 1:12217 <-> DISABLED <-> SERVER-OTHER Borland interbase string length buffer overflow attempt (server-other.rules)
 * 1:12261 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX clsid access (browser-plugins.rules)
 * 1:12263 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX function call access (browser-plugins.rules)
 * 1:12265 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX clsid access (browser-plugins.rules)
 * 1:12267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX function call access (browser-plugins.rules)
 * 1:12270 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TLIApplication ActiveX function call (browser-plugins.rules)
 * 1:12273 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid access (browser-plugins.rules)
 * 1:12275 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX function call access (browser-plugins.rules)
 * 1:12277 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS memory corruption exploit (browser-ie.rules)
 * 1:12281 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (browser-ie.rules)
 * 1:12282 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (browser-ie.rules)
 * 1:12332 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _TakeActionOnAFile attempt (netbios.rules)
 * 1:12341 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_a0030 attempt (netbios.rules)
 * 1:12444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX clsid access (browser-plugins.rules)
 * 1:12446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX function call access (browser-plugins.rules)
 * 1:12450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent Control ActiveX function call access (browser-plugins.rules)
 * 1:12452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent File Provider ActiveX clsid access (browser-plugins.rules)
 * 1:12463 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Visual Studio Crystal Reports RPT file handling buffer overflow attempt (os-windows.rules)
 * 1:12595 <-> DISABLED <-> SERVER-IIS malicious ASP file upload attempt (server-iis.rules)
 * 1:12612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX clsid access (browser-plugins.rules)
 * 1:12616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access attempt (browser-plugins.rules)
 * 1:12631 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging small offset malformed jpeg tables (os-windows.rules)
 * 1:12632 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging large offset malformed jpeg tables (os-windows.rules)
 * 1:12634 <-> DISABLED <-> FILE-IMAGE Microsoft Windows 2000 Kodak Imaging large offset malformed tiff 2 (file-image.rules)
 * 1:12642 <-> DISABLED <-> OS-WINDOWS RPC NTLMSSP malformed credentials (os-windows.rules)
 * 1:12643 <-> DISABLED <-> OS-WINDOWS Microsoft Windows URI External handler arbitrary command attempt (os-windows.rules)
 * 1:12664 <-> DISABLED <-> BROWSER-IE Microsoft Windows ShellExecute and Internet Explorer 7 url handling code execution attempt (browser-ie.rules)
 * 1:12687 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:12731 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX function call access (browser-plugins.rules)
 * 1:12742 <-> DISABLED <-> SERVER-OTHER Apple Quicktime UDP RTSP sdp type buffer overflow attempt (server-other.rules)
 * 1:12768 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules)
 * 1:12775 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer obfuscated Ierpplug.dll ActiveX exploit attempt (browser-plugins.rules)
 * 1:12780 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access attempt (browser-plugins.rules)
 * 1:12782 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access attempt (browser-plugins.rules)
 * 1:12985 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt (netbios.rules)
 * 1:13158 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format interchange data integer overflow attempt (file-multimedia.rules)
 * 1:13159 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format audio error masking integer overflow attempt (file-multimedia.rules)
 * 1:13160 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming audio spread error correction data length integer overflow attempt (file-multimedia.rules)
 * 1:13162 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (netbios.rules)
 * 1:13216 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX function call access (browser-plugins.rules)
 * 1:13222 <-> DISABLED <-> SERVER-OTHER Motorola Timbuktu crafted login request buffer overflow attempt (server-other.rules)
 * 1:13226 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar YShortcut ActiveX function call access (browser-plugins.rules)
 * 1:13269 <-> DISABLED <-> OS-WINDOWS Multiple product nntp uri handling code execution attempt (os-windows.rules)
 * 1:13270 <-> DISABLED <-> OS-WINDOWS Multiple product news uri handling code execution attempt (os-windows.rules)
 * 1:13271 <-> DISABLED <-> OS-WINDOWS Multiple product telnet uri handling code execution attempt (os-windows.rules)
 * 1:13272 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:13298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX function call access (browser-plugins.rules)
 * 1:13305 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX function call access (browser-plugins.rules)
 * 1:13316 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing ART buffer overflow attempt (file-multimedia.rules)
 * 1:13318 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cmt buffer overflow attempt (file-multimedia.rules)
 * 1:13319 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing des buffer overflow attempt (file-multimedia.rules)
 * 1:13320 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cpy buffer overflow attempt (file-multimedia.rules)
 * 1:13323 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX function call access (browser-plugins.rules)
 * 1:13421 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX function call access (browser-plugins.rules)
 * 1:13430 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13432 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX function call access (browser-plugins.rules)
 * 1:13434 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13436 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13438 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (browser-plugins.rules)
 * 1:13440 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (browser-plugins.rules)
 * 1:13442 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13444 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13448 <-> DISABLED <-> OS-WINDOWS Microsoft Windows vbscript/jscript scripting engine begin buffer overflow attempt (os-windows.rules)
 * 1:13453 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid access (browser-ie.rules)
 * 1:13454 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid unicode access (browser-ie.rules)
 * 1:13456 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX function call unicode access (browser-ie.rules)
 * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox streaming malicious metadata (server-other.rules)
 * 1:13541 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX function call access (browser-plugins.rules)
 * 1:13554 <-> DISABLED <-> SERVER-OTHER Sybase SQL Anywhere Mobilink version string buffer overflow (server-other.rules)
 * 1:13555 <-> DISABLED <-> SERVER-OTHER Sybase SQL Anywhere Mobilink remoteID string buffer overflow (server-other.rules)
 * 1:13580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components remote code execution attempt ActiveX clsid access (browser-plugins.rules)
 * 1:13583 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file download request (file-identify.rules)
 * 1:13584 <-> ENABLED <-> FILE-IDENTIFY CSV file download request (file-identify.rules)
 * 1:13585 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:13591 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan CGI password decryption buffer overflow attempt (server-webapp.rules)
 * 1:13605 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:13607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX clsid access (browser-plugins.rules)
 * 1:13609 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX function call access (browser-plugins.rules)
 * 1:13623 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX function call access (browser-plugins.rules)
 * 1:13629 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:13630 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:13633 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:13668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX clsid access (browser-plugins.rules)
 * 1:13670 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX function call access (browser-plugins.rules)
 * 1:13674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control 2 ActiveX function call access (browser-plugins.rules)
 * 1:13699 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:13720 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 3 ActiveX clsid access (browser-plugins.rules)
 * 1:13722 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 4 ActiveX clsid access (browser-plugins.rules)
 * 1:13724 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 5 ActiveX clsid access (browser-plugins.rules)
 * 1:13726 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 6 ActiveX clsid access (browser-plugins.rules)
 * 1:13728 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 7 ActiveX clsid access (browser-plugins.rules)
 * 1:13730 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 8 ActiveX clsid access (browser-plugins.rules)
 * 1:13732 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 9 ActiveX clsid access (browser-plugins.rules)
 * 1:13736 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 11 ActiveX clsid access (browser-plugins.rules)
 * 1:13738 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 12 ActiveX clsid access (browser-plugins.rules)
 * 1:13740 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 13 ActiveX clsid access (browser-plugins.rules)
 * 1:13742 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 14 ActiveX clsid access (browser-plugins.rules)
 * 1:13744 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 15 ActiveX clsid access (browser-plugins.rules)
 * 1:13746 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 16 ActiveX clsid access (browser-plugins.rules)
 * 1:13748 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 17 ActiveX clsid access (browser-plugins.rules)
 * 1:13750 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 18 ActiveX clsid access (browser-plugins.rules)
 * 1:13752 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 19 ActiveX clsid access (browser-plugins.rules)
 * 1:13754 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 20 ActiveX clsid access (browser-plugins.rules)
 * 1:13756 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 21 ActiveX clsid access (browser-plugins.rules)
 * 1:13804 <-> DISABLED <-> SERVER-OTHER Borland Software InterBase ibserver.exe Service Attach Request buffer overflow attempt (server-other.rules)
 * 1:13821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13823 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX SAMI file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:13824 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (file-multimedia.rules)
 * 1:13888 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13889 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13890 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13891 <-> DISABLED <-> SERVER-MSSQL Memory page overwrite attempt  (server-mssql.rules)
 * 1:13892 <-> DISABLED <-> SERVER-MSSQL Convert function style overwrite  (server-mssql.rules)
 * 1:13903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13912 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer isComponentInstalled attack attempt (browser-ie.rules)
 * 1:13918 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13922 <-> DISABLED <-> SERVER-IIS Microsoft IIS HTMLEncode Unicode string buffer overflow  (server-iis.rules)
 * 1:13948 <-> DISABLED <-> PROTOCOL-DNS large number of NXDOMAIN replies - possible DNS cache poisoning (protocol-dns.rules)
 * 1:13960 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (browser-ie.rules)
 * 1:13963 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (browser-ie.rules)
 * 1:13964 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption attempt (browser-ie.rules)
 * 1:14023 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:14027 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14029 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:14031 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14040 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt (server-other.rules)
 * 1:14041 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt - 2 (server-other.rules)
 * 1:14042 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer General Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:14044 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX function call access (browser-plugins.rules)
 * 1:14046 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14048 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14050 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14052 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX function call access (browser-plugins.rules)
 * 1:14257 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (browser-plugins.rules)
 * 1:14607 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:14613 <-> DISABLED <-> BROWSER-PLUGINS VMWare VMCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft RSClientPrint ActiveX clsid access (browser-plugins.rules)
 * 1:14647 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search Search filename size integer underflow attempt (os-windows.rules)
 * 1:14648 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14650 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14651 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14652 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14653 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14654 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14726 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt (os-windows.rules)
 * 1:14758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX function call access (browser-plugins.rules)
 * 1:14762 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX function call access (browser-plugins.rules)
 * 1:14765 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service Agent ActiveX function call (browser-plugins.rules)
 * 1:14773 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer handshake buffer overflow attempt (server-other.rules)
 * 1:14783 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (os-windows.rules)
 * 1:14896 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB v4 srvsvc NetrpPathCononicalize unicode path cononicalization stack overflow attempt (os-windows.rules)
 * 1:14897 <-> DISABLED <-> BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX function call access (browser-plugins.rules)
 * 1:14988 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt (netbios.rules)
 * 1:14990 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory SOAP Accept Charset header overflow attempt (server-webapp.rules)
 * 1:15012 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML DLL memory corruption attempt (browser-ie.rules)
 * 1:15084 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX clsid access (browser-plugins.rules)
 * 1:15086 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX function call access (browser-plugins.rules)
 * 1:15096 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15102 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:15109 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15112 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX function call access (browser-plugins.rules)
 * 1:15146 <-> DISABLED <-> SERVER-OTHER Apple CUPS RGB+Alpha PNG filter overly large image height integer overflow attempt (server-other.rules)
 * 1:15186 <-> DISABLED <-> SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (server-other.rules)
 * 1:15191 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox animated PNG processing integer overflow (browser-firefox.rules)
 * 1:15197 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15198 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode param_count underflow attempt (os-windows.rules)
 * 1:15199 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15200 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15201 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15202 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15203 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15204 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15205 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15207 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15208 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15209 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15210 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15211 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15212 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15213 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15214 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15215 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15216 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15217 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15218 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15219 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15221 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode param_count underflow attempt (os-windows.rules)
 * 1:15224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15245 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX function call access (browser-plugins.rules)
 * 1:15256 <-> DISABLED <-> SERVER-ORACLE BPEL process manager XSS injection attempt (server-oracle.rules)
 * 1:15257 <-> DISABLED <-> SERVER-ORACLE Secure Backup common.php variable based command injection attempt (server-oracle.rules)
 * 1:15268 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode ActiveX function call access (browser-plugins.rules)
 * 1:15299 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (file-office.rules)
 * 1:15303 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Malformed IconBitsComponent arbitrary code execution attempt (file-office.rules)
 * 1:15313 <-> DISABLED <-> BROWSER-PLUGINS Research In Motion AxLoader ActiveX function call access (browser-plugins.rules)
 * 1:15358 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:15422 <-> DISABLED <-> SERVER-OTHER Sun One web proxy server overflow attempt (server-other.rules)
 * 1:15430 <-> DISABLED <-> FILE-OTHER Microsoft EMF+ GpFont.SetData buffer overflow attempt (file-other.rules)
 * 1:15455 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office Text Converters XST parsing buffer overflow attempt (file-office.rules)
 * 1:15457 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (os-windows.rules)
 * 1:15459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted/unitialized object memory corruption attempt (browser-ie.rules)
 * 1:15460 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ActiveX load/unload race condition attempt (browser-ie.rules)
 * 1:15468 <-> ENABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:15479 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP Request Proxy-Require header heap buffer overflow attempt (server-other.rules)
 * 1:15482 <-> DISABLED <-> SERVER-OTHER Oracle Java System sockd authentication buffer overflow attempt (server-other.rules)
 * 1:15508 <-> DISABLED <-> SERVER-OTHER DCERPC NCADG-IP-UDP lsarpc LsarLookupSids translated_names overflow attempt (server-other.rules)
 * 1:15523 <-> DISABLED <-> OS-WINDOWS Microsoft Windows srvsvc NetrShareEnum netname overflow attempt (os-windows.rules)
 * 1:15524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15526 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:15529 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain navigation cookie stealing attempt (browser-ie.rules)
 * 1:15554 <-> DISABLED <-> SERVER-ORACLE Application Server 10g OPMN service format string vulnerability exploit attempt (server-oracle.rules)
 * 1:15588 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15590 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 10 ActiveX clsid access (browser-plugins.rules)
 * 1:15592 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 11 ActiveX clsid access (browser-plugins.rules)
 * 1:15594 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 12 ActiveX clsid access (browser-plugins.rules)
 * 1:15596 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 13 ActiveX clsid access (browser-plugins.rules)
 * 1:15598 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 14 ActiveX clsid access (browser-plugins.rules)
 * 1:15600 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 15 ActiveX clsid access (browser-plugins.rules)
 * 1:15602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 16 ActiveX clsid access (browser-plugins.rules)
 * 1:15604 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 17 ActiveX clsid access (browser-plugins.rules)
 * 1:15606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 18 ActiveX clsid access (browser-plugins.rules)
 * 1:15608 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 19 ActiveX clsid access (browser-plugins.rules)
 * 1:15610 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 20 ActiveX clsid access (browser-plugins.rules)
 * 1:15614 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 21 ActiveX clsid access (browser-plugins.rules)
 * 1:15616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 22 ActiveX clsid access (browser-plugins.rules)
 * 1:15618 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 23 ActiveX clsid access (browser-plugins.rules)
 * 1:15620 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 24 ActiveX clsid access (browser-plugins.rules)
 * 1:15622 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 25 ActiveX clsid access (browser-plugins.rules)
 * 1:15624 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 26 ActiveX clsid access (browser-plugins.rules)
 * 1:15626 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 27 ActiveX clsid access (browser-plugins.rules)
 * 1:15628 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 28 ActiveX clsid access (browser-plugins.rules)
 * 1:15630 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 29 ActiveX clsid access (browser-plugins.rules)
 * 1:15632 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 3 ActiveX clsid access (browser-plugins.rules)
 * 1:15634 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 30 ActiveX clsid access (browser-plugins.rules)
 * 1:15636 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 31 ActiveX clsid access (browser-plugins.rules)
 * 1:15640 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 33 ActiveX clsid access (browser-plugins.rules)
 * 1:15642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 34 ActiveX clsid access (browser-plugins.rules)
 * 1:15644 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 35 ActiveX clsid access (browser-plugins.rules)
 * 1:15646 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 36 ActiveX clsid access (browser-plugins.rules)
 * 1:15648 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 37 ActiveX clsid access (browser-plugins.rules)
 * 1:15650 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 38 ActiveX clsid access (browser-plugins.rules)
 * 1:15652 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 39 ActiveX clsid access (browser-plugins.rules)
 * 1:15654 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 4 ActiveX clsid access (browser-plugins.rules)
 * 1:15656 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 40 ActiveX clsid access (browser-plugins.rules)
 * 1:15658 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 41 ActiveX clsid access (browser-plugins.rules)
 * 1:15660 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 42 ActiveX clsid access (browser-plugins.rules)
 * 1:15662 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 43 ActiveX clsid access (browser-plugins.rules)
 * 1:15664 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 44 ActiveX clsid access (browser-plugins.rules)
 * 1:15666 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 45 ActiveX clsid access (browser-plugins.rules)
 * 1:15668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 5 ActiveX clsid access (browser-plugins.rules)
 * 1:15671 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX function call (browser-plugins.rules)
 * 1:15674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 8 ActiveX clsid access (browser-plugins.rules)
 * 1:15676 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 9 ActiveX clsid access (browser-plugins.rules)
 * 1:15678 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:15679 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (browser-plugins.rules)
 * 1:15684 <-> DISABLED <-> OS-WINDOWS Multiple product snews uri handling code execution attempt (os-windows.rules)
 * 1:15687 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 10 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15689 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:15691 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15695 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (file-other.rules)
 * 1:15703 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15704 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMSS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15705 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PCAST protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15706 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes DAAP protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15849 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (os-windows.rules)
 * 1:15852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components Datasource ActiveX clsid access (browser-plugins.rules)
 * 1:15855 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (browser-plugins.rules)
 * 1:15881 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters Name Field attempt (netbios.rules)
 * 1:15894 <-> DISABLED <-> OS-WINDOWS Microsoft Color Management Module remote code execution attempt (os-windows.rules)
 * 1:15907 <-> DISABLED <-> OS-LINUX Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (os-linux.rules)
 * 1:15911 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt (netbios.rules)
 * 1:15924 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:15943 <-> DISABLED <-> SERVER-OTHER CA Multiple Products Console Server login credentials handling overflow attempt (server-other.rules)
 * 1:15949 <-> DISABLED <-> FILE-OTHER McAfee LHA file handling overflow attempt (file-other.rules)
 * 1:15952 <-> DISABLED <-> SERVER-MYSQL create function libc arbitrary code execution attempt (server-mysql.rules)
 * 1:15992 <-> DISABLED <-> FILE-OTHER Trend Micro Products Antivirus Library overflow attempt (file-other.rules)
 * 1:16002 <-> DISABLED <-> FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (file-other.rules)
 * 1:16003 <-> DISABLED <-> FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (file-other.rules)
 * 1:16023 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Vista Windows mail file execution attempt (file-executable.rules)
 * 1:16024 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (browser-firefox.rules)
 * 1:16034 <-> DISABLED <-> SERVER-SAMBA Samba spools RPC smb_io_notify_option_type_data request handling buffer overflow attempt (server-samba.rules)
 * 1:16043 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html tag memory corruption attempt (browser-ie.rules)
 * 1:16050 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (browser-firefox.rules)
 * 1:16068 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music Jukebox ActiveX exploit (browser-plugins.rules)
 * 1:16073 <-> DISABLED <-> OS-WINDOWS MS-SQL convert function unicode overflow (os-windows.rules)
 * 1:16074 <-> DISABLED <-> SQL Suspicious SQL ansi_padding option (sql.rules)
 * 1:16191 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration server authentication bypass attempt - via GET (server-oracle.rules)
 * 1:16193 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent SMTP AUTH LOGIN command buffer overflow attempt (server-mail.rules)
 * 1:16194 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory HTTP request content-length heap buffer overflow attempt (server-webapp.rules)
 * 1:16198 <-> DISABLED <-> SERVER-APACHE Apache mod_auth_pgsql module logging facility format string exploit attempt (server-apache.rules)
 * 1:16296 <-> DISABLED <-> FILE-OTHER Kaspersky antivirus library heap buffer overflow - with optional fields (file-other.rules)
 * 1:16364 <-> DISABLED <-> SERVER-OTHER IBM DB2 database server SQLSTT denial of service attempt (server-other.rules)
 * 1:16432 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:16521 <-> DISABLED <-> SERVER-OTHER Squid Proxy http version number overflow attempt (server-other.rules)
 * 1:16578 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder 9 ActiveX buffer overflow attempt (os-windows.rules)
 * 1:16588 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX clsid access (browser-plugins.rules)
 * 1:16602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow 3 ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:16607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX control access attempt (browser-plugins.rules)
 * 1:16610 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (browser-plugins.rules)
 * 1:16679 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDIplus integer overflow attempt (os-windows.rules)
 * 1:16690 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:16748 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX function call access (browser-plugins.rules)
 * 1:16751 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16762 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX andx attempt (netbios.rules)
 * 1:16764 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX unicode andx attempt (netbios.rules)
 * 1:16766 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow andx attempt (netbios.rules)
 * 1:16777 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16778 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16786 <-> DISABLED <-> FILE-OFFICE Microsoft Office Web Components Spreadsheet ActiveX buffer overflow attempt (file-office.rules)
 * 1:16798 <-> DISABLED <-> FILE-OTHER Orbit Downloader long URL buffer overflow attempt (file-other.rules)
 * 1:17050 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration Server authentication bypass attempt (server-webapp.rules)
 * 1:17052 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17053 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17054 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17213 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (browser-firefox.rules)
 * 1:17220 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17221 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17222 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17226 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX initialization via script (browser-plugins.rules)
 * 1:17228 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player skin decompression code execution attempt (os-windows.rules)
 * 1:17262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17269 <-> DISABLED <-> PROTOCOL-TELNET Client env_opt_add Buffer Overflow attempt (protocol-telnet.rules)
 * 1:17272 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer AVI parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17280 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (server-webapp.rules)
 * 1:17313 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17348 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17349 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17370 <-> ENABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17374 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:17379 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (browser-firefox.rules)
 * 1:17384 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17385 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17386 <-> DISABLED <-> SERVER-WEBAPP Lighttpd mod_fastcgi Extension CGI Variable Overwriting Vulnerability attempt (server-webapp.rules)
 * 1:17388 <-> DISABLED <-> FILE-IMAGE OpenOffice EMF file EMR record parsing integer overflow attempt (file-image.rules)
 * 1:17405 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17406 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17413 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:17415 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (browser-firefox.rules)
 * 1:17440 <-> DISABLED <-> SERVER-IIS RSA authentication agent for web redirect buffer overflow attempt (server-iis.rules)
 * 1:17459 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17460 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17464 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX clsid access (browser-plugins.rules)
 * 1:17467 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17468 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17471 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17472 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17474 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17475 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17476 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt (server-oracle.rules)
 * 1:17477 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17478 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17479 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17480 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17489 <-> DISABLED <-> FILE-OTHER Microsoft Windows Help File Heap Buffer Overflow attempt (file-other.rules)
 * 1:17498 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17499 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17500 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17501 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17502 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17508 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file download request (file-identify.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:17512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17513 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17514 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17516 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17546 <-> DISABLED <-> FILE-IDENTIFY Microsoft Media Player compressed skin download request (file-identify.rules)
 * 1:17568 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:17570 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (browser-firefox.rules)
 * 1:17598 <-> ENABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17619 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17624 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (file-java.rules)
 * 1:17626 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (os-windows.rules)
 * 1:17628 <-> DISABLED <-> FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (file-image.rules)
 * 1:17634 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian object call overflow attempt (netbios.rules)
 * 1:17636 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 object call overflow attempt (netbios.rules)
 * 1:17637 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 overflow attempt (netbios.rules)
 * 1:17643 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCServe logger servie null-pointer dereference attempt (server-other.rules)
 * 1:17644 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (browser-ie.rules)
 * 1:17646 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:17652 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS source code disclosure attempt (server-iis.rules)
 * 1:17664 <-> DISABLED <-> FILE-OFFICE Microsoft Office GIF image descriptor memory corruption attempt (file-office.rules)
 * 1:17678 <-> DISABLED <-> FILE-IMAGE Adobe BMP image handler buffer overflow attempt (file-image.rules)
 * 1:17691 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17695 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:17736 <-> DISABLED <-> SERVER-OTHER McAfee LHA Type-2 file handling overflow attempt (server-other.rules)
 * 1:17808 <-> DISABLED <-> FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (file-flash.rules)
 * 1:18171 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18172 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18173 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18189 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18190 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18191 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18192 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18193 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18194 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18248 <-> DISABLED <-> SERVER-OTHER Unisys Business Information Server stack buffer overflow attempt (server-other.rules)
 * 1:18250 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products EscapeAttributeValue integer overflow attempt (browser-firefox.rules)
 * 1:18283 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:18284 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:18285 <-> DISABLED <-> SERVER-OTHER BrightStor ARCserve backup tape engine buffer overflow attempt (server-other.rules)
 * 1:18291 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 77 Attempt (server-other.rules)
 * 1:18292 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 84 Attempt (server-other.rules)
 * 1:18296 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products frame comment objects manipulation memory corruption attempt (browser-firefox.rules)
 * 1:18303 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler overflow attempt (browser-ie.rules)
 * 1:18304 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18305 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18306 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18313 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:18317 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail RCPT TO proxy overflow attempt (server-mail.rules)
 * 1:18319 <-> DISABLED <-> SERVER-SAMBA Samba DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (server-samba.rules)
 * 1:18476 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:18484 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (file-multimedia.rules)
 * 1:18512 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:18518 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:18520 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18521 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18522 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18523 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules)
 * 1:18574 <-> DISABLED <-> SERVER-MAIL RCPT TO overflow (server-mail.rules)
 * 1:18579 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager OpenView5 CGI buffer overflow attempt (server-webapp.rules)
 * 1:18591 <-> DISABLED <-> FILE-OTHER CoolPlayer Playlist File Handling Buffer Overflow (file-other.rules)
 * 1:18600 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:18603 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (server-mail.rules)
 * 1:18616 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18635 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:18710 <-> DISABLED <-> SERVER-OTHER McAfee ePolicy Orchestrator Framework Services buffer overflow attempt (server-other.rules)
 * 1:18771 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18772 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18800 <-> DISABLED <-> FILE-OTHER Adobe RoboHelp Server Arbitrary File Upload (file-other.rules)
 * 1:18905 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18906 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18907 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18908 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18909 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18910 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18911 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18912 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18913 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18914 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18915 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18916 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18917 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18918 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18919 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18920 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18921 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18922 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18923 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18924 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18925 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18962 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:18992 <-> DISABLED <-> FILE-FLASH Adobe Flash Player content parsing execution attempt (file-flash.rules)
 * 1:19079 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getElementById object corruption (browser-ie.rules)
 * 1:19087 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19088 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19089 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19090 <-> DISABLED <-> SERVER-OTHER CA Discovery Serice Overflow Attempt (server-other.rules)
 * 1:19293 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:1930 <-> DISABLED <-> PROTOCOL-IMAP auth literal overflow attempt (protocol-imap.rules)
 * 1:19559 <-> DISABLED <-> INDICATOR-SCAN SSH brute force login attempt (indicator-scan.rules)
 * 1:19599 <-> DISABLED <-> SERVER-ORACLE Warehouse builder WE_OLAP_AW_REMOVE_SOLVE_ID SQL Injection attempt (server-oracle.rules)
 * 1:19618 <-> DISABLED <-> FILE-OTHER Multiple products dwmapi.dll dll-load exploit attempt (file-other.rules)
 * 1:19693 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:19714 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:19811 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:19815 <-> DISABLED <-> SERVER-OTHER HP Operations Manager Server Default Credientials in use attempt (server-other.rules)
 * 1:19892 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System modem string buffer overflow attempt (server-other.rules)
 * 1:19925 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX client browser plugin call-back-url buffer overflow attempt (browser-plugins.rules)
 * 1:20071 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID access (browser-plugins.rules)
 * 1:20204 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Taidoor variant outbound connection (malware-cnc.rules)
 * 1:20277 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:20278 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:20279 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:20546 <-> DISABLED <-> SERVER-OTHER BakBone NetVault client heap overflow attempt (server-other.rules)
 * 1:20552 <-> DISABLED <-> SERVER-MAIL Mercury Mail Transport System buffer overflow attempt (server-mail.rules)
 * 1:20554 <-> ENABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:20555 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:20575 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:20576 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:20590 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:20671 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory Crafted LDAP ModifyRequest (os-windows.rules)
 * 1:20744 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player DirectShow MPEG-2 memory corruption attempt (os-windows.rules)
 * 1:20878 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:20879 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:20882 <-> ENABLED <-> FILE-OFFICE Microsoft Windows embedded packager object identifier (file-office.rules)
 * 1:20883 <-> DISABLED <-> FILE-OFFICE Microsoft Windows embedded packager object with .application extension bypass attempt (file-office.rules)
 * 1:21003 <-> DISABLED <-> MALWARE-CNC Cute Pack cute-ie.html request (malware-cnc.rules)
 * 1:21004 <-> DISABLED <-> MALWARE-CNC Cute Pack cute-ie.html landing page (malware-cnc.rules)
 * 1:21006 <-> DISABLED <-> MALWARE-CNC Yang Pack yg.htm landing page (malware-cnc.rules)
 * 1:21041 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - main.php?page= (exploit-kit.rules)
 * 1:21042 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?f= (exploit-kit.rules)
 * 1:21043 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?e= (exploit-kit.rules)
 * 1:21044 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:21045 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:2105 <-> DISABLED <-> PROTOCOL-IMAP authenticate literal overflow attempt (protocol-imap.rules)
 * 1:2106 <-> DISABLED <-> PROTOCOL-IMAP lsub overflow attempt (protocol-imap.rules)
 * 1:21068 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit landing page (exploit-kit.rules)
 * 1:21069 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit exploit fetch request (exploit-kit.rules)
 * 1:21070 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit pdf exploit page request (exploit-kit.rules)
 * 1:21071 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit post-exploit page request (exploit-kit.rules)
 * 1:21084 <-> DISABLED <-> SERVER-MSSQL MSSQL CONVERT function buffer overflow attempt (server-mssql.rules)
 * 1:21085 <-> DISABLED <-> SERVER-MSSQL MSSQL CONVERT function unicode buffer overflow attempt (server-mssql.rules)
 * 1:21096 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit control panel access (exploit-kit.rules)
 * 1:21097 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit post-exploit download request (exploit-kit.rules)
 * 1:21098 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:21099 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit malicious pdf request (exploit-kit.rules)
 * 1:21141 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit control panel access (exploit-kit.rules)
 * 1:21156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21158 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21163 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook VEVENT overflow attempt (file-office.rules)
 * 1:21186 <-> DISABLED <-> SERVER-ORACLE MDSYS drop table trigger injection attempt (server-oracle.rules)
 * 1:21233 <-> DISABLED <-> SERVER-WEBAPP Symantec Antivirus admin scan interface negative Content-Length attempt (server-webapp.rules)
 * 1:21259 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit response (exploit-kit.rules)
 * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21298 <-> DISABLED <-> SERVER-WEBAPP Microsoft SharePoint chart webpart XSS attempt (server-webapp.rules)
 * 1:21309 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules)
 * 1:21310 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules)
 * 1:21343 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit pdf request (exploit-kit.rules)
 * 1:21344 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit pdf download (exploit-kit.rules)
 * 1:21345 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit malicious jar request (exploit-kit.rules)
 * 1:21346 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit malicious jar download (exploit-kit.rules)
 * 1:21347 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - .php?page= (exploit-kit.rules)
 * 1:21348 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - search.php?page= (exploit-kit.rules)
 * 1:21414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules)
 * 1:21438 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit JavaScript carat string splitting with hostile applet (exploit-kit.rules)
 * 1:21462 <-> DISABLED <-> FILE-JAVA Oracle Java Plugin security bypass (file-java.rules)
 * 1:21492 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21529 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 Find_First2 filename overflow attempt (os-windows.rules)
 * 1:21539 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific header (exploit-kit.rules)
 * 1:21549 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific header (exploit-kit.rules)
 * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21567 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21581 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - BBB (exploit-kit.rules)
 * 1:21640 <-> DISABLED <-> EXPLOIT-KIT Phoenix exploit kit landing page (exploit-kit.rules)
 * 1:21646 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21647 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:21657 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:21658 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:21659 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Home/index.php (exploit-kit.rules)
 * 1:21660 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Index/index.php (exploit-kit.rules)
 * 1:21661 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - catch (exploit-kit.rules)
 * 1:21754 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:21766 <-> DISABLED <-> FILE-IMAGE Apple QuickDraw PICT images ARGB records handling memory corruption attempt (file-image.rules)
 * 1:21770 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21771 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21772 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21773 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21774 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21775 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21791 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21794 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:21806 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:21860 <-> ENABLED <-> MALWARE-CNC Phoenix exploit kit post-compromise behavior (malware-cnc.rules)
 * 1:21874 <-> ENABLED <-> EXPLOIT-KIT Possible exploit kit post compromise activity - StrReverse (exploit-kit.rules)
 * 1:21875 <-> ENABLED <-> EXPLOIT-KIT Possible exploit kit post compromise activity - taskkill (exploit-kit.rules)
 * 1:21876 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit landing page with specific structure - Loading (exploit-kit.rules)
 * 1:21917 <-> DISABLED <-> SERVER-OTHER Novell Groupwise HTTP response message parsing overflow (server-other.rules)
 * 1:21928 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:21931 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:21932 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:21933 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (file-office.rules)
 * 1:21942 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:21943 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:22003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:22004 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22005 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22006 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22007 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22008 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22010 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22011 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22012 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22039 <-> DISABLED <-> EXPLOIT-KIT Blackhole suspected landing page (exploit-kit.rules)
 * 1:22040 <-> DISABLED <-> EXPLOIT-KIT Blackhole suspected landing page (exploit-kit.rules)
 * 1:22041 <-> DISABLED <-> EXPLOIT-KIT Blackhole landing redirection page (exploit-kit.rules)
 * 1:22081 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:22949 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:22951 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (server-webapp.rules)
 * 1:23010 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules)
 * 1:23055 <-> DISABLED <-> PROTOCOL-FTP Cisco IOS FTP MKD buffer overflow attempt (protocol-ftp.rules)
 * 1:23091 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23092 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23093 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23094 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23095 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23105 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23127 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET xbap STGMEDIUM.unionmember arbitrary number overwrite attempt (file-executable.rules)
 * 1:23142 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23143 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23144 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23145 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23146 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23150 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed graphic record code execution attempt (file-office.rules)
 * 1:23153 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23154 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23155 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23156 <-> DISABLED <-> EXPLOIT-KIT Nuclear Pack exploit kit landing page (exploit-kit.rules)
 * 1:23157 <-> ENABLED <-> EXPLOIT-KIT Nuclear Pack exploit kit binary download (exploit-kit.rules)
 * 1:23158 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:23159 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:23162 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Online ncrypt.dll dll-load exploit attempt (os-windows.rules)
 * 1:23163 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Online wlanapi.dll dll-load exploit attempt (os-windows.rules)
 * 1:23165 <-> DISABLED <-> SERVER-OTHER Microsoft Lync Online wlanapi.dll dll-load exploit attempt (server-other.rules)
 * 1:23181 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework xbap DataObject object pointer attempt (file-executable.rules)
 * 1:23211 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook arbitrary command line attempt (file-office.rules)
 * 1:23218 <-> ENABLED <-> EXPLOIT-KIT Redkit Repeated Exploit Request Pattern (exploit-kit.rules)
 * 1:23224 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page Requested - 8Digit.html (exploit-kit.rules)
 * 1:23228 <-> DISABLED <-> BROWSER-PLUGINS Oracle Webcenter ActiveX clsid access (browser-plugins.rules)
 * 1:23240 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:23259 <-> DISABLED <-> SERVER-WEBAPP LANDesk Thinkmanagement Suite ServerSetup directory traversal attempt (server-webapp.rules)
 * 1:23266 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23267 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23268 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23270 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules)
 * 1:23272 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23279 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (server-webapp.rules)
 * 1:23283 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23287 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23288 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23289 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23290 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23291 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23292 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23293 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23294 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23295 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23296 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23297 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23299 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23300 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23301 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23302 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23304 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23371 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:23407 <-> DISABLED <-> SERVER-WEBAPP Apple iChat url format string exploit attempt (server-webapp.rules)
 * 1:23499 <-> DISABLED <-> FILE-OTHER Microsoft Windows CUR file parsing overflow attempt (file-other.rules)
 * 1:23500 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt (file-pdf.rules)
 * 1:23501 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23502 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23503 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23505 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compressed media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23508 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:23509 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules)
 * 1:23510 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules)
 * 1:23511 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules)
 * 1:23512 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules)
 * 1:23526 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:23527 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:23528 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules)
 * 1:23534 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:23535 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Download of version 4.0 file (file-office.rules)
 * 1:23536 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint CurrentUserAtom remote code execution attempt (file-office.rules)
 * 1:23537 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint HashCode10Atom memory corruption attempt (file-office.rules)
 * 1:23538 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PP7 Component buffer overflow attempt (file-office.rules)
 * 1:23539 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:23545 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules)
 * 1:23546 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules)
 * 1:23547 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules)
 * 1:23548 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:23549 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:23550 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules)
 * 1:23551 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:23552 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:23553 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:23554 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:23558 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:23559 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:23560 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23561 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules)
 * 1:23562 <-> DISABLED <-> FILE-OTHER Microsoft MHTML XSS attempt (file-other.rules)
 * 1:23563 <-> DISABLED <-> FILE-OTHER Microsoft Windows MHTML XSS attempt (file-other.rules)
 * 1:23565 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI DirectShow QuickTime parsing overflow attempt (file-multimedia.rules)
 * 1:23567 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI Header insufficient data corruption attempt (file-multimedia.rules)
 * 1:23568 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23569 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23570 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (file-multimedia.rules)
 * 1:23571 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (file-multimedia.rules)
 * 1:23572 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (file-multimedia.rules)
 * 1:23573 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (file-multimedia.rules)
 * 1:23574 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (file-multimedia.rules)
 * 1:23575 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23576 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23579 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules)
 * 1:23581 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23582 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules)
 * 1:23583 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23584 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules)
 * 1:23585 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:23586 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23591 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:23592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules)
 * 1:23619 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch broken (exploit-kit.rules)
 * 1:23622 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page request - tkr (exploit-kit.rules)
 * 1:23623 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime VR Track Header Atom heap corruption attempt (file-multimedia.rules)
 * 1:23699 <-> DISABLED <-> FILE-IDENTIFY SAP Crystal Reports file magic detected (file-identify.rules)
 * 1:23700 <-> DISABLED <-> FILE-IDENTIFY Microsoft Word for Mac 5 file magic detected (file-identify.rules)
 * 1:23701 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:23715 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access file magic detected (file-identify.rules)
 * 1:23716 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:23717 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:23718 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:23781 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:23785 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.floor catch (exploit-kit.rules)
 * 1:23786 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.round catch (exploit-kit.rules)
 * 1:23797 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection page (exploit-kit.rules)
 * 1:23837 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB host announcement format string exploit attempt (os-windows.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:23843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23848 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:23849 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:23850 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - hwehes (exploit-kit.rules)
 * 1:23943 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Visual Basic 6.0 malformed AVI buffer overflow attempt (file-multimedia.rules)
 * 1:23956 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23962 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - fewbgazr catch (exploit-kit.rules)
 * 1:23992 <-> DISABLED <-> FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (file-office.rules)
 * 1:24053 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (exploit-kit.rules)
 * 1:24054 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (exploit-kit.rules)
 * 1:24124 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:24186 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF variable name overflow attempt (file-office.rules)
 * 1:24187 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:24188 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:24189 <-> DISABLED <-> FILE-IMAGE XPM file format overflow attempt (file-image.rules)
 * 1:24197 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules)
 * 1:24198 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (server-webapp.rules)
 * 1:24200 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules)
 * 1:24203 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24204 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24205 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24220 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules)
 * 1:24226 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page received (exploit-kit.rules)
 * 1:24228 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page Received (exploit-kit.rules)
 * 1:24237 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (file-executable.rules)
 * 1:24238 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (file-executable.rules)
 * 1:24240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24242 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24272 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:24273 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:24274 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24275 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24276 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24277 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:24278 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:24279 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:24280 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request attempt (server-webapp.rules)
 * 1:24314 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24379 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24380 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24452 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG rendering buffer overflow attempt (browser-ie.rules)
 * 1:24501 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit fallback executable download (exploit-kit.rules)
 * 1:24535 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table integer overflow attempt (file-other.rules)
 * 1:24543 <-> DISABLED <-> EXPLOIT-KIT Blackhole admin page inbound access attempt (exploit-kit.rules)
 * 1:24544 <-> DISABLED <-> EXPLOIT-KIT Blackhole admin page outbound access attempt (exploit-kit.rules)
 * 1:24546 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24547 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24548 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24550 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (file-multimedia.rules)
 * 1:24556 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24557 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24558 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24593 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page received - specific structure (exploit-kit.rules)
 * 1:24599 <-> ENABLED <-> FILE-IDENTIFY Alt-N MDaemon IMAP Server (file-identify.rules)
 * 1:24608 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24636 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (exploit-kit.rules)
 * 1:24637 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (exploit-kit.rules)
 * 1:24638 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:24641 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie buffer overflow attempt (file-multimedia.rules)
 * 1:24657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules)
 * 1:24672 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules)
 * 1:24681 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24682 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24683 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24684 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24685 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24695 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules)
 * 1:24699 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24719 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP call state message offhook (protocol-voip.rules)
 * 1:24728 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24771 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:24772 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:24815 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio VSD file icon memory corruption attempt (file-office.rules)
 * 1:24823 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:24839 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:24840 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - JAR redirection (exploit-kit.rules)
 * 1:24904 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24905 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24906 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24907 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup exec_qr command injection attempt (server-oracle.rules)
 * 1:24913 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules)
 * 1:24915 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24997 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24999 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:25000 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:25043 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit url structure detected (exploit-kit.rules)
 * 1:25044 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25051 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit landing page redirection (exploit-kit.rules)
 * 1:25052 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit Java Exploit requested - 3 digit (exploit-kit.rules)
 * 1:25053 <-> DISABLED <-> EXPLOIT-KIT Redkit outbound class retrieval (exploit-kit.rules)
 * 1:25065 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:25066 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:25067 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riler variant outbound connection (malware-cnc.rules)
 * 1:25068 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riler inbound connection (malware-cnc.rules)
 * 1:25232 <-> DISABLED <-> BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (browser-firefox.rules)
 * 1:25233 <-> DISABLED <-> BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (browser-firefox.rules)
 * 1:25246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:25251 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules)
 * 1:25298 <-> DISABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules)
 * 1:25311 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules)
 * 1:25383 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.exe (exploit-kit.rules)
 * 1:25384 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - contacts.exe (exploit-kit.rules)
 * 1:25385 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - calc.exe (exploit-kit.rules)
 * 1:25386 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - about.exe (exploit-kit.rules)
 * 1:25387 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - readme.exe (exploit-kit.rules)
 * 1:25388 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:25389 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25390 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25391 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit obfuscated payload download (exploit-kit.rules)
 * 1:25502 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft GDI EMF malformed file buffer overflow attempt (file-multimedia.rules)
 * 1:25568 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:25569 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page (exploit-kit.rules)
 * 1:25587 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:25588 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader FlateDecode integer overflow attempt (file-pdf.rules)
 * 1:25611 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:25649 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:25797 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules)
 * 1:25800 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit Javascript request (exploit-kit.rules)
 * 1:25802 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit encoded portable executable request (exploit-kit.rules)
 * 1:25856 <-> DISABLED <-> PROTOCOL-TELNET Client env_opt_add Buffer Overflow attempt (protocol-telnet.rules)
 * 1:25969 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (file-office.rules)
 * 1:25972 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit three number PDF Request (exploit-kit.rules)
 * 1:26066 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26067 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26068 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26069 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26089 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio version number anomaly (file-office.rules)
 * 1:26109 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Obji Atom parsing stack buffer overflow attempt (file-multimedia.rules)
 * 1:26174 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:26175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:26227 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:26329 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel format record code execution attempt (file-office.rules)
 * 1:26330 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint TxMasterStyle10Atom atom numLevels buffer overflow attempt (file-office.rules)
 * 1:26337 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26338 <-> ENABLED <-> EXPLOIT-KIT IFRAMEr injection detection - leads to exploit kit (exploit-kit.rules)
 * 1:26339 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval - ff.php (exploit-kit.rules)
 * 1:26341 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:26342 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26343 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:26372 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:26373 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:26421 <-> DISABLED <-> BROWSER-PLUGINS Metalink file download parameter buffer overflow attempt (browser-plugins.rules)
 * 1:26434 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit jar file downloaded (exploit-kit.rules)
 * 1:26453 <-> DISABLED <-> FILE-OFFICE OpenOffice OLE File Stream Buffer Overflow attempt (file-office.rules)
 * 1:26472 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:26473 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26474 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26475 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26476 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26477 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26478 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26508 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.dll (exploit-kit.rules)
 * 1:26535 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26536 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:26599 <-> ENABLED <-> EXPLOIT-KIT Impact/Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26600 <-> ENABLED <-> EXPLOIT-KIT Impact/Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26602 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet name memory corruption attempt (file-office.rules)
 * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:2665 <-> DISABLED <-> PROTOCOL-IMAP login literal format string attempt (protocol-imap.rules)
 * 1:26663 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:26667 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes playlist overflow attempt (file-multimedia.rules)
 * 1:26672 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26676 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:26706 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26707 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26708 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26709 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26710 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26711 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed ftCMO record remote code execution attempt (file-office.rules)
 * 1:26724 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (file-multimedia.rules)
 * 1:26799 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26800 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26801 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26832 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control exploit attempt (file-office.rules)
 * 1:26856 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (file-image.rules)
 * 1:26857 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sRGB overflow attempt (file-image.rules)
 * 1:26858 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (file-image.rules)
 * 1:26859 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (file-image.rules)
 * 1:26861 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (file-image.rules)
 * 1:26862 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sPLT overflow attempt (file-image.rules)
 * 1:26863 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (file-image.rules)
 * 1:26864 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (file-image.rules)
 * 1:26866 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (file-image.rules)
 * 1:26978 <-> DISABLED <-> FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (file-image.rules)
 * 1:27001 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks Remote Management overflow attempt (server-other.rules)
 * 1:27071 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:27072 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:27081 <-> ENABLED <-> EXPLOIT-KIT Nailed exploit kit Internet Explorer exploit download - autopwn (exploit-kit.rules)
 * 1:27082 <-> ENABLED <-> EXPLOIT-KIT Nailed exploit kit flash remote code execution exploit download - autopwn (exploit-kit.rules)
 * 1:27166 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27167 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27168 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27212 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27213 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27214 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27215 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint schemes record buffer overflow (file-office.rules)
 * 1:27216 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint printer record buffer overflow (file-office.rules)
 * 1:27222 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:27243 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirectAction (server-apache.rules)
 * 1:27251 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (file-other.rules)
 * 1:27271 <-> ENABLED <-> EXPLOIT-KIT iFramer toolkit injected iframe detected - specific structure (exploit-kit.rules)
 * 1:27544 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab runtime traffic detected (malware-cnc.rules)
 * 1:27545 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27546 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27547 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27548 <-> ENABLED <-> MALWARE-OTHER Osx.Trojan.Janicab file download attempt (malware-other.rules)
 * 1:27549 <-> ENABLED <-> MALWARE-OTHER Osx.Trojan.Janicab file download attempt (malware-other.rules)
 * 1:27580 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27581 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27584 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27585 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27586 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27587 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27588 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27589 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27590 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27591 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27634 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (file-office.rules)
 * 1:27635 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Record Code Execution attempt (file-office.rules)
 * 1:27671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (file-flash.rules)
 * 1:27695 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27696 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27697 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit successful Java exploit (exploit-kit.rules)
 * 1:27718 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file buffer overflow attempt (os-windows.rules)
 * 1:27719 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (os-windows.rules)
 * 1:27757 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX clsid access (browser-plugins.rules)
 * 1:27758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:27788 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access (browser-plugins.rules)
 * 1:27789 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27790 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27791 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27792 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (browser-plugins.rules)
 * 1:27793 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access (browser-plugins.rules)
 * 1:27798 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27799 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules)
 * 1:27800 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (browser-plugins.rules)
 * 1:27865 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Darkleech exploit kit landing page request (exploit-kit.rules)
 * 1:27881 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Flash Player (exploit-kit.rules)
 * 1:27883 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Oracle Java (exploit-kit.rules)
 * 1:27885 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27886 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27892 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Acrobat Reader (exploit-kit.rules)
 * 1:27893 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27894 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - about.dll (exploit-kit.rules)
 * 1:27895 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.dll (exploit-kit.rules)
 * 1:27896 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - contacts.dll (exploit-kit.rules)
 * 1:27897 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - calc.dll (exploit-kit.rules)
 * 1:27898 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - readme.dll (exploit-kit.rules)
 * 1:27908 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules)
 * 1:27909 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules)
 * 1:27945 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules)
 * 1:27947 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:27948 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:28029 <-> ENABLED <-> EXPLOIT-KIT Magnitude/Popads/Nuclear exploit kit jnlp request (exploit-kit.rules)
 * 1:28108 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Adobe Flash exploit download attempt (exploit-kit.rules)
 * 1:28113 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (file-office.rules)
 * 1:28124 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (file-other.rules)
 * 1:28128 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28130 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28133 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28228 <-> DISABLED <-> SERVER-WEBAPP Microsoft Interactive Training buffer overflow attempt (server-webapp.rules)
 * 1:28236 <-> ENABLED <-> EXPLOIT-KIT Magnitude/Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:28263 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:28311 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28312 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28313 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28314 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28316 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28317 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28318 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28319 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28320 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28321 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28322 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28413 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit embedded redirection attempt (exploit-kit.rules)
 * 1:28428 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit landing page (exploit-kit.rules)
 * 1:28429 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit outbound jnlp download attempt (exploit-kit.rules)
 * 1:28430 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit zip file download (exploit-kit.rules)
 * 1:28440 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file invalid memory allocation exploit attempt (file-office.rules)
 * 1:28441 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28442 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28443 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28482 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Terminator RAT variant outbound connection (malware-cnc.rules)
 * 1:28493 <-> ENABLED <-> MALWARE-CNC DeputyDog diskless method outbound connection (malware-cnc.rules)
 * 1:28612 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28613 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit landing page - specific-structure (exploit-kit.rules)
 * 1:28614 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit landing page (exploit-kit.rules)
 * 1:28616 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit payload download attempt (exploit-kit.rules)
 * 1:28677 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28678 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28686 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28989 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Egobot variant outbound connection (malware-cnc.rules)
 * 1:29032 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MasterPagePackedText structure CharacterFormatArrayOuterHeaderSize buffer overflow (file-office.rules)
 * 1:29033 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MasterPagePackedText structure CharacterFormatArrayOuterHeaderSize buffer overflow (file-office.rules)
 * 1:29066 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit XORed payload download attempt (exploit-kit.rules)
 * 1:29128 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit plugin detection page (exploit-kit.rules)
 * 1:29130 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit malicious payload download attempt (exploit-kit.rules)
 * 1:29264 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtX memory corruption attempt (file-office.rules)
 * 1:29326 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules)
 * 1:29327 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules)
 * 1:29328 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules)
 * 1:29329 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtX memory corruption attempt (file-office.rules)
 * 1:29404 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel country record arbitrary code execution attempt (file-office.rules)
 * 1:29434 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file overread buffer overflow attempt (file-image.rules)
 * 1:29435 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:29436 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:29502 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules)
 * 1:29511 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM jovgraph.exe CGI hostname parameter bugger overflow attempt (server-webapp.rules)
 * 1:29513 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows RAP API NetServerEnum2 long comment buffer overflow attempt (os-windows.rules)
 * 1:29523 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:29528 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 46 integer overflow attempt (server-other.rules)
 * 1:29529 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 47 integer overflow attempt (server-other.rules)
 * 1:29530 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 54 integer overflow attempt (server-other.rules)
 * 1:29531 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 25 integer overflow attempt (server-other.rules)
 * 1:29532 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 81 integer overflow attempt (server-other.rules)
 * 1:29536 <-> DISABLED <-> SERVER-OTHER Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (server-other.rules)
 * 1:29580 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox SVG data processing obfuscated memory corruption attempt (browser-firefox.rules)
 * 1:29581 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:29617 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules)
 * 1:29621 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (netbios.rules)
 * 1:29624 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow attempt (browser-firefox.rules)
 * 1:29625 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow attempt (browser-firefox.rules)
 * 1:29754 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules)
 * 1:29796 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:29797 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:29804 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29805 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29806 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29814 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer null attribute DoS attempt (browser-ie.rules)
 * 1:29936 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - CookieInterceptor (server-apache.rules)
 * 1:29937 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules)
 * 1:29943 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB2 client NetBufferList NULL entry remote code execution attempt (os-windows.rules)
 * 1:30037 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zaleelq variant outbound connection (malware-cnc.rules)
 * 1:30232 <-> DISABLED <-> OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (os-windows.rules)
 * 1:30233 <-> DISABLED <-> OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (os-windows.rules)
 * 1:3066 <-> DISABLED <-> PROTOCOL-IMAP append overflow attempt (protocol-imap.rules)
 * 1:30941 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:30990 <-> ENABLED <-> MALWARE-CNC Shiqiang Gang malicious XLS targeted attack detection (malware-cnc.rules)
 * 1:30991 <-> ENABLED <-> MALWARE-CNC Shiqiang Gang malicious XLS targeted attack detection (malware-cnc.rules)
 * 1:31017 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Adobe Reader Extension race condition attempt (browser-plugins.rules)
 * 1:31018 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Adobe Reader Extension race condition attempt (browser-plugins.rules)
 * 1:31031 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word WordPerfect converter buffer overflow attempt (file-office.rules)
 * 1:31032 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word WordPerfect converter buffer overflow attempt (file-office.rules)
 * 1:31279 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31296 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules)
 * 1:31301 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules)
 * 1:31365 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager remote code execution attempt (server-webapp.rules)
 * 1:31373 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:31374 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Qsir and Qsif record remote code execution attempt (file-office.rules)
 * 1:31420 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:31421 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:31427 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules)
 * 1:31428 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:31434 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Section Table Array Buffer Overflow attempt (file-office.rules)
 * 1:31437 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:31439 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31440 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules)
 * 1:31462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules)
 * 1:31473 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31474 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31475 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31476 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31504 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:31562 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (file-office.rules)
 * 1:31591 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:31592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:31650 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail file execution attempt (server-mail.rules)
 * 1:3171 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:31716 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Otupsys variant outbound connection (malware-cnc.rules)
 * 1:31756 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:31757 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:31758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (browser-plugins.rules)
 * 1:31759 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX clsid access (browser-plugins.rules)
 * 1:31760 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31761 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31762 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31763 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31777 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing announce overflow attempt (file-other.rules)
 * 1:31778 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing comment overflow attempt (file-other.rules)
 * 1:31779 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing name overflow attempt (file-other.rules)
 * 1:31780 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing path overflow attempt (file-other.rules)
 * 1:31843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules)
 * 1:31844 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules)
 * 1:31845 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules)
 * 1:31846 <-> DISABLED <-> POLICY-OTHER HP Universal CMDB default credentials authentication attempt (policy-other.rules)
 * 1:31875 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (file-office.rules)
 * 1:31876 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (file-office.rules)
 * 1:31946 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start arbitrary command execution attempt (file-java.rules)
 * 1:32062 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32063 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32064 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Filter Records Handling Code Execution attempt (file-office.rules)
 * 1:32083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed file format parsing code execution attempt (file-office.rules)
 * 1:32094 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalete Record Memory Corruption attempt (file-office.rules)
 * 1:32095 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (file-office.rules)
 * 1:32122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtWnDesk record memory corruption exploit attempt (file-office.rules)
 * 1:32131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:32132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:32133 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XBM image processing buffer overflow attempt (browser-firefox.rules)
 * 1:32136 <-> DISABLED <-> FILE-OTHER GNU gzip LZH decompression make_table overflow attempt (file-other.rules)
 * 1:32206 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style record overflow attempt (file-office.rules)
 * 1:32223 <-> DISABLED <-> SERVER-OTHER Firebird database invalid state integer overflow attempt (server-other.rules)
 * 1:32224 <-> DISABLED <-> SERVER-OTHER Firebird database invalid state integer overflow attempt (server-other.rules)
 * 1:32365 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (browser-ie.rules)
 * 1:32532 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules)
 * 1:32615 <-> DISABLED <-> OS-WINDOWS Microsoft Windows search protocol remote command injection attempt (os-windows.rules)
 * 1:32625 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DV record buffer overflow attempt (file-office.rules)
 * 1:32629 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:32630 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:32631 <-> DISABLED <-> NETBIOS SMB server response heap overflow attempt (netbios.rules)
 * 1:32642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:32643 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:32786 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:32843 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:32844 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules)
 * 1:32869 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:32870 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:32871 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:33041 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:33043 <-> DISABLED <-> FILE-MULTIMEDIA Multiple media players M3U playlist file handling buffer overflow attempt (file-multimedia.rules)
 * 1:33044 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33045 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access attempt (browser-plugins.rules)
 * 1:33115 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:33116 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:33198 <-> DISABLED <-> OS-WINDOWS Outlook Express WAB file parsing buffer overflow attempt (os-windows.rules)
 * 1:33479 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt (os-windows.rules)
 * 1:33492 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33493 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33494 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33495 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33548 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Access multiple control instantiation memory corruption attempt (browser-plugins.rules)
 * 1:33566 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules)
 * 1:33575 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33576 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33577 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33578 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33579 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33582 <-> DISABLED <-> SERVER-SAMBA Samba WINS Server Name Registration handling stack buffer overflow attempt (server-samba.rules)
 * 1:33584 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:33585 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:33586 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (file-multimedia.rules)
 * 1:33589 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:33590 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:33591 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:33601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:33602 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:33670 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size1 dos attempt (server-other.rules)
 * 1:33671 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size2 dos attempt (server-other.rules)
 * 1:33672 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size3 dos attempt (server-other.rules)
 * 1:33684 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:33740 <-> DISABLED <-> FILE-IMAGE Microsoft emf file download request (file-image.rules)
 * 1:33824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:33827 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:33828 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:33829 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:33979 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:33980 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:34048 <-> DISABLED <-> SERVER-APACHE Apache mod_log_config cookie handling denial of service attempt (server-apache.rules)
 * 1:34055 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34056 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34061 <-> DISABLED <-> SERVER-IIS Microsoft IIS Range header integer overflow attempt (server-iis.rules)
 * 1:34135 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (file-image.rules)
 * 1:34293 <-> DISABLED <-> FILE-IMAGE Microsoft Windows wmf integer overflow attempt (file-image.rules)
 * 1:34294 <-> DISABLED <-> FILE-IMAGE Microsoft Windows wmf integer overflow attempt (file-image.rules)
 * 1:3453 <-> DISABLED <-> SERVER-OTHER Arkeia client backup system info probe (server-other.rules)
 * 1:3454 <-> DISABLED <-> SERVER-OTHER Arkeia client backup generic info probe (server-other.rules)
 * 1:3458 <-> DISABLED <-> SERVER-OTHER Arkeia backup client type 84 overflow attempt (server-other.rules)
 * 1:34632 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes WPD attachment handling buffer overflow attempt (server-mail.rules)
 * 1:3474 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP slot info msg client name overflow (server-other.rules)
 * 1:3475 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP slot info msg client domain overflow (server-other.rules)
 * 1:3476 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9b client domain overflow (server-other.rules)
 * 1:3477 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9b client name overflow (server-other.rules)
 * 1:3478 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9c client domain overflow (server-other.rules)
 * 1:3479 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9c client name overflow (server-other.rules)
 * 1:3480 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP slot info msg client name overflow (server-other.rules)
 * 1:3481 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP slot info msg client domain overflow (server-other.rules)
 * 1:3482 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9b client name overflow (server-other.rules)
 * 1:3483 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9b client domain overflow (server-other.rules)
 * 1:3484 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9c client name overflow (server-other.rules)
 * 1:34847 <-> ENABLED <-> MALWARE-CNC Linux.Trojan.ChinaZ outbound connection (malware-cnc.rules)
 * 1:3485 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9c client domain overflow (server-other.rules)
 * 1:34857 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Fanny outbound connection (malware-cnc.rules)
 * 1:34890 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32ZLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34891 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32Zlib.dll dll-load exploit attempt (file-other.rules)
 * 1:34892 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:34893 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:34894 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34895 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34896 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:34897 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:34898 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:34899 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:34900 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:34901 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:34902 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34903 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34904 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34905 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:34906 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:34907 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34908 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34909 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34910 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34911 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:34912 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:34913 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:34914 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:34915 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro quserex.dll dll-load exploit attempt (netbios.rules)
 * 1:34916 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro u32zlib.dll dll-load exploit attempt (netbios.rules)
 * 1:3521 <-> DISABLED <-> SERVER-OTHER Computer Associates license GCR CHECKSUMS overflow attempt (server-other.rules)
 * 1:3524 <-> DISABLED <-> SERVER-OTHER Computer Associates license invalid GCR CHECKSUMS attempt (server-other.rules)
 * 1:3525 <-> DISABLED <-> SERVER-OTHER Computer Associates license invalid GCR NETWORK attempt (server-other.rules)
 * 1:3529 <-> DISABLED <-> SERVER-OTHER Computer Associates license GETCONFIG client overflow attempt (server-other.rules)
 * 1:3530 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP msg 0x99 client name overflow (server-other.rules)
 * 1:3531 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP msg 0x99 client domain overflow (server-other.rules)
 * 1:3553 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM null DHTML element insertion attempt (browser-ie.rules)
 * 1:35747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:35748 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:35771 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:35772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:3591 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMDeleteObject overflow attempt (os-windows.rules)
 * 1:36363 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS show_rechis cross site scripting attempt (server-webapp.rules)
 * 1:36364 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS index cross site scripting attempt (server-webapp.rules)
 * 1:36365 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS show_rechis cross site scripting attempt (server-webapp.rules)
 * 1:36366 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS index cross site scripting attempt (server-webapp.rules)
 * 1:3637 <-> DISABLED <-> SERVER-OTHER Computer Associates license PUTOLF directory traversal attempt (server-other.rules)
 * 1:36431 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:36432 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:36453 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (browser-ie.rules)
 * 1:36559 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:36560 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:3659 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 1000 buffer overflow attempt (server-other.rules)
 * 1:3660 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 00 little endian buffer overflow attempt (server-other.rules)
 * 1:3661 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 00 buffer overflow attempt (server-other.rules)
 * 1:3662 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 03 little endian buffer overflow attempt (server-other.rules)
 * 1:3663 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 03 buffer overflow attempt (server-other.rules)
 * 1:36644 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:36645 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:36646 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:36772 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Scriptlet Component ActiveX clsid access (browser-plugins.rules)
 * 1:36782 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:36783 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:37029 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37030 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37031 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37032 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37033 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37034 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37035 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37293 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt  (file-office.rules)
 * 1:37294 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt  (file-office.rules)
 * 1:37423 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:37710 <-> ENABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:3822 <-> DISABLED <-> SERVER-WEBAPP RealNetworks RealPlayer realtext long URI request attempt (server-webapp.rules)
 * 1:38576 <-> ENABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38577 <-> ENABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38669 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onpropertychange use-after-free attempt (browser-ie.rules)
 * 1:38670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onpropertychange use-after-free attempt (browser-ie.rules)
 * 1:39601 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39602 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39603 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39604 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39605 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39606 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39607 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39608 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39609 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39610 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39611 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39612 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39613 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39614 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39615 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39616 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39617 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39618 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39619 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39620 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39621 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39622 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39623 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39624 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39625 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39626 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39627 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39628 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39629 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39630 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39631 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39632 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39763 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:39764 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:39870 <-> DISABLED <-> INDICATOR-COMPROMISE Oracle E-Business Suite arbitrary node deletion (indicator-compromise.rules)
 * 1:39875 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt (netbios.rules)
 * 1:40243 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40244 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40245 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40246 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40247 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40248 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:4072 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_DetectResourceConflict attempt (os-windows.rules)
 * 1:41094 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:4129 <-> DISABLED <-> SERVER-OTHER Novell ZenWorks Remote Management Agent large login packet DoS attempt (server-other.rules)
 * 1:4172 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent v1.5 ActiveX clsid access (browser-plugins.rules)
 * 1:41728 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:41729 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:41730 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:41731 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:42440 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42441 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42442 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42443 <-> ENABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42444 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42445 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42446 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:43067 <-> ENABLED <-> PROTOCOL-IMAP IMAP CRAM-MD5 authentication attempt (protocol-imap.rules)
 * 1:43068 <-> DISABLED <-> SERVER-OTHER IBM Lotus Domino IMAP server CRAM-MD5 authentication buffer overflow attempt (server-other.rules)
 * 1:43337 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:43338 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:43606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (browser-plugins.rules)
 * 1:43674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:43675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:43698 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:43699 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:43830 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:43831 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:43989 <-> DISABLED <-> INDICATOR-OBFUSCATION newlines embedded in rtf header (indicator-obfuscation.rules)
 * 1:43990 <-> DISABLED <-> INDICATOR-OBFUSCATION RTF obfuscation string (indicator-obfuscation.rules)
 * 1:44031 <-> DISABLED <-> FILE-OFFICE Powerpoint Viewer malformed msoDrawing property table buffer overflow attempt (file-office.rules)
 * 1:44032 <-> DISABLED <-> FILE-OFFICE Powerpoint Viewer malformed msoDrawing property table buffer overflow attempt (file-office.rules)
 * 1:44035 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:44044 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox invalid watchpoint memory corruption attempt (browser-firefox.rules)
 * 1:44045 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox invalid watchpoint memory corruption attempt (browser-firefox.rules)
 * 1:44046 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44047 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44048 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44049 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44068 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:44069 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:44129 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:44130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:44131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:44132 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:44146 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JSXML integer overflow attempt (browser-firefox.rules)
 * 1:44147 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JSXML integer overflow attempt (browser-firefox.rules)
 * 1:44188 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption attempt (browser-ie.rules)
 * 1:44281 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:44282 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:44283 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:44284 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:44290 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:44296 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:44455 <-> DISABLED <-> FILE-IMAGE Apple PICT Quickdraw image converter packType 4 buffer overflow attempt (file-image.rules)
 * 1:44456 <-> DISABLED <-> FILE-IMAGE Apple PICT Quickdraw image converter packType 4 buffer overflow attempt (file-image.rules)
 * 1:44729 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler buffer overflow attempt (browser-ie.rules)
 * 1:44730 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler buffer overflow attempt (browser-ie.rules)
 * 1:44877 <-> DISABLED <-> SERVER-OTHER  Citrix XenApp and XenDesktop XML service memory corruption attempt (server-other.rules)
 * 1:45142 <-> ENABLED <-> BROWSER-IE Microsoft Edge Array type confusion attempt (browser-ie.rules)
 * 1:45143 <-> ENABLED <-> BROWSER-IE Microsoft Edge Array type confusion attempt (browser-ie.rules)
 * 1:45148 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:45149 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:45154 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:4826 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetRootDeviceInstance attempt (os-windows.rules)
 * 1:4890 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer IAVIStream & IAVIFile Proxy ActiveX object access (browser-plugins.rules)
 * 1:4891 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer cfw Class ActiveX object access (browser-plugins.rules)
 * 1:4892 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MTSEvents Class ActiveX object access (browser-plugins.rules)
 * 1:4893 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Trident HTMLEditor ActiveX object access (browser-plugins.rules)
 * 1:4894 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSEnumVariant ActiveX object access (browser-plugins.rules)
 * 1:4895 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeInfo ActiveX object access (browser-plugins.rules)
 * 1:4896 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeLib ActiveX object access (browser-plugins.rules)
 * 1:4897 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSOAInterface ActiveX object access (browser-plugins.rules)
 * 1:4898 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeComp ActiveX object access (browser-plugins.rules)
 * 1:4900 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Outlook Progress Ctl ActiveX object access (browser-plugins.rules)
 * 1:4901 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR Allocator Presenter 9 ActiveX object access (browser-plugins.rules)
 * 1:4902 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Video Mixing Renderer 9 ActiveX object access (browser-plugins.rules)
 * 1:4903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR ImageSync 9 ActiveX object access (browser-plugins.rules)
 * 1:4904 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Alias ActiveX object access (browser-plugins.rules)
 * 1:4905 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Object ActiveX object access (browser-plugins.rules)
 * 1:4906 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Interface Definition ActiveX object access (browser-plugins.rules)
 * 1:4907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Collection Definition ActiveX object access (browser-plugins.rules)
 * 1:4908 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Method Definition ActiveX object access (browser-plugins.rules)
 * 1:4909 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Property Definition ActiveX object access (browser-plugins.rules)
 * 1:4910 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Relationship Definition ActiveX object access (browser-plugins.rules)
 * 1:4911 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Type Library ActiveX object access (browser-plugins.rules)
 * 1:4912 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Root ActiveX object access (browser-plugins.rules)
 * 1:4913 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Workspace ActiveX object access (browser-plugins.rules)
 * 1:4914 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Script Definition ActiveX object access (browser-plugins.rules)
 * 1:4915 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shortcut Handler ActiveX object access (browser-plugins.rules)
 * 1:4986 <-> DISABLED <-> SERVER-WEBAPP Twiki view rev command injection attempt (server-webapp.rules)
 * 1:4987 <-> DISABLED <-> SERVER-WEBAPP Twiki viewfile rev command injection attempt (server-webapp.rules)
 * 1:5319 <-> DISABLED <-> OS-WINDOWS Microsoft Windows picture and fax viewer wmf arbitrary code execution attempt (os-windows.rules)
 * 1:5485 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:5702 <-> DISABLED <-> PROTOCOL-IMAP subscribe directory traversal attempt (protocol-imap.rules)
 * 1:5705 <-> DISABLED <-> PROTOCOL-IMAP CAPABILITY overflow attempt (protocol-imap.rules)
 * 1:5711 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player zero length bitmap heap overflow attempt (file-image.rules)
 * 1:6405 <-> DISABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager overflow attempt (server-other.rules)
 * 1:6412 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Address Book attachment detected (server-mail.rules)
 * 1:6413 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Address Book Base64 encoded attachment detected (server-mail.rules)
 * 1:6502 <-> DISABLED <-> FILE-IMAGE Mozilla GIF single packet heap overflow - ANIMEXTS1.0 (file-image.rules)
 * 1:6507 <-> DISABLED <-> SERVER-WEBAPP novell edirectory imonitor overflow attempt (server-webapp.rules)
 * 1:6510 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mhtml uri shortcut buffer overflow attempt (browser-ie.rules)
 * 1:6690 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iCCP overflow attempt (file-image.rules)
 * 1:6691 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (file-image.rules)
 * 1:6693 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (file-image.rules)
 * 1:6694 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (file-image.rules)
 * 1:6696 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (file-image.rules)
 * 1:6698 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (file-image.rules)
 * 1:6699 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (file-image.rules)
 * 1:6701 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (file-image.rules)
 * 1:7003 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX function call access (browser-plugins.rules)
 * 1:7028 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:7029 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:7035 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans mailslot heap overflow attempt (os-windows.rules)
 * 1:7036 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode mailslot heap overflow attempt (os-windows.rules)
 * 1:7037 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans mailslot heap overflow attempt (os-windows.rules)
 * 1:7038 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode mailslot heap overflow attempt (os-windows.rules)
 * 1:7039 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7040 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7041 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7042 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7207 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION SQL injection attempt (server-oracle.rules)
 * 1:7208 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_METADATA access attempt (server-oracle.rules)
 * 1:7210 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:7425 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 9x8Resize ActiveX clsid access (browser-plugins.rules)
 * 1:7427 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Allocator Fix ActiveX clsid access (browser-plugins.rules)
 * 1:7429 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Bitmap ActiveX clsid access (browser-plugins.rules)
 * 1:7431 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectFrame.DirectControl.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7433 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectX Transform Wrapper Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:7436 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Dynamic Casts ActiveX function call (browser-plugins.rules)
 * 1:7437 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Frame Eater ActiveX clsid access (browser-plugins.rules)
 * 1:7439 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Help ActiveX clsid access (browser-plugins.rules)
 * 1:7442 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mmAEPlugIn.AEPlugIn.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Mmedia.AsyncMHandler.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Record Queue ActiveX clsid access (browser-plugins.rules)
 * 1:7448 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ShotDetect ActiveX clsid access (browser-plugins.rules)
 * 1:7450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Stetch ActiveX clsid access (browser-plugins.rules)
 * 1:7452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM Color Converter Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7454 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2ae.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7456 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxa.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7458 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxb.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7460 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Audio Analyzer ActiveX clsid access (browser-plugins.rules)
 * 1:7462 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Black Frame Generator ActiveX clsid access (browser-plugins.rules)
 * 1:7464 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7466 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:7468 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DirectX Transform Wrapper ActiveX clsid access (browser-plugins.rules)
 * 1:7470 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DV Extract Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7472 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:7474 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion ActiveX clsid access (browser-plugins.rules)
 * 1:7476 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Import Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7478 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Interlacer ActiveX clsid access (browser-plugins.rules)
 * 1:7480 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Log Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7482 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT MuxDeMux Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7484 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Sample Info Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7486 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen Capture Filter Task Page ActiveX clsid access (browser-plugins.rules)
 * 1:7488 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen capture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7490 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Switch Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7492 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Renderer ActiveX clsid access (browser-plugins.rules)
 * 1:7494 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Source ActiveX clsid access (browser-plugins.rules)
 * 1:7496 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Volume ActiveX clsid access (browser-plugins.rules)
 * 1:7498 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM TV Out Smooth Picture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7500 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM VIH2 Fix ActiveX clsid access (browser-plugins.rules)
 * 1:7862 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsAppExpired ActiveX function call access (browser-plugins.rules)
 * 1:7863 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsOldAppInstalled ActiveX function call access (browser-plugins.rules)
 * 1:7866 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Connection ActiveX clsid access (browser-plugins.rules)
 * 1:7868 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX clsid access (browser-plugins.rules)
 * 1:7870 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Data Source Control 9.0 ActiveX clsid access (browser-plugins.rules)
 * 1:7914 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX clsid access (browser-plugins.rules)
 * 1:7928 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7934 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7938 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7942 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer http Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7944 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer https Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7958 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mk Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7978 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (browser-plugins.rules)
 * 1:7981 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:8060 <-> DISABLED <-> SERVER-OTHER UltraVNC VNCLog buffer overflow (server-other.rules)
 * 1:8377 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8381 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8383 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8385 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8387 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8389 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8405 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ActiveX clsid access (browser-plugins.rules)
 * 1:8409 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8425 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX function call access (browser-plugins.rules)
 * 1:8740 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX function call access (browser-plugins.rules)
 * 1:8846 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Character Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8848 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8850 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8854 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX function call access (browser-plugins.rules)
 * 1:8856 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v1.5 ActiveX function call access (browser-plugins.rules)
 * 1:9131 <-> DISABLED <-> BROWSER-PLUGINS WinZip FileView 6.1 ActiveX function call access (browser-plugins.rules)
 * 1:9132 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwrOpenEnumNdsStubTrees_Any overflow attempt (os-windows.rules)
 * 1:9228 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwGetConnectionInformation overflow attempt (os-windows.rules)
 * 1:9421 <-> ENABLED <-> MALWARE-OTHER zotob attempt (malware-other.rules)
 * 1:9432 <-> DISABLED <-> OS-WINDOWS Microsoft Agent buffer overflow attempt (os-windows.rules)
 * 1:9433 <-> DISABLED <-> OS-WINDOWS Microsoft Agent buffer overflow attempt (os-windows.rules)
 * 1:9441 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath overflow attempt (netbios.rules)
 * 1:9634 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9C remote buffer overflow attempt TCP (server-other.rules)
 * 1:9635 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9B remote buffer overflow attempt UDP (server-other.rules)
 * 1:9636 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9C remote buffer overflow attempt UDP (server-other.rules)
 * 1:9769 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:9848 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vector Markup Language recolorinfo tag numfills parameter buffer overflow attempt (os-windows.rules)

2018-02-01 01:09:42 UTC

Snort Subscriber Rules Update

Date: 2018-01-31

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2990.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:45584 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP SIP servers discovery attempt (protocol-voip.rules)
 * 1:45583 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP SIP servers discovery attempt (protocol-voip.rules)
 * 1:45579 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP subscribe request denial of service attempt (protocol-voip.rules)
 * 1:45588 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45578 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP options request denial of service attempt (protocol-voip.rules)
 * 1:45581 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP options request denial of service attempt (protocol-voip.rules)
 * 1:45587 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45586 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player or Explorer Malformed MIDI File DOS attempt (file-multimedia.rules)
 * 1:45591 <-> DISABLED <-> PROTOCOL-FTP LabF nfsAxe FTP Client buffer overflow attempt (protocol-ftp.rules)
 * 1:45577 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP invite request denial of service attempt (protocol-voip.rules)
 * 1:45585 <-> DISABLED <-> SERVER-WEBAPP PMSotware Simple Web Server connection header buffer overflow attempt (server-webapp.rules)
 * 1:45582 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP subscribe request denial of service attempt (protocol-voip.rules)
 * 1:17663 <-> DISABLED <-> SERVER-OTHER Apple CUPS SGI image decoding buffer overflow attempt (server-other.rules)
 * 1:45576 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (browser-firefox.rules)
 * 1:45580 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP invite request denial of service attempt (protocol-voip.rules)
 * 1:45571 <-> DISABLED <-> SERVER-OTHER Commvault Communications Service command injection attempt (server-other.rules)
 * 1:45589 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45574 <-> ENABLED <-> MALWARE-CNC Win.Trojan.xxmm second stage configuration download attempt (malware-cnc.rules)
 * 1:45590 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 3:45575 <-> ENABLED <-> SERVER-OTHER Cisco ASA VPN aggregateAuthDataHandler double free attempt (server-other.rules)

Modified Rules:


 * 1:32738 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:32842 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:6413 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Address Book Base64 encoded attachment detected (server-mail.rules)
 * 1:6690 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iCCP overflow attempt (file-image.rules)
 * 1:6510 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mhtml uri shortcut buffer overflow attempt (browser-ie.rules)
 * 1:6507 <-> DISABLED <-> SERVER-WEBAPP novell edirectory imonitor overflow attempt (server-webapp.rules)
 * 1:6502 <-> DISABLED <-> FILE-IMAGE Mozilla GIF single packet heap overflow - ANIMEXTS1.0 (file-image.rules)
 * 1:32739 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:33492 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33493 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33566 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules)
 * 1:32754 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX clsid access (browser-plugins.rules)
 * 1:32786 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:33585 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:32843 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:32869 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:33584 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:32870 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:32871 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:33041 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:33043 <-> DISABLED <-> FILE-MULTIMEDIA Multiple media players M3U playlist file handling buffer overflow attempt (file-multimedia.rules)
 * 1:33582 <-> DISABLED <-> SERVER-SAMBA Samba WINS Server Name Registration handling stack buffer overflow attempt (server-samba.rules)
 * 1:33044 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33045 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access attempt (browser-plugins.rules)
 * 1:33115 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:33589 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:33578 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33577 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33576 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33575 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33494 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33671 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size2 dos attempt (server-other.rules)
 * 1:33670 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size1 dos attempt (server-other.rules)
 * 1:33602 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:33601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:33591 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:33590 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:32844 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules)
 * 1:33548 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Access multiple control instantiation memory corruption attempt (browser-plugins.rules)
 * 1:33495 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:33116 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:33198 <-> DISABLED <-> OS-WINDOWS Outlook Express WAB file parsing buffer overflow attempt (os-windows.rules)
 * 1:33479 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt (os-windows.rules)
 * 1:32840 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:33586 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (file-multimedia.rules)
 * 1:34293 <-> DISABLED <-> FILE-IMAGE Microsoft Windows wmf integer overflow attempt (file-image.rules)
 * 1:34135 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (file-image.rules)
 * 1:34061 <-> DISABLED <-> SERVER-IIS Microsoft IIS Range header integer overflow attempt (server-iis.rules)
 * 1:34056 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34055 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34048 <-> DISABLED <-> SERVER-APACHE Apache mod_log_config cookie handling denial of service attempt (server-apache.rules)
 * 1:33980 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:33979 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:33579 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33829 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:33828 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:33827 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:33824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:33740 <-> DISABLED <-> FILE-IMAGE Microsoft emf file download request (file-image.rules)
 * 1:33684 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:33672 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size3 dos attempt (server-other.rules)
 * 1:3484 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9c client name overflow (server-other.rules)
 * 1:3483 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9b client domain overflow (server-other.rules)
 * 1:3482 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9b client name overflow (server-other.rules)
 * 1:3481 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP slot info msg client domain overflow (server-other.rules)
 * 1:3480 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP slot info msg client name overflow (server-other.rules)
 * 1:3479 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9c client name overflow (server-other.rules)
 * 1:3478 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9c client domain overflow (server-other.rules)
 * 1:3477 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9b client name overflow (server-other.rules)
 * 1:3476 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9b client domain overflow (server-other.rules)
 * 1:3475 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP slot info msg client domain overflow (server-other.rules)
 * 1:3474 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP slot info msg client name overflow (server-other.rules)
 * 1:34632 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes WPD attachment handling buffer overflow attempt (server-mail.rules)
 * 1:3458 <-> DISABLED <-> SERVER-OTHER Arkeia backup client type 84 overflow attempt (server-other.rules)
 * 1:3454 <-> DISABLED <-> SERVER-OTHER Arkeia client backup generic info probe (server-other.rules)
 * 1:3453 <-> DISABLED <-> SERVER-OTHER Arkeia client backup system info probe (server-other.rules)
 * 1:34294 <-> DISABLED <-> FILE-IMAGE Microsoft Windows wmf integer overflow attempt (file-image.rules)
 * 1:34857 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Fanny outbound connection (malware-cnc.rules)
 * 1:3485 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9c client domain overflow (server-other.rules)
 * 1:34847 <-> ENABLED <-> MALWARE-CNC Linux.Trojan.ChinaZ outbound connection (malware-cnc.rules)
 * 1:34892 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:34891 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32Zlib.dll dll-load exploit attempt (file-other.rules)
 * 1:34890 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32ZLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34894 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34893 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:34897 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:34896 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:34895 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34899 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:34898 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:34900 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:3530 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP msg 0x99 client name overflow (server-other.rules)
 * 1:3529 <-> DISABLED <-> SERVER-OTHER Computer Associates license GETCONFIG client overflow attempt (server-other.rules)
 * 1:3525 <-> DISABLED <-> SERVER-OTHER Computer Associates license invalid GCR NETWORK attempt (server-other.rules)
 * 1:3524 <-> DISABLED <-> SERVER-OTHER Computer Associates license invalid GCR CHECKSUMS attempt (server-other.rules)
 * 1:3521 <-> DISABLED <-> SERVER-OTHER Computer Associates license GCR CHECKSUMS overflow attempt (server-other.rules)
 * 1:34916 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro u32zlib.dll dll-load exploit attempt (netbios.rules)
 * 1:34915 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro quserex.dll dll-load exploit attempt (netbios.rules)
 * 1:34914 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:34913 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:34912 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:34911 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:34910 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34909 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34908 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34907 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34906 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:34905 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:34904 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34903 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34902 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34901 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:36559 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:36453 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (browser-ie.rules)
 * 1:36432 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:36431 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:3637 <-> DISABLED <-> SERVER-OTHER Computer Associates license PUTOLF directory traversal attempt (server-other.rules)
 * 1:36366 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS index cross site scripting attempt (server-webapp.rules)
 * 1:36365 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS show_rechis cross site scripting attempt (server-webapp.rules)
 * 1:36364 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS index cross site scripting attempt (server-webapp.rules)
 * 1:36363 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS show_rechis cross site scripting attempt (server-webapp.rules)
 * 1:3591 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMDeleteObject overflow attempt (os-windows.rules)
 * 1:35772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:35771 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:35748 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:35747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:3553 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM null DHTML element insertion attempt (browser-ie.rules)
 * 1:3531 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP msg 0x99 client domain overflow (server-other.rules)
 * 1:37294 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt  (file-office.rules)
 * 1:37293 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt  (file-office.rules)
 * 1:37035 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37034 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37033 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37032 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37031 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37030 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:37029 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:36783 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:36782 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:36772 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Scriptlet Component ActiveX clsid access (browser-plugins.rules)
 * 1:36646 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:36645 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:36644 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:3663 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 03 buffer overflow attempt (server-other.rules)
 * 1:3662 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 03 little endian buffer overflow attempt (server-other.rules)
 * 1:3661 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 00 buffer overflow attempt (server-other.rules)
 * 1:3660 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 00 little endian buffer overflow attempt (server-other.rules)
 * 1:3659 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 1000 buffer overflow attempt (server-other.rules)
 * 1:36560 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:39610 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39609 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39608 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39607 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39606 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39605 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39604 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39603 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39602 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39601 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:38670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onpropertychange use-after-free attempt (browser-ie.rules)
 * 1:38669 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onpropertychange use-after-free attempt (browser-ie.rules)
 * 1:38577 <-> ENABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38576 <-> ENABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:3822 <-> DISABLED <-> SERVER-WEBAPP RealNetworks RealPlayer realtext long URI request attempt (server-webapp.rules)
 * 1:37710 <-> ENABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:37423 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:39611 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39612 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39618 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39617 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39616 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39615 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39614 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39613 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39622 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39621 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39620 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39619 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:43337 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:43068 <-> DISABLED <-> SERVER-OTHER IBM Lotus Domino IMAP server CRAM-MD5 authentication buffer overflow attempt (server-other.rules)
 * 1:43067 <-> ENABLED <-> PROTOCOL-IMAP IMAP CRAM-MD5 authentication attempt (protocol-imap.rules)
 * 1:42446 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42445 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42444 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:44031 <-> DISABLED <-> FILE-OFFICE Powerpoint Viewer malformed msoDrawing property table buffer overflow attempt (file-office.rules)
 * 1:44046 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44045 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox invalid watchpoint memory corruption attempt (browser-firefox.rules)
 * 1:44044 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox invalid watchpoint memory corruption attempt (browser-firefox.rules)
 * 1:44035 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:44032 <-> DISABLED <-> FILE-OFFICE Powerpoint Viewer malformed msoDrawing property table buffer overflow attempt (file-office.rules)
 * 1:44048 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44047 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:44129 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:44069 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:44068 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:44049 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:44188 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption attempt (browser-ie.rules)
 * 1:44147 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JSXML integer overflow attempt (browser-firefox.rules)
 * 1:44146 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JSXML integer overflow attempt (browser-firefox.rules)
 * 1:44132 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:44131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:4911 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Type Library ActiveX object access (browser-plugins.rules)
 * 1:4893 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Trident HTMLEditor ActiveX object access (browser-plugins.rules)
 * 1:4892 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MTSEvents Class ActiveX object access (browser-plugins.rules)
 * 1:4891 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer cfw Class ActiveX object access (browser-plugins.rules)
 * 1:4890 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer IAVIStream & IAVIFile Proxy ActiveX object access (browser-plugins.rules)
 * 1:4826 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetRootDeviceInstance attempt (os-windows.rules)
 * 1:45154 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:45149 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:45148 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:45143 <-> ENABLED <-> BROWSER-IE Microsoft Edge Array type confusion attempt (browser-ie.rules)
 * 1:45142 <-> ENABLED <-> BROWSER-IE Microsoft Edge Array type confusion attempt (browser-ie.rules)
 * 1:44877 <-> DISABLED <-> SERVER-OTHER  Citrix XenApp and XenDesktop XML service memory corruption attempt (server-other.rules)
 * 1:44730 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler buffer overflow attempt (browser-ie.rules)
 * 1:44729 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler buffer overflow attempt (browser-ie.rules)
 * 1:44456 <-> DISABLED <-> FILE-IMAGE Apple PICT Quickdraw image converter packType 4 buffer overflow attempt (file-image.rules)
 * 1:44455 <-> DISABLED <-> FILE-IMAGE Apple PICT Quickdraw image converter packType 4 buffer overflow attempt (file-image.rules)
 * 1:44296 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:44290 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:44284 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:44283 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:44282 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:44281 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:4910 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Relationship Definition ActiveX object access (browser-plugins.rules)
 * 1:4909 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Property Definition ActiveX object access (browser-plugins.rules)
 * 1:4908 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Method Definition ActiveX object access (browser-plugins.rules)
 * 1:4907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Collection Definition ActiveX object access (browser-plugins.rules)
 * 1:4906 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Interface Definition ActiveX object access (browser-plugins.rules)
 * 1:4905 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Object ActiveX object access (browser-plugins.rules)
 * 1:4904 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Alias ActiveX object access (browser-plugins.rules)
 * 1:4903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR ImageSync 9 ActiveX object access (browser-plugins.rules)
 * 1:4902 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Video Mixing Renderer 9 ActiveX object access (browser-plugins.rules)
 * 1:4901 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR Allocator Presenter 9 ActiveX object access (browser-plugins.rules)
 * 1:4900 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Outlook Progress Ctl ActiveX object access (browser-plugins.rules)
 * 1:4898 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeComp ActiveX object access (browser-plugins.rules)
 * 1:4897 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSOAInterface ActiveX object access (browser-plugins.rules)
 * 1:4896 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeLib ActiveX object access (browser-plugins.rules)
 * 1:4895 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeInfo ActiveX object access (browser-plugins.rules)
 * 1:4894 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSEnumVariant ActiveX object access (browser-plugins.rules)
 * 1:5319 <-> DISABLED <-> OS-WINDOWS Microsoft Windows picture and fax viewer wmf arbitrary code execution attempt (os-windows.rules)
 * 1:4987 <-> DISABLED <-> SERVER-WEBAPP Twiki viewfile rev command injection attempt (server-webapp.rules)
 * 1:4986 <-> DISABLED <-> SERVER-WEBAPP Twiki view rev command injection attempt (server-webapp.rules)
 * 1:4915 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shortcut Handler ActiveX object access (browser-plugins.rules)
 * 1:4914 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Script Definition ActiveX object access (browser-plugins.rules)
 * 1:4913 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Workspace ActiveX object access (browser-plugins.rules)
 * 1:4912 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Root ActiveX object access (browser-plugins.rules)
 * 1:5711 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player zero length bitmap heap overflow attempt (file-image.rules)
 * 1:5705 <-> DISABLED <-> PROTOCOL-IMAP CAPABILITY overflow attempt (protocol-imap.rules)
 * 1:5702 <-> DISABLED <-> PROTOCOL-IMAP subscribe directory traversal attempt (protocol-imap.rules)
 * 1:5485 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:6405 <-> DISABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager overflow attempt (server-other.rules)
 * 1:6412 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Address Book attachment detected (server-mail.rules)
 * 1:39623 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39628 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39627 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39626 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39625 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39624 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39632 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39631 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39630 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39629 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39763 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:42443 <-> ENABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42442 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42441 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:42440 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:41731 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:41730 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:41729 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:41728 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:4172 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent v1.5 ActiveX clsid access (browser-plugins.rules)
 * 1:4129 <-> DISABLED <-> SERVER-OTHER Novell ZenWorks Remote Management Agent large login packet DoS attempt (server-other.rules)
 * 1:41094 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:4072 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_DetectResourceConflict attempt (os-windows.rules)
 * 1:40248 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40247 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40246 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40245 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40244 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:40243 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:39875 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt (netbios.rules)
 * 1:39870 <-> DISABLED <-> INDICATOR-COMPROMISE Oracle E-Business Suite arbitrary node deletion (indicator-compromise.rules)
 * 1:39764 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:43990 <-> DISABLED <-> INDICATOR-OBFUSCATION RTF obfuscation string (indicator-obfuscation.rules)
 * 1:43989 <-> DISABLED <-> INDICATOR-OBFUSCATION newlines embedded in rtf header (indicator-obfuscation.rules)
 * 1:43831 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:43830 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:43699 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:43698 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:43675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:43674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:43606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (browser-plugins.rules)
 * 1:43338 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:6694 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (file-image.rules)
 * 1:6693 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (file-image.rules)
 * 1:6691 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (file-image.rules)
 * 1:7207 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION SQL injection attempt (server-oracle.rules)
 * 1:7042 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7041 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7040 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7039 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7038 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode mailslot heap overflow attempt (os-windows.rules)
 * 1:7037 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans mailslot heap overflow attempt (os-windows.rules)
 * 1:7036 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode mailslot heap overflow attempt (os-windows.rules)
 * 1:7035 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans mailslot heap overflow attempt (os-windows.rules)
 * 1:7029 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:7028 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:7003 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX function call access (browser-plugins.rules)
 * 1:6701 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (file-image.rules)
 * 1:6699 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (file-image.rules)
 * 1:6698 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (file-image.rules)
 * 1:6696 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (file-image.rules)
 * 1:7208 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_METADATA access attempt (server-oracle.rules)
 * 1:7210 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:7425 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 9x8Resize ActiveX clsid access (browser-plugins.rules)
 * 1:7431 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectFrame.DirectControl.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7427 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Allocator Fix ActiveX clsid access (browser-plugins.rules)
 * 1:7429 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Bitmap ActiveX clsid access (browser-plugins.rules)
 * 1:7436 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Dynamic Casts ActiveX function call (browser-plugins.rules)
 * 1:7433 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectX Transform Wrapper Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:7442 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mmAEPlugIn.AEPlugIn.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7437 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Frame Eater ActiveX clsid access (browser-plugins.rules)
 * 1:7439 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Help ActiveX clsid access (browser-plugins.rules)
 * 1:7444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Mmedia.AsyncMHandler.1 ActiveX clsid access (browser-plugins.rules)
 * 1:7446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Record Queue ActiveX clsid access (browser-plugins.rules)
 * 1:7448 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ShotDetect ActiveX clsid access (browser-plugins.rules)
 * 1:7450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Stetch ActiveX clsid access (browser-plugins.rules)
 * 1:7452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM Color Converter Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7454 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2ae.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7456 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxa.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7458 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxb.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7460 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Audio Analyzer ActiveX clsid access (browser-plugins.rules)
 * 1:7462 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Black Frame Generator ActiveX clsid access (browser-plugins.rules)
 * 1:7464 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7466 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:7468 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DirectX Transform Wrapper ActiveX clsid access (browser-plugins.rules)
 * 1:7470 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DV Extract Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7472 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:7474 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion ActiveX clsid access (browser-plugins.rules)
 * 1:7476 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Import Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7478 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Interlacer ActiveX clsid access (browser-plugins.rules)
 * 1:7480 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Log Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7482 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT MuxDeMux Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7484 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Sample Info Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7486 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen Capture Filter Task Page ActiveX clsid access (browser-plugins.rules)
 * 1:7488 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen capture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7490 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Switch Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7492 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Renderer ActiveX clsid access (browser-plugins.rules)
 * 1:7494 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Source ActiveX clsid access (browser-plugins.rules)
 * 1:7496 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Volume ActiveX clsid access (browser-plugins.rules)
 * 1:7498 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM TV Out Smooth Picture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7500 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM VIH2 Fix ActiveX clsid access (browser-plugins.rules)
 * 1:7862 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsAppExpired ActiveX function call access (browser-plugins.rules)
 * 1:7863 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsOldAppInstalled ActiveX function call access (browser-plugins.rules)
 * 1:7866 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Connection ActiveX clsid access (browser-plugins.rules)
 * 1:7868 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX clsid access (browser-plugins.rules)
 * 1:7870 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Data Source Control 9.0 ActiveX clsid access (browser-plugins.rules)
 * 1:7914 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX clsid access (browser-plugins.rules)
 * 1:7928 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7934 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7938 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7942 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer http Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7944 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer https Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7958 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mk Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7978 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (browser-plugins.rules)
 * 1:7981 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:8060 <-> DISABLED <-> SERVER-OTHER UltraVNC VNCLog buffer overflow (server-other.rules)
 * 1:8377 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8381 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8383 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8385 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8387 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8389 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8405 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ActiveX clsid access (browser-plugins.rules)
 * 1:8409 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8425 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX function call access (browser-plugins.rules)
 * 1:8740 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX function call access (browser-plugins.rules)
 * 1:8846 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Character Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8848 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8850 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8854 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX function call access (browser-plugins.rules)
 * 1:8856 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v1.5 ActiveX function call access (browser-plugins.rules)
 * 1:9131 <-> DISABLED <-> BROWSER-PLUGINS WinZip FileView 6.1 ActiveX function call access (browser-plugins.rules)
 * 1:9132 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwrOpenEnumNdsStubTrees_Any overflow attempt (os-windows.rules)
 * 1:9228 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwGetConnectionInformation overflow attempt (os-windows.rules)
 * 1:9421 <-> ENABLED <-> MALWARE-OTHER zotob attempt (malware-other.rules)
 * 1:9432 <-> DISABLED <-> OS-WINDOWS Microsoft Agent buffer overflow attempt (os-windows.rules)
 * 1:9433 <-> DISABLED <-> OS-WINDOWS Microsoft Agent buffer overflow attempt (os-windows.rules)
 * 1:9441 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath overflow attempt (netbios.rules)
 * 1:9634 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9C remote buffer overflow attempt TCP (server-other.rules)
 * 1:9635 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9B remote buffer overflow attempt UDP (server-other.rules)
 * 1:9636 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9C remote buffer overflow attempt UDP (server-other.rules)
 * 1:9769 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:9848 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vector Markup Language recolorinfo tag numfills parameter buffer overflow attempt (os-windows.rules)
 * 1:10062 <-> DISABLED <-> FILE-IMAGE Oracle Java Virtual Machine malformed GIF buffer overflow attempt (file-image.rules)
 * 1:10063 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox query interface suspicious function call access attempt (browser-firefox.rules)
 * 1:10087 <-> DISABLED <-> SERVER-OTHER VNC password request buffer overflow attempt (server-other.rules)
 * 1:10188 <-> DISABLED <-> PROTOCOL-FTP Ipswitch Ws_ftp XMD5 overflow attempt (protocol-ftp.rules)
 * 1:10390 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX clsid access (browser-plugins.rules)
 * 1:10392 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX function call access (browser-plugins.rules)
 * 1:10395 <-> DISABLED <-> BROWSER-PLUGINS Symantec SupportSoft SmartIssue ActiveX function call access (browser-plugins.rules)
 * 1:10603 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP dns R_DnssrvUpdateRecord2 overflow attempt (os-windows.rules)
 * 1:11186 <-> DISABLED <-> SERVER-OTHER CA eTrust key handling dos (password -- server-other.rules)
 * 1:11196 <-> DISABLED <-> SERVER-OTHER MaxDB WebDBM get buffer overflow (server-other.rules)
 * 1:11257 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (browser-ie.rules)
 * 1:11324 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor 3 ActiveX function call access (browser-plugins.rules)
 * 1:11443 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt (netbios.rules)
 * 1:11823 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX clsid unicode access (browser-plugins.rules)
 * 1:11824 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call access (browser-plugins.rules)
 * 1:11825 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call unicode access (browser-plugins.rules)
 * 1:11828 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Voice Control ActiveX function call access (browser-plugins.rules)
 * 1:11832 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Direct Speech Recognition ActiveX function call access (browser-plugins.rules)
 * 1:11837 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail file execution attempt (server-mail.rules)
 * 1:12064 <-> DISABLED <-> SERVER-IIS w3svc _vti_bin null pointer dereference attempt (server-iis.rules)
 * 1:12079 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12114 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12115 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12195 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Widgets Engine ActiveX function call access (browser-plugins.rules)
 * 1:12197 <-> DISABLED <-> SERVER-OTHER CA message queuing server buffer overflow attempt (server-other.rules)
 * 1:12205 <-> DISABLED <-> BROWSER-PLUGINS VMWare Vielib.dll ActiveX function call access (browser-plugins.rules)
 * 1:12212 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail literal search date command buffer overflow attempt (server-mail.rules)
 * 1:12217 <-> DISABLED <-> SERVER-OTHER Borland interbase string length buffer overflow attempt (server-other.rules)
 * 1:12261 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX clsid access (browser-plugins.rules)
 * 1:12263 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX function call access (browser-plugins.rules)
 * 1:12265 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX clsid access (browser-plugins.rules)
 * 1:12267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX function call access (browser-plugins.rules)
 * 1:12270 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TLIApplication ActiveX function call (browser-plugins.rules)
 * 1:12273 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid access (browser-plugins.rules)
 * 1:12275 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX function call access (browser-plugins.rules)
 * 1:12277 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS memory corruption exploit (browser-ie.rules)
 * 1:12281 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (browser-ie.rules)
 * 1:12282 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (browser-ie.rules)
 * 1:12332 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _TakeActionOnAFile attempt (netbios.rules)
 * 1:12341 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_a0030 attempt (netbios.rules)
 * 1:12444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX clsid access (browser-plugins.rules)
 * 1:12446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX function call access (browser-plugins.rules)
 * 1:12450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent Control ActiveX function call access (browser-plugins.rules)
 * 1:12452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent File Provider ActiveX clsid access (browser-plugins.rules)
 * 1:12463 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Visual Studio Crystal Reports RPT file handling buffer overflow attempt (os-windows.rules)
 * 1:12595 <-> DISABLED <-> SERVER-IIS malicious ASP file upload attempt (server-iis.rules)
 * 1:12612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX clsid access (browser-plugins.rules)
 * 1:12616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access attempt (browser-plugins.rules)
 * 1:12631 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging small offset malformed jpeg tables (os-windows.rules)
 * 1:12632 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging large offset malformed jpeg tables (os-windows.rules)
 * 1:12634 <-> DISABLED <-> FILE-IMAGE Microsoft Windows 2000 Kodak Imaging large offset malformed tiff 2 (file-image.rules)
 * 1:12642 <-> DISABLED <-> OS-WINDOWS RPC NTLMSSP malformed credentials (os-windows.rules)
 * 1:12643 <-> DISABLED <-> OS-WINDOWS Microsoft Windows URI External handler arbitrary command attempt (os-windows.rules)
 * 1:12664 <-> DISABLED <-> BROWSER-IE Microsoft Windows ShellExecute and Internet Explorer 7 url handling code execution attempt (browser-ie.rules)
 * 1:12687 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:12731 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX function call access (browser-plugins.rules)
 * 1:12742 <-> DISABLED <-> SERVER-OTHER Apple Quicktime UDP RTSP sdp type buffer overflow attempt (server-other.rules)
 * 1:12768 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules)
 * 1:12775 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer obfuscated Ierpplug.dll ActiveX exploit attempt (browser-plugins.rules)
 * 1:12780 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access attempt (browser-plugins.rules)
 * 1:12782 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access attempt (browser-plugins.rules)
 * 1:12985 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt (netbios.rules)
 * 1:13158 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format interchange data integer overflow attempt (file-multimedia.rules)
 * 1:13159 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format audio error masking integer overflow attempt (file-multimedia.rules)
 * 1:13160 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming audio spread error correction data length integer overflow attempt (file-multimedia.rules)
 * 1:13162 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (netbios.rules)
 * 1:13216 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX function call access (browser-plugins.rules)
 * 1:13222 <-> DISABLED <-> SERVER-OTHER Motorola Timbuktu crafted login request buffer overflow attempt (server-other.rules)
 * 1:13226 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar YShortcut ActiveX function call access (browser-plugins.rules)
 * 1:13269 <-> DISABLED <-> OS-WINDOWS Multiple product nntp uri handling code execution attempt (os-windows.rules)
 * 1:13270 <-> DISABLED <-> OS-WINDOWS Multiple product news uri handling code execution attempt (os-windows.rules)
 * 1:13271 <-> DISABLED <-> OS-WINDOWS Multiple product telnet uri handling code execution attempt (os-windows.rules)
 * 1:13272 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:13298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX function call access (browser-plugins.rules)
 * 1:13305 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX function call access (browser-plugins.rules)
 * 1:13316 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing ART buffer overflow attempt (file-multimedia.rules)
 * 1:13318 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cmt buffer overflow attempt (file-multimedia.rules)
 * 1:13319 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing des buffer overflow attempt (file-multimedia.rules)
 * 1:13320 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cpy buffer overflow attempt (file-multimedia.rules)
 * 1:13323 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX function call access (browser-plugins.rules)
 * 1:13421 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX function call access (browser-plugins.rules)
 * 1:13430 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13432 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX function call access (browser-plugins.rules)
 * 1:13434 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13436 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13438 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (browser-plugins.rules)
 * 1:13440 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (browser-plugins.rules)
 * 1:13442 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13444 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13448 <-> DISABLED <-> OS-WINDOWS Microsoft Windows vbscript/jscript scripting engine begin buffer overflow attempt (os-windows.rules)
 * 1:13453 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid access (browser-ie.rules)
 * 1:13454 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid unicode access (browser-ie.rules)
 * 1:13456 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX function call unicode access (browser-ie.rules)
 * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox streaming malicious metadata (server-other.rules)
 * 1:13541 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX function call access (browser-plugins.rules)
 * 1:13554 <-> DISABLED <-> SERVER-OTHER Sybase SQL Anywhere Mobilink version string buffer overflow (server-other.rules)
 * 1:13555 <-> DISABLED <-> SERVER-OTHER Sybase SQL Anywhere Mobilink remoteID string buffer overflow (server-other.rules)
 * 1:13580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components remote code execution attempt ActiveX clsid access (browser-plugins.rules)
 * 1:13583 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file download request (file-identify.rules)
 * 1:13584 <-> ENABLED <-> FILE-IDENTIFY CSV file download request (file-identify.rules)
 * 1:13585 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:13591 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan CGI password decryption buffer overflow attempt (server-webapp.rules)
 * 1:13605 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:13607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX clsid access (browser-plugins.rules)
 * 1:13609 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX function call access (browser-plugins.rules)
 * 1:13623 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX function call access (browser-plugins.rules)
 * 1:13629 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:13630 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:13633 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:13668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX clsid access (browser-plugins.rules)
 * 1:13670 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX function call access (browser-plugins.rules)
 * 1:13674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control 2 ActiveX function call access (browser-plugins.rules)
 * 1:13699 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:13720 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 3 ActiveX clsid access (browser-plugins.rules)
 * 1:13722 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 4 ActiveX clsid access (browser-plugins.rules)
 * 1:13724 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 5 ActiveX clsid access (browser-plugins.rules)
 * 1:13726 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 6 ActiveX clsid access (browser-plugins.rules)
 * 1:13728 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 7 ActiveX clsid access (browser-plugins.rules)
 * 1:13730 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 8 ActiveX clsid access (browser-plugins.rules)
 * 1:13732 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 9 ActiveX clsid access (browser-plugins.rules)
 * 1:13736 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 11 ActiveX clsid access (browser-plugins.rules)
 * 1:13738 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 12 ActiveX clsid access (browser-plugins.rules)
 * 1:13740 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 13 ActiveX clsid access (browser-plugins.rules)
 * 1:13742 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 14 ActiveX clsid access (browser-plugins.rules)
 * 1:13744 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 15 ActiveX clsid access (browser-plugins.rules)
 * 1:13746 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 16 ActiveX clsid access (browser-plugins.rules)
 * 1:13748 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 17 ActiveX clsid access (browser-plugins.rules)
 * 1:13750 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 18 ActiveX clsid access (browser-plugins.rules)
 * 1:13752 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 19 ActiveX clsid access (browser-plugins.rules)
 * 1:13754 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 20 ActiveX clsid access (browser-plugins.rules)
 * 1:13756 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 21 ActiveX clsid access (browser-plugins.rules)
 * 1:13804 <-> DISABLED <-> SERVER-OTHER Borland Software InterBase ibserver.exe Service Attach Request buffer overflow attempt (server-other.rules)
 * 1:13821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13823 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX SAMI file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:13824 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (file-multimedia.rules)
 * 1:13888 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13889 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13890 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13891 <-> DISABLED <-> SERVER-MSSQL Memory page overwrite attempt  (server-mssql.rules)
 * 1:13892 <-> DISABLED <-> SERVER-MSSQL Convert function style overwrite  (server-mssql.rules)
 * 1:13903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13912 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer isComponentInstalled attack attempt (browser-ie.rules)
 * 1:13918 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13922 <-> DISABLED <-> SERVER-IIS Microsoft IIS HTMLEncode Unicode string buffer overflow  (server-iis.rules)
 * 1:13948 <-> DISABLED <-> PROTOCOL-DNS large number of NXDOMAIN replies - possible DNS cache poisoning (protocol-dns.rules)
 * 1:13960 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (browser-ie.rules)
 * 1:13963 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (browser-ie.rules)
 * 1:13964 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption attempt (browser-ie.rules)
 * 1:14023 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:14027 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14029 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:14031 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14040 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt (server-other.rules)
 * 1:14041 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt - 2 (server-other.rules)
 * 1:14042 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer General Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:14044 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX function call access (browser-plugins.rules)
 * 1:14046 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14048 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14050 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14052 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX function call access (browser-plugins.rules)
 * 1:14257 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (browser-plugins.rules)
 * 1:14607 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:14613 <-> DISABLED <-> BROWSER-PLUGINS VMWare VMCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft RSClientPrint ActiveX clsid access (browser-plugins.rules)
 * 1:14647 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search Search filename size integer underflow attempt (os-windows.rules)
 * 1:14648 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14650 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14651 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14652 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14653 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14654 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14726 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt (os-windows.rules)
 * 1:14758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX function call access (browser-plugins.rules)
 * 1:14762 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX function call access (browser-plugins.rules)
 * 1:14765 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service Agent ActiveX function call (browser-plugins.rules)
 * 1:14773 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer handshake buffer overflow attempt (server-other.rules)
 * 1:14783 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (os-windows.rules)
 * 1:14896 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB v4 srvsvc NetrpPathCononicalize unicode path cononicalization stack overflow attempt (os-windows.rules)
 * 1:14897 <-> DISABLED <-> BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX function call access (browser-plugins.rules)
 * 1:14988 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt (netbios.rules)
 * 1:14990 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory SOAP Accept Charset header overflow attempt (server-webapp.rules)
 * 1:15012 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML DLL memory corruption attempt (browser-ie.rules)
 * 1:15084 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX clsid access (browser-plugins.rules)
 * 1:15086 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX function call access (browser-plugins.rules)
 * 1:15096 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15102 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:15109 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15112 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX function call access (browser-plugins.rules)
 * 1:15146 <-> DISABLED <-> SERVER-OTHER Apple CUPS RGB+Alpha PNG filter overly large image height integer overflow attempt (server-other.rules)
 * 1:15186 <-> DISABLED <-> SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (server-other.rules)
 * 1:15191 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox animated PNG processing integer overflow (browser-firefox.rules)
 * 1:15197 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15198 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode param_count underflow attempt (os-windows.rules)
 * 1:15199 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15200 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15201 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15202 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15203 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15204 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15205 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15207 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15208 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15209 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15210 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15211 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15212 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15213 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15214 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15215 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15216 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15217 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15218 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15219 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15221 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode param_count underflow attempt (os-windows.rules)
 * 1:15224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15245 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX function call access (browser-plugins.rules)
 * 1:15256 <-> DISABLED <-> SERVER-ORACLE BPEL process manager XSS injection attempt (server-oracle.rules)
 * 1:15257 <-> DISABLED <-> SERVER-ORACLE Secure Backup common.php variable based command injection attempt (server-oracle.rules)
 * 1:15268 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode ActiveX function call access (browser-plugins.rules)
 * 1:15299 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (file-office.rules)
 * 1:15303 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Malformed IconBitsComponent arbitrary code execution attempt (file-office.rules)
 * 1:15313 <-> DISABLED <-> BROWSER-PLUGINS Research In Motion AxLoader ActiveX function call access (browser-plugins.rules)
 * 1:15358 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:15422 <-> DISABLED <-> SERVER-OTHER Sun One web proxy server overflow attempt (server-other.rules)
 * 1:15430 <-> DISABLED <-> FILE-OTHER Microsoft EMF+ GpFont.SetData buffer overflow attempt (file-other.rules)
 * 1:15455 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office Text Converters XST parsing buffer overflow attempt (file-office.rules)
 * 1:15457 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (os-windows.rules)
 * 1:15459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted/unitialized object memory corruption attempt (browser-ie.rules)
 * 1:15460 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ActiveX load/unload race condition attempt (browser-ie.rules)
 * 1:15468 <-> ENABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:15479 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP Request Proxy-Require header heap buffer overflow attempt (server-other.rules)
 * 1:15482 <-> DISABLED <-> SERVER-OTHER Oracle Java System sockd authentication buffer overflow attempt (server-other.rules)
 * 1:15508 <-> DISABLED <-> SERVER-OTHER DCERPC NCADG-IP-UDP lsarpc LsarLookupSids translated_names overflow attempt (server-other.rules)
 * 1:15523 <-> DISABLED <-> OS-WINDOWS Microsoft Windows srvsvc NetrShareEnum netname overflow attempt (os-windows.rules)
 * 1:15524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15526 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:15529 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain navigation cookie stealing attempt (browser-ie.rules)
 * 1:15554 <-> DISABLED <-> SERVER-ORACLE Application Server 10g OPMN service format string vulnerability exploit attempt (server-oracle.rules)
 * 1:15588 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15590 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 10 ActiveX clsid access (browser-plugins.rules)
 * 1:15592 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 11 ActiveX clsid access (browser-plugins.rules)
 * 1:15594 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 12 ActiveX clsid access (browser-plugins.rules)
 * 1:15596 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 13 ActiveX clsid access (browser-plugins.rules)
 * 1:15598 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 14 ActiveX clsid access (browser-plugins.rules)
 * 1:15600 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 15 ActiveX clsid access (browser-plugins.rules)
 * 1:15602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 16 ActiveX clsid access (browser-plugins.rules)
 * 1:15604 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 17 ActiveX clsid access (browser-plugins.rules)
 * 1:15606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 18 ActiveX clsid access (browser-plugins.rules)
 * 1:15608 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 19 ActiveX clsid access (browser-plugins.rules)
 * 1:15610 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 20 ActiveX clsid access (browser-plugins.rules)
 * 1:15614 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 21 ActiveX clsid access (browser-plugins.rules)
 * 1:15616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 22 ActiveX clsid access (browser-plugins.rules)
 * 1:15618 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 23 ActiveX clsid access (browser-plugins.rules)
 * 1:15620 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 24 ActiveX clsid access (browser-plugins.rules)
 * 1:15622 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 25 ActiveX clsid access (browser-plugins.rules)
 * 1:15624 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 26 ActiveX clsid access (browser-plugins.rules)
 * 1:15626 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 27 ActiveX clsid access (browser-plugins.rules)
 * 1:15628 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 28 ActiveX clsid access (browser-plugins.rules)
 * 1:15630 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 29 ActiveX clsid access (browser-plugins.rules)
 * 1:15632 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 3 ActiveX clsid access (browser-plugins.rules)
 * 1:15634 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 30 ActiveX clsid access (browser-plugins.rules)
 * 1:15636 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 31 ActiveX clsid access (browser-plugins.rules)
 * 1:15640 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 33 ActiveX clsid access (browser-plugins.rules)
 * 1:15642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 34 ActiveX clsid access (browser-plugins.rules)
 * 1:15644 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 35 ActiveX clsid access (browser-plugins.rules)
 * 1:15646 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 36 ActiveX clsid access (browser-plugins.rules)
 * 1:15648 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 37 ActiveX clsid access (browser-plugins.rules)
 * 1:15650 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 38 ActiveX clsid access (browser-plugins.rules)
 * 1:15652 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 39 ActiveX clsid access (browser-plugins.rules)
 * 1:15654 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 4 ActiveX clsid access (browser-plugins.rules)
 * 1:15656 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 40 ActiveX clsid access (browser-plugins.rules)
 * 1:15658 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 41 ActiveX clsid access (browser-plugins.rules)
 * 1:15660 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 42 ActiveX clsid access (browser-plugins.rules)
 * 1:15662 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 43 ActiveX clsid access (browser-plugins.rules)
 * 1:15664 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 44 ActiveX clsid access (browser-plugins.rules)
 * 1:15666 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 45 ActiveX clsid access (browser-plugins.rules)
 * 1:15668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 5 ActiveX clsid access (browser-plugins.rules)
 * 1:15671 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX function call (browser-plugins.rules)
 * 1:15674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 8 ActiveX clsid access (browser-plugins.rules)
 * 1:15676 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 9 ActiveX clsid access (browser-plugins.rules)
 * 1:15678 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:15679 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (browser-plugins.rules)
 * 1:15684 <-> DISABLED <-> OS-WINDOWS Multiple product snews uri handling code execution attempt (os-windows.rules)
 * 1:15687 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 10 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15689 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:15691 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15695 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (file-other.rules)
 * 1:15703 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15704 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMSS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15705 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PCAST protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15706 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes DAAP protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15849 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (os-windows.rules)
 * 1:15852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components Datasource ActiveX clsid access (browser-plugins.rules)
 * 1:15855 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (browser-plugins.rules)
 * 1:15881 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters Name Field attempt (netbios.rules)
 * 1:15894 <-> DISABLED <-> OS-WINDOWS Microsoft Color Management Module remote code execution attempt (os-windows.rules)
 * 1:15907 <-> DISABLED <-> OS-LINUX Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (os-linux.rules)
 * 1:15911 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt (netbios.rules)
 * 1:15924 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:15943 <-> DISABLED <-> SERVER-OTHER CA Multiple Products Console Server login credentials handling overflow attempt (server-other.rules)
 * 1:15949 <-> DISABLED <-> FILE-OTHER McAfee LHA file handling overflow attempt (file-other.rules)
 * 1:15952 <-> DISABLED <-> SERVER-MYSQL create function libc arbitrary code execution attempt (server-mysql.rules)
 * 1:15992 <-> DISABLED <-> FILE-OTHER Trend Micro Products Antivirus Library overflow attempt (file-other.rules)
 * 1:16002 <-> DISABLED <-> FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (file-other.rules)
 * 1:16003 <-> DISABLED <-> FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (file-other.rules)
 * 1:16023 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Vista Windows mail file execution attempt (file-executable.rules)
 * 1:16024 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (browser-firefox.rules)
 * 1:16034 <-> DISABLED <-> SERVER-SAMBA Samba spools RPC smb_io_notify_option_type_data request handling buffer overflow attempt (server-samba.rules)
 * 1:16043 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html tag memory corruption attempt (browser-ie.rules)
 * 1:16050 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (browser-firefox.rules)
 * 1:16068 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music Jukebox ActiveX exploit (browser-plugins.rules)
 * 1:16073 <-> DISABLED <-> OS-WINDOWS MS-SQL convert function unicode overflow (os-windows.rules)
 * 1:16074 <-> DISABLED <-> SQL Suspicious SQL ansi_padding option (sql.rules)
 * 1:16191 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration server authentication bypass attempt - via GET (server-oracle.rules)
 * 1:16193 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent SMTP AUTH LOGIN command buffer overflow attempt (server-mail.rules)
 * 1:16194 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory HTTP request content-length heap buffer overflow attempt (server-webapp.rules)
 * 1:16198 <-> DISABLED <-> SERVER-APACHE Apache mod_auth_pgsql module logging facility format string exploit attempt (server-apache.rules)
 * 1:16296 <-> DISABLED <-> FILE-OTHER Kaspersky antivirus library heap buffer overflow - with optional fields (file-other.rules)
 * 1:16364 <-> DISABLED <-> SERVER-OTHER IBM DB2 database server SQLSTT denial of service attempt (server-other.rules)
 * 1:16432 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:16521 <-> DISABLED <-> SERVER-OTHER Squid Proxy http version number overflow attempt (server-other.rules)
 * 1:16578 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder 9 ActiveX buffer overflow attempt (os-windows.rules)
 * 1:16588 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX clsid access (browser-plugins.rules)
 * 1:16602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow 3 ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:16607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX control access attempt (browser-plugins.rules)
 * 1:16610 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (browser-plugins.rules)
 * 1:16679 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDIplus integer overflow attempt (os-windows.rules)
 * 1:16690 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:16748 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX function call access (browser-plugins.rules)
 * 1:16751 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16762 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX andx attempt (netbios.rules)
 * 1:16764 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX unicode andx attempt (netbios.rules)
 * 1:16766 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow andx attempt (netbios.rules)
 * 1:16777 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16778 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16786 <-> DISABLED <-> FILE-OFFICE Microsoft Office Web Components Spreadsheet ActiveX buffer overflow attempt (file-office.rules)
 * 1:16798 <-> DISABLED <-> FILE-OTHER Orbit Downloader long URL buffer overflow attempt (file-other.rules)
 * 1:17050 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration Server authentication bypass attempt (server-webapp.rules)
 * 1:17052 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17053 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17054 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17213 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (browser-firefox.rules)
 * 1:17220 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17221 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17222 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17226 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX initialization via script (browser-plugins.rules)
 * 1:17228 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player skin decompression code execution attempt (os-windows.rules)
 * 1:17262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17269 <-> DISABLED <-> PROTOCOL-TELNET Client env_opt_add Buffer Overflow attempt (protocol-telnet.rules)
 * 1:17272 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer AVI parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17280 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (server-webapp.rules)
 * 1:17313 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17348 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17349 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17370 <-> ENABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17374 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:17379 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (browser-firefox.rules)
 * 1:17384 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17385 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17386 <-> DISABLED <-> SERVER-WEBAPP Lighttpd mod_fastcgi Extension CGI Variable Overwriting Vulnerability attempt (server-webapp.rules)
 * 1:17388 <-> DISABLED <-> FILE-IMAGE OpenOffice EMF file EMR record parsing integer overflow attempt (file-image.rules)
 * 1:17405 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17406 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17413 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:17415 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (browser-firefox.rules)
 * 1:17440 <-> DISABLED <-> SERVER-IIS RSA authentication agent for web redirect buffer overflow attempt (server-iis.rules)
 * 1:17459 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17460 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17464 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX clsid access (browser-plugins.rules)
 * 1:17467 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17468 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17471 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17472 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17474 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17475 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17476 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt (server-oracle.rules)
 * 1:17477 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17478 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17479 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17480 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17489 <-> DISABLED <-> FILE-OTHER Microsoft Windows Help File Heap Buffer Overflow attempt (file-other.rules)
 * 1:17498 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17499 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17500 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17501 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17502 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17508 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file download request (file-identify.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:17512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17513 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17514 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17516 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17546 <-> DISABLED <-> FILE-IDENTIFY Microsoft Media Player compressed skin download request (file-identify.rules)
 * 1:17568 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:17570 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (browser-firefox.rules)
 * 1:17598 <-> ENABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17619 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17624 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (file-java.rules)
 * 1:17626 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (os-windows.rules)
 * 1:17628 <-> DISABLED <-> FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (file-image.rules)
 * 1:17634 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian object call overflow attempt (netbios.rules)
 * 1:17636 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 object call overflow attempt (netbios.rules)
 * 1:17637 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 overflow attempt (netbios.rules)
 * 1:17643 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCServe logger servie null-pointer dereference attempt (server-other.rules)
 * 1:17644 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (browser-ie.rules)
 * 1:17646 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:17652 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS source code disclosure attempt (server-iis.rules)
 * 1:17664 <-> DISABLED <-> FILE-OFFICE Microsoft Office GIF image descriptor memory corruption attempt (file-office.rules)
 * 1:17678 <-> DISABLED <-> FILE-IMAGE Adobe BMP image handler buffer overflow attempt (file-image.rules)
 * 1:17691 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17695 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:17736 <-> DISABLED <-> SERVER-OTHER McAfee LHA Type-2 file handling overflow attempt (server-other.rules)
 * 1:17808 <-> DISABLED <-> FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (file-flash.rules)
 * 1:18171 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18172 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18173 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18189 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18190 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18191 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18192 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18193 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18194 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18248 <-> DISABLED <-> SERVER-OTHER Unisys Business Information Server stack buffer overflow attempt (server-other.rules)
 * 1:18250 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products EscapeAttributeValue integer overflow attempt (browser-firefox.rules)
 * 1:18283 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:18284 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:18285 <-> DISABLED <-> SERVER-OTHER BrightStor ARCserve backup tape engine buffer overflow attempt (server-other.rules)
 * 1:18291 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 77 Attempt (server-other.rules)
 * 1:18292 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 84 Attempt (server-other.rules)
 * 1:18296 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products frame comment objects manipulation memory corruption attempt (browser-firefox.rules)
 * 1:18303 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler overflow attempt (browser-ie.rules)
 * 1:18304 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18305 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18306 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18313 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:18317 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail RCPT TO proxy overflow attempt (server-mail.rules)
 * 1:18319 <-> DISABLED <-> SERVER-SAMBA Samba DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (server-samba.rules)
 * 1:18476 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:18484 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (file-multimedia.rules)
 * 1:18512 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:18518 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:18520 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18521 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18522 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18523 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules)
 * 1:18574 <-> DISABLED <-> SERVER-MAIL RCPT TO overflow (server-mail.rules)
 * 1:18579 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager OpenView5 CGI buffer overflow attempt (server-webapp.rules)
 * 1:18591 <-> DISABLED <-> FILE-OTHER CoolPlayer Playlist File Handling Buffer Overflow (file-other.rules)
 * 1:18600 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:18603 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (server-mail.rules)
 * 1:18616 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18635 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:18710 <-> DISABLED <-> SERVER-OTHER McAfee ePolicy Orchestrator Framework Services buffer overflow attempt (server-other.rules)
 * 1:18771 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18772 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18800 <-> DISABLED <-> FILE-OTHER Adobe RoboHelp Server Arbitrary File Upload (file-other.rules)
 * 1:18905 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18906 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18907 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18908 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18909 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18910 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18911 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18912 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18913 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18914 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18915 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18916 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18917 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18918 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18919 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18920 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18921 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18922 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18923 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18924 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18925 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18962 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:18992 <-> DISABLED <-> FILE-FLASH Adobe Flash Player content parsing execution attempt (file-flash.rules)
 * 1:19079 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getElementById object corruption (browser-ie.rules)
 * 1:19087 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19088 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19089 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19090 <-> DISABLED <-> SERVER-OTHER CA Discovery Serice Overflow Attempt (server-other.rules)
 * 1:19293 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:1930 <-> DISABLED <-> PROTOCOL-IMAP auth literal overflow attempt (protocol-imap.rules)
 * 1:19559 <-> DISABLED <-> INDICATOR-SCAN SSH brute force login attempt (indicator-scan.rules)
 * 1:19599 <-> DISABLED <-> SERVER-ORACLE Warehouse builder WE_OLAP_AW_REMOVE_SOLVE_ID SQL Injection attempt (server-oracle.rules)
 * 1:19618 <-> DISABLED <-> FILE-OTHER Multiple products dwmapi.dll dll-load exploit attempt (file-other.rules)
 * 1:19693 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:19714 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:19811 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:19815 <-> DISABLED <-> SERVER-OTHER HP Operations Manager Server Default Credientials in use attempt (server-other.rules)
 * 1:19892 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System modem string buffer overflow attempt (server-other.rules)
 * 1:19925 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX client browser plugin call-back-url buffer overflow attempt (browser-plugins.rules)
 * 1:20071 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID access (browser-plugins.rules)
 * 1:20204 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Taidoor variant outbound connection (malware-cnc.rules)
 * 1:20277 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:20278 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:20279 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:20546 <-> DISABLED <-> SERVER-OTHER BakBone NetVault client heap overflow attempt (server-other.rules)
 * 1:20552 <-> DISABLED <-> SERVER-MAIL Mercury Mail Transport System buffer overflow attempt (server-mail.rules)
 * 1:20554 <-> ENABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:20555 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:20575 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:20576 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:20590 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:20671 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory Crafted LDAP ModifyRequest (os-windows.rules)
 * 1:20744 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player DirectShow MPEG-2 memory corruption attempt (os-windows.rules)
 * 1:20878 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:20879 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:20882 <-> ENABLED <-> FILE-OFFICE Microsoft Windows embedded packager object identifier (file-office.rules)
 * 1:20883 <-> DISABLED <-> FILE-OFFICE Microsoft Windows embedded packager object with .application extension bypass attempt (file-office.rules)
 * 1:21003 <-> DISABLED <-> MALWARE-CNC Cute Pack cute-ie.html request (malware-cnc.rules)
 * 1:21004 <-> DISABLED <-> MALWARE-CNC Cute Pack cute-ie.html landing page (malware-cnc.rules)
 * 1:21006 <-> DISABLED <-> MALWARE-CNC Yang Pack yg.htm landing page (malware-cnc.rules)
 * 1:21041 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - main.php?page= (exploit-kit.rules)
 * 1:21042 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?f= (exploit-kit.rules)
 * 1:21043 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?e= (exploit-kit.rules)
 * 1:21044 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:21045 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:2105 <-> DISABLED <-> PROTOCOL-IMAP authenticate literal overflow attempt (protocol-imap.rules)
 * 1:2106 <-> DISABLED <-> PROTOCOL-IMAP lsub overflow attempt (protocol-imap.rules)
 * 1:21068 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit landing page (exploit-kit.rules)
 * 1:21069 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit exploit fetch request (exploit-kit.rules)
 * 1:21070 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit pdf exploit page request (exploit-kit.rules)
 * 1:21071 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit post-exploit page request (exploit-kit.rules)
 * 1:21084 <-> DISABLED <-> SERVER-MSSQL MSSQL CONVERT function buffer overflow attempt (server-mssql.rules)
 * 1:21085 <-> DISABLED <-> SERVER-MSSQL MSSQL CONVERT function unicode buffer overflow attempt (server-mssql.rules)
 * 1:21096 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit control panel access (exploit-kit.rules)
 * 1:21097 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit post-exploit download request (exploit-kit.rules)
 * 1:21098 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:21099 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit malicious pdf request (exploit-kit.rules)
 * 1:21141 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit control panel access (exploit-kit.rules)
 * 1:21156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21158 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21163 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook VEVENT overflow attempt (file-office.rules)
 * 1:21186 <-> DISABLED <-> SERVER-ORACLE MDSYS drop table trigger injection attempt (server-oracle.rules)
 * 1:21233 <-> DISABLED <-> SERVER-WEBAPP Symantec Antivirus admin scan interface negative Content-Length attempt (server-webapp.rules)
 * 1:21259 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit response (exploit-kit.rules)
 * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21298 <-> DISABLED <-> SERVER-WEBAPP Microsoft SharePoint chart webpart XSS attempt (server-webapp.rules)
 * 1:21309 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules)
 * 1:21310 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules)
 * 1:21343 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit pdf request (exploit-kit.rules)
 * 1:21344 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit pdf download (exploit-kit.rules)
 * 1:21345 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit malicious jar request (exploit-kit.rules)
 * 1:21346 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit malicious jar download (exploit-kit.rules)
 * 1:21347 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - .php?page= (exploit-kit.rules)
 * 1:21348 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - search.php?page= (exploit-kit.rules)
 * 1:21414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules)
 * 1:21438 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit JavaScript carat string splitting with hostile applet (exploit-kit.rules)
 * 1:21462 <-> DISABLED <-> FILE-JAVA Oracle Java Plugin security bypass (file-java.rules)
 * 1:21492 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21529 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 Find_First2 filename overflow attempt (os-windows.rules)
 * 1:21539 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific header (exploit-kit.rules)
 * 1:21549 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific header (exploit-kit.rules)
 * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21567 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21581 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - BBB (exploit-kit.rules)
 * 1:21640 <-> DISABLED <-> EXPLOIT-KIT Phoenix exploit kit landing page (exploit-kit.rules)
 * 1:21646 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21647 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:21657 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:21658 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:21659 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Home/index.php (exploit-kit.rules)
 * 1:21660 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Index/index.php (exploit-kit.rules)
 * 1:21661 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - catch (exploit-kit.rules)
 * 1:21754 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:21766 <-> DISABLED <-> FILE-IMAGE Apple QuickDraw PICT images ARGB records handling memory corruption attempt (file-image.rules)
 * 1:21770 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21771 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21772 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21773 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21774 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21775 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21791 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21794 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:21806 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:21860 <-> ENABLED <-> MALWARE-CNC Phoenix exploit kit post-compromise behavior (malware-cnc.rules)
 * 1:21874 <-> ENABLED <-> EXPLOIT-KIT Possible exploit kit post compromise activity - StrReverse (exploit-kit.rules)
 * 1:21875 <-> ENABLED <-> EXPLOIT-KIT Possible exploit kit post compromise activity - taskkill (exploit-kit.rules)
 * 1:21876 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit landing page with specific structure - Loading (exploit-kit.rules)
 * 1:21917 <-> DISABLED <-> SERVER-OTHER Novell Groupwise HTTP response message parsing overflow (server-other.rules)
 * 1:21928 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:21931 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:21932 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:21933 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (file-office.rules)
 * 1:21942 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:21943 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:22003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:22004 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22005 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22006 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22007 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22008 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22010 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22011 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22012 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22039 <-> DISABLED <-> EXPLOIT-KIT Blackhole suspected landing page (exploit-kit.rules)
 * 1:22040 <-> DISABLED <-> EXPLOIT-KIT Blackhole suspected landing page (exploit-kit.rules)
 * 1:22041 <-> DISABLED <-> EXPLOIT-KIT Blackhole landing redirection page (exploit-kit.rules)
 * 1:22081 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:22949 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:22951 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (server-webapp.rules)
 * 1:23010 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules)
 * 1:23055 <-> DISABLED <-> PROTOCOL-FTP Cisco IOS FTP MKD buffer overflow attempt (protocol-ftp.rules)
 * 1:23091 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23092 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23093 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23094 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23095 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23105 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23127 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET xbap STGMEDIUM.unionmember arbitrary number overwrite attempt (file-executable.rules)
 * 1:23142 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23143 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23144 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23145 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23146 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23150 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed graphic record code execution attempt (file-office.rules)
 * 1:23153 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23154 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23155 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23156 <-> DISABLED <-> EXPLOIT-KIT Nuclear Pack exploit kit landing page (exploit-kit.rules)
 * 1:23157 <-> ENABLED <-> EXPLOIT-KIT Nuclear Pack exploit kit binary download (exploit-kit.rules)
 * 1:23158 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:23159 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:23162 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Online ncrypt.dll dll-load exploit attempt (os-windows.rules)
 * 1:23163 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Online wlanapi.dll dll-load exploit attempt (os-windows.rules)
 * 1:23165 <-> DISABLED <-> SERVER-OTHER Microsoft Lync Online wlanapi.dll dll-load exploit attempt (server-other.rules)
 * 1:23181 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework xbap DataObject object pointer attempt (file-executable.rules)
 * 1:23211 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook arbitrary command line attempt (file-office.rules)
 * 1:23218 <-> ENABLED <-> EXPLOIT-KIT Redkit Repeated Exploit Request Pattern (exploit-kit.rules)
 * 1:23224 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page Requested - 8Digit.html (exploit-kit.rules)
 * 1:23228 <-> DISABLED <-> BROWSER-PLUGINS Oracle Webcenter ActiveX clsid access (browser-plugins.rules)
 * 1:23240 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:23259 <-> DISABLED <-> SERVER-WEBAPP LANDesk Thinkmanagement Suite ServerSetup directory traversal attempt (server-webapp.rules)
 * 1:23266 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23267 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23268 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23270 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules)
 * 1:23272 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23279 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (server-webapp.rules)
 * 1:23283 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23287 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23288 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23289 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23290 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23291 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23292 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23293 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23294 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23295 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23296 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23297 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23299 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23300 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23301 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23302 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23304 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23371 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:23407 <-> DISABLED <-> SERVER-WEBAPP Apple iChat url format string exploit attempt (server-webapp.rules)
 * 1:23499 <-> DISABLED <-> FILE-OTHER Microsoft Windows CUR file parsing overflow attempt (file-other.rules)
 * 1:23500 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt (file-pdf.rules)
 * 1:23501 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23502 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23503 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23505 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compressed media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23508 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:23509 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules)
 * 1:23510 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules)
 * 1:23511 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules)
 * 1:23512 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules)
 * 1:23526 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:23527 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:23528 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules)
 * 1:23534 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:23535 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Download of version 4.0 file (file-office.rules)
 * 1:23536 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint CurrentUserAtom remote code execution attempt (file-office.rules)
 * 1:23537 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint HashCode10Atom memory corruption attempt (file-office.rules)
 * 1:23538 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PP7 Component buffer overflow attempt (file-office.rules)
 * 1:23539 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:23545 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules)
 * 1:23546 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules)
 * 1:23547 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules)
 * 1:23548 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:23549 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:23550 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules)
 * 1:23551 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:23552 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:23553 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:23554 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:23558 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:23559 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:23560 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23561 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules)
 * 1:23562 <-> DISABLED <-> FILE-OTHER Microsoft MHTML XSS attempt (file-other.rules)
 * 1:23563 <-> DISABLED <-> FILE-OTHER Microsoft Windows MHTML XSS attempt (file-other.rules)
 * 1:23565 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI DirectShow QuickTime parsing overflow attempt (file-multimedia.rules)
 * 1:23567 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI Header insufficient data corruption attempt (file-multimedia.rules)
 * 1:23568 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23569 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23570 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (file-multimedia.rules)
 * 1:23571 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (file-multimedia.rules)
 * 1:23572 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (file-multimedia.rules)
 * 1:23573 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (file-multimedia.rules)
 * 1:23574 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (file-multimedia.rules)
 * 1:23575 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23576 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23579 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules)
 * 1:23581 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23582 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules)
 * 1:23583 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23584 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules)
 * 1:23585 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:23586 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23591 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:23592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules)
 * 1:23619 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch broken (exploit-kit.rules)
 * 1:23622 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page request - tkr (exploit-kit.rules)
 * 1:23623 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime VR Track Header Atom heap corruption attempt (file-multimedia.rules)
 * 1:23699 <-> DISABLED <-> FILE-IDENTIFY SAP Crystal Reports file magic detected (file-identify.rules)
 * 1:23700 <-> DISABLED <-> FILE-IDENTIFY Microsoft Word for Mac 5 file magic detected (file-identify.rules)
 * 1:23701 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:23715 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access file magic detected (file-identify.rules)
 * 1:23716 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:23717 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:23718 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:23781 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:23785 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.floor catch (exploit-kit.rules)
 * 1:23786 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.round catch (exploit-kit.rules)
 * 1:23797 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection page (exploit-kit.rules)
 * 1:23837 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB host announcement format string exploit attempt (os-windows.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:23843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23848 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:23849 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:23850 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - hwehes (exploit-kit.rules)
 * 1:23943 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Visual Basic 6.0 malformed AVI buffer overflow attempt (file-multimedia.rules)
 * 1:23956 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23962 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - fewbgazr catch (exploit-kit.rules)
 * 1:23992 <-> DISABLED <-> FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (file-office.rules)
 * 1:24053 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (exploit-kit.rules)
 * 1:24054 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (exploit-kit.rules)
 * 1:24124 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:24186 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF variable name overflow attempt (file-office.rules)
 * 1:24187 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:24188 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:24189 <-> DISABLED <-> FILE-IMAGE XPM file format overflow attempt (file-image.rules)
 * 1:24197 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules)
 * 1:24198 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (server-webapp.rules)
 * 1:24200 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules)
 * 1:24203 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24204 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24205 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24220 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules)
 * 1:24226 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page received (exploit-kit.rules)
 * 1:24228 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page Received (exploit-kit.rules)
 * 1:24237 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (file-executable.rules)
 * 1:24238 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (file-executable.rules)
 * 1:24240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24242 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24272 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:24273 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:24274 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24275 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24276 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24277 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:24278 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:24279 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:24280 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request attempt (server-webapp.rules)
 * 1:24314 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24379 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24380 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24452 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG rendering buffer overflow attempt (browser-ie.rules)
 * 1:24501 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit fallback executable download (exploit-kit.rules)
 * 1:24535 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table integer overflow attempt (file-other.rules)
 * 1:24543 <-> DISABLED <-> EXPLOIT-KIT Blackhole admin page inbound access attempt (exploit-kit.rules)
 * 1:24544 <-> DISABLED <-> EXPLOIT-KIT Blackhole admin page outbound access attempt (exploit-kit.rules)
 * 1:24546 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24547 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24548 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24550 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (file-multimedia.rules)
 * 1:24556 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24557 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24558 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24593 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page received - specific structure (exploit-kit.rules)
 * 1:24599 <-> ENABLED <-> FILE-IDENTIFY Alt-N MDaemon IMAP Server (file-identify.rules)
 * 1:24608 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24636 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (exploit-kit.rules)
 * 1:24637 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (exploit-kit.rules)
 * 1:24638 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:24641 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie buffer overflow attempt (file-multimedia.rules)
 * 1:24657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules)
 * 1:24672 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules)
 * 1:24681 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24682 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24683 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24684 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24685 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24695 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules)
 * 1:24699 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24719 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP call state message offhook (protocol-voip.rules)
 * 1:24728 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24771 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:24772 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:24815 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio VSD file icon memory corruption attempt (file-office.rules)
 * 1:24823 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:24839 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:24840 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - JAR redirection (exploit-kit.rules)
 * 1:24904 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24905 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24906 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24907 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup exec_qr command injection attempt (server-oracle.rules)
 * 1:24913 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules)
 * 1:24915 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24997 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24999 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:25000 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:25043 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit url structure detected (exploit-kit.rules)
 * 1:25044 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25051 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit landing page redirection (exploit-kit.rules)
 * 1:25052 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit Java Exploit requested - 3 digit (exploit-kit.rules)
 * 1:25053 <-> DISABLED <-> EXPLOIT-KIT Redkit outbound class retrieval (exploit-kit.rules)
 * 1:25065 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:25066 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:25067 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riler variant outbound connection (malware-cnc.rules)
 * 1:25068 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riler inbound connection (malware-cnc.rules)
 * 1:25232 <-> DISABLED <-> BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (browser-firefox.rules)
 * 1:25233 <-> DISABLED <-> BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (browser-firefox.rules)
 * 1:25246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:25251 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules)
 * 1:25298 <-> DISABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules)
 * 1:25311 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules)
 * 1:25383 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.exe (exploit-kit.rules)
 * 1:25384 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - contacts.exe (exploit-kit.rules)
 * 1:25385 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - calc.exe (exploit-kit.rules)
 * 1:25386 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - about.exe (exploit-kit.rules)
 * 1:25387 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - readme.exe (exploit-kit.rules)
 * 1:25388 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:25389 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25390 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25391 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit obfuscated payload download (exploit-kit.rules)
 * 1:25502 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft GDI EMF malformed file buffer overflow attempt (file-multimedia.rules)
 * 1:25568 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:25569 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page (exploit-kit.rules)
 * 1:25587 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:25588 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader FlateDecode integer overflow attempt (file-pdf.rules)
 * 1:25611 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:25649 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:25797 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules)
 * 1:25800 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit Javascript request (exploit-kit.rules)
 * 1:25802 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit encoded portable executable request (exploit-kit.rules)
 * 1:25856 <-> DISABLED <-> PROTOCOL-TELNET Client env_opt_add Buffer Overflow attempt (protocol-telnet.rules)
 * 1:25969 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (file-office.rules)
 * 1:25972 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit three number PDF Request (exploit-kit.rules)
 * 1:26066 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26067 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26068 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26069 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26089 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio version number anomaly (file-office.rules)
 * 1:26109 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Obji Atom parsing stack buffer overflow attempt (file-multimedia.rules)
 * 1:26174 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:26175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:26227 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:26329 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel format record code execution attempt (file-office.rules)
 * 1:26330 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint TxMasterStyle10Atom atom numLevels buffer overflow attempt (file-office.rules)
 * 1:26337 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26338 <-> ENABLED <-> EXPLOIT-KIT IFRAMEr injection detection - leads to exploit kit (exploit-kit.rules)
 * 1:26339 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval - ff.php (exploit-kit.rules)
 * 1:26341 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:26342 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26343 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:26372 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:26373 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:26421 <-> DISABLED <-> BROWSER-PLUGINS Metalink file download parameter buffer overflow attempt (browser-plugins.rules)
 * 1:26434 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit jar file downloaded (exploit-kit.rules)
 * 1:26453 <-> DISABLED <-> FILE-OFFICE OpenOffice OLE File Stream Buffer Overflow attempt (file-office.rules)
 * 1:26472 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:26473 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26474 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26475 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26476 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26477 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26478 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26508 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.dll (exploit-kit.rules)
 * 1:26535 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26536 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:26599 <-> ENABLED <-> EXPLOIT-KIT Impact/Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26600 <-> ENABLED <-> EXPLOIT-KIT Impact/Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26602 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet name memory corruption attempt (file-office.rules)
 * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:2665 <-> DISABLED <-> PROTOCOL-IMAP login literal format string attempt (protocol-imap.rules)
 * 1:26663 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:26667 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes playlist overflow attempt (file-multimedia.rules)
 * 1:26672 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26676 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:26706 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26707 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26708 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26709 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26710 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26711 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed ftCMO record remote code execution attempt (file-office.rules)
 * 1:26724 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (file-multimedia.rules)
 * 1:26799 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26800 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26801 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26832 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control exploit attempt (file-office.rules)
 * 1:26856 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (file-image.rules)
 * 1:26857 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sRGB overflow attempt (file-image.rules)
 * 1:26858 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (file-image.rules)
 * 1:26859 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (file-image.rules)
 * 1:26861 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (file-image.rules)
 * 1:26862 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sPLT overflow attempt (file-image.rules)
 * 1:26863 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (file-image.rules)
 * 1:26864 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (file-image.rules)
 * 1:26866 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (file-image.rules)
 * 1:26978 <-> DISABLED <-> FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (file-image.rules)
 * 1:27001 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks Remote Management overflow attempt (server-other.rules)
 * 1:27071 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:27072 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:27081 <-> ENABLED <-> EXPLOIT-KIT Nailed exploit kit Internet Explorer exploit download - autopwn (exploit-kit.rules)
 * 1:27082 <-> ENABLED <-> EXPLOIT-KIT Nailed exploit kit flash remote code execution exploit download - autopwn (exploit-kit.rules)
 * 1:27166 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27167 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27168 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27212 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27213 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27214 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27215 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint schemes record buffer overflow (file-office.rules)
 * 1:27216 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint printer record buffer overflow (file-office.rules)
 * 1:27222 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:27243 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirectAction (server-apache.rules)
 * 1:27251 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (file-other.rules)
 * 1:27271 <-> ENABLED <-> EXPLOIT-KIT iFramer toolkit injected iframe detected - specific structure (exploit-kit.rules)
 * 1:27544 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab runtime traffic detected (malware-cnc.rules)
 * 1:27545 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27546 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27547 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27548 <-> ENABLED <-> MALWARE-OTHER Osx.Trojan.Janicab file download attempt (malware-other.rules)
 * 1:27549 <-> ENABLED <-> MALWARE-OTHER Osx.Trojan.Janicab file download attempt (malware-other.rules)
 * 1:27580 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27581 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27584 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27585 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27586 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27587 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27588 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27589 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27590 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27591 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27634 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (file-office.rules)
 * 1:27635 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Record Code Execution attempt (file-office.rules)
 * 1:27671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (file-flash.rules)
 * 1:27695 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27696 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27697 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit successful Java exploit (exploit-kit.rules)
 * 1:27718 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file buffer overflow attempt (os-windows.rules)
 * 1:27719 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (os-windows.rules)
 * 1:27757 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX clsid access (browser-plugins.rules)
 * 1:27758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:27788 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access (browser-plugins.rules)
 * 1:27789 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27790 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27791 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27792 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (browser-plugins.rules)
 * 1:27793 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access (browser-plugins.rules)
 * 1:27798 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27799 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules)
 * 1:27800 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (browser-plugins.rules)
 * 1:27865 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Darkleech exploit kit landing page request (exploit-kit.rules)
 * 1:27881 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Flash Player (exploit-kit.rules)
 * 1:27883 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Oracle Java (exploit-kit.rules)
 * 1:27885 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27886 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27892 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Acrobat Reader (exploit-kit.rules)
 * 1:27893 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27894 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - about.dll (exploit-kit.rules)
 * 1:27895 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.dll (exploit-kit.rules)
 * 1:27896 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - contacts.dll (exploit-kit.rules)
 * 1:27897 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - calc.dll (exploit-kit.rules)
 * 1:27898 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - readme.dll (exploit-kit.rules)
 * 1:27908 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules)
 * 1:27909 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules)
 * 1:27945 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules)
 * 1:27947 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:27948 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:28029 <-> ENABLED <-> EXPLOIT-KIT Magnitude/Popads/Nuclear exploit kit jnlp request (exploit-kit.rules)
 * 1:28108 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Adobe Flash exploit download attempt (exploit-kit.rules)
 * 1:28113 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (file-office.rules)
 * 1:28124 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (file-other.rules)
 * 1:28128 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28130 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28133 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28228 <-> DISABLED <-> SERVER-WEBAPP Microsoft Interactive Training buffer overflow attempt (server-webapp.rules)
 * 1:28236 <-> ENABLED <-> EXPLOIT-KIT Magnitude/Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:28263 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:28311 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28312 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28313 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28314 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28316 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28317 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28318 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28319 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28320 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28321 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28322 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28413 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit embedded redirection attempt (exploit-kit.rules)
 * 1:28428 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit landing page (exploit-kit.rules)
 * 1:28429 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit outbound jnlp download attempt (exploit-kit.rules)
 * 1:28430 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit zip file download (exploit-kit.rules)
 * 1:28440 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file invalid memory allocation exploit attempt (file-office.rules)
 * 1:28441 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28442 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28443 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28482 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Terminator RAT variant outbound connection (malware-cnc.rules)
 * 1:28493 <-> ENABLED <-> MALWARE-CNC DeputyDog diskless method outbound connection (malware-cnc.rules)
 * 1:28612 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28613 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit landing page - specific-structure (exploit-kit.rules)
 * 1:28614 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit landing page (exploit-kit.rules)
 * 1:28616 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit payload download attempt (exploit-kit.rules)
 * 1:28677 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28678 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28686 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28989 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Egobot variant outbound connection (malware-cnc.rules)
 * 1:29032 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MasterPagePackedText structure CharacterFormatArrayOuterHeaderSize buffer overflow (file-office.rules)
 * 1:29033 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MasterPagePackedText structure CharacterFormatArrayOuterHeaderSize buffer overflow (file-office.rules)
 * 1:29066 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit XORed payload download attempt (exploit-kit.rules)
 * 1:29128 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit plugin detection page (exploit-kit.rules)
 * 1:29130 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit malicious payload download attempt (exploit-kit.rules)
 * 1:29264 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtX memory corruption attempt (file-office.rules)
 * 1:29326 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules)
 * 1:29327 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules)
 * 1:29328 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules)
 * 1:29329 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtX memory corruption attempt (file-office.rules)
 * 1:29404 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel country record arbitrary code execution attempt (file-office.rules)
 * 1:29434 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file overread buffer overflow attempt (file-image.rules)
 * 1:29435 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:29436 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:29502 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules)
 * 1:29511 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM jovgraph.exe CGI hostname parameter bugger overflow attempt (server-webapp.rules)
 * 1:29513 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows RAP API NetServerEnum2 long comment buffer overflow attempt (os-windows.rules)
 * 1:29523 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:29528 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 46 integer overflow attempt (server-other.rules)
 * 1:29529 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 47 integer overflow attempt (server-other.rules)
 * 1:29530 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 54 integer overflow attempt (server-other.rules)
 * 1:29531 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 25 integer overflow attempt (server-other.rules)
 * 1:29532 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 81 integer overflow attempt (server-other.rules)
 * 1:29536 <-> DISABLED <-> SERVER-OTHER Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (server-other.rules)
 * 1:29580 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox SVG data processing obfuscated memory corruption attempt (browser-firefox.rules)
 * 1:29581 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:29617 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules)
 * 1:29621 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (netbios.rules)
 * 1:29624 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow attempt (browser-firefox.rules)
 * 1:29625 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow attempt (browser-firefox.rules)
 * 1:29754 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules)
 * 1:29796 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:29797 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:29804 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29805 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29806 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29814 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer null attribute DoS attempt (browser-ie.rules)
 * 1:29936 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - CookieInterceptor (server-apache.rules)
 * 1:29937 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules)
 * 1:29943 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB2 client NetBufferList NULL entry remote code execution attempt (os-windows.rules)
 * 1:30037 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zaleelq variant outbound connection (malware-cnc.rules)
 * 1:30232 <-> DISABLED <-> OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (os-windows.rules)
 * 1:30233 <-> DISABLED <-> OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (os-windows.rules)
 * 1:3066 <-> DISABLED <-> PROTOCOL-IMAP append overflow attempt (protocol-imap.rules)
 * 1:30941 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:30990 <-> ENABLED <-> MALWARE-CNC Shiqiang Gang malicious XLS targeted attack detection (malware-cnc.rules)
 * 1:30991 <-> ENABLED <-> MALWARE-CNC Shiqiang Gang malicious XLS targeted attack detection (malware-cnc.rules)
 * 1:31017 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Adobe Reader Extension race condition attempt (browser-plugins.rules)
 * 1:31018 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Adobe Reader Extension race condition attempt (browser-plugins.rules)
 * 1:31031 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word WordPerfect converter buffer overflow attempt (file-office.rules)
 * 1:31032 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word WordPerfect converter buffer overflow attempt (file-office.rules)
 * 1:31279 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31296 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules)
 * 1:31301 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules)
 * 1:31365 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager remote code execution attempt (server-webapp.rules)
 * 1:31373 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:31374 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Qsir and Qsif record remote code execution attempt (file-office.rules)
 * 1:31420 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:31421 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:31427 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules)
 * 1:31428 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:31434 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Section Table Array Buffer Overflow attempt (file-office.rules)
 * 1:31437 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:31439 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31440 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules)
 * 1:31462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules)
 * 1:31473 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31474 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31475 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31476 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31504 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:31562 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (file-office.rules)
 * 1:31591 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:31592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:31650 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail file execution attempt (server-mail.rules)
 * 1:3171 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:31716 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Otupsys variant outbound connection (malware-cnc.rules)
 * 1:31756 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:31757 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:31758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (browser-plugins.rules)
 * 1:31759 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX clsid access (browser-plugins.rules)
 * 1:31760 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31761 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31762 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31763 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31777 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing announce overflow attempt (file-other.rules)
 * 1:31778 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing comment overflow attempt (file-other.rules)
 * 1:31779 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing name overflow attempt (file-other.rules)
 * 1:31780 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing path overflow attempt (file-other.rules)
 * 1:31843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules)
 * 1:31844 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules)
 * 1:31845 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules)
 * 1:31846 <-> DISABLED <-> POLICY-OTHER HP Universal CMDB default credentials authentication attempt (policy-other.rules)
 * 1:31875 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (file-office.rules)
 * 1:31876 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (file-office.rules)
 * 1:31946 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start arbitrary command execution attempt (file-java.rules)
 * 1:32062 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32063 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32064 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Filter Records Handling Code Execution attempt (file-office.rules)
 * 1:32083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed file format parsing code execution attempt (file-office.rules)
 * 1:32094 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalete Record Memory Corruption attempt (file-office.rules)
 * 1:32095 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (file-office.rules)
 * 1:32122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtWnDesk record memory corruption exploit attempt (file-office.rules)
 * 1:32131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:32132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:32133 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XBM image processing buffer overflow attempt (browser-firefox.rules)
 * 1:32136 <-> DISABLED <-> FILE-OTHER GNU gzip LZH decompression make_table overflow attempt (file-other.rules)
 * 1:32206 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style record overflow attempt (file-office.rules)
 * 1:32223 <-> DISABLED <-> SERVER-OTHER Firebird database invalid state integer overflow attempt (server-other.rules)
 * 1:32224 <-> DISABLED <-> SERVER-OTHER Firebird database invalid state integer overflow attempt (server-other.rules)
 * 1:32365 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (browser-ie.rules)
 * 1:32532 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules)
 * 1:32615 <-> DISABLED <-> OS-WINDOWS Microsoft Windows search protocol remote command injection attempt (os-windows.rules)
 * 1:32625 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DV record buffer overflow attempt (file-office.rules)
 * 1:32629 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:32630 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:32631 <-> DISABLED <-> NETBIOS SMB server response heap overflow attempt (netbios.rules)
 * 1:32642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:32643 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:32644 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)

2018-02-01 01:09:42 UTC

Snort Subscriber Rules Update

Date: 2018-01-31

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:45590 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45574 <-> ENABLED <-> MALWARE-CNC Win.Trojan.xxmm second stage configuration download attempt (malware-cnc.rules)
 * 1:45576 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (browser-firefox.rules)
 * 1:17663 <-> DISABLED <-> SERVER-OTHER Apple CUPS SGI image decoding buffer overflow attempt (server-other.rules)
 * 1:45571 <-> DISABLED <-> SERVER-OTHER Commvault Communications Service command injection attempt (server-other.rules)
 * 1:45582 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP subscribe request denial of service attempt (protocol-voip.rules)
 * 1:45580 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP invite request denial of service attempt (protocol-voip.rules)
 * 1:45577 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP invite request denial of service attempt (protocol-voip.rules)
 * 1:45586 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player or Explorer Malformed MIDI File DOS attempt (file-multimedia.rules)
 * 1:45579 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP subscribe request denial of service attempt (protocol-voip.rules)
 * 1:45581 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP options request denial of service attempt (protocol-voip.rules)
 * 1:45578 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP options request denial of service attempt (protocol-voip.rules)
 * 1:45588 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45583 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP SIP servers discovery attempt (protocol-voip.rules)
 * 1:45589 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45585 <-> DISABLED <-> SERVER-WEBAPP PMSotware Simple Web Server connection header buffer overflow attempt (server-webapp.rules)
 * 1:45591 <-> DISABLED <-> PROTOCOL-FTP LabF nfsAxe FTP Client buffer overflow attempt (protocol-ftp.rules)
 * 1:45587 <-> DISABLED <-> SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (server-other.rules)
 * 1:45584 <-> DISABLED <-> PROTOCOL-VOIP Mr.SIP SIP servers discovery attempt (protocol-voip.rules)
 * 3:45575 <-> ENABLED <-> SERVER-OTHER Cisco ASA VPN aggregateAuthDataHandler double free attempt (server-other.rules)

Modified Rules:


 * 1:8846 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Character Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:33740 <-> DISABLED <-> FILE-IMAGE Microsoft emf file download request (file-image.rules)
 * 1:7466 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:34048 <-> DISABLED <-> SERVER-APACHE Apache mod_log_config cookie handling denial of service attempt (server-apache.rules)
 * 1:42440 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:39615 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:34847 <-> ENABLED <-> MALWARE-CNC Linux.Trojan.ChinaZ outbound connection (malware-cnc.rules)
 * 1:41730 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:40248 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:7210 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:44455 <-> DISABLED <-> FILE-IMAGE Apple PICT Quickdraw image converter packType 4 buffer overflow attempt (file-image.rules)
 * 1:32869 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:40245 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:34901 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:6694 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (file-image.rules)
 * 1:8383 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:3530 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP msg 0x99 client name overflow (server-other.rules)
 * 1:32871 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:7442 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mmAEPlugIn.AEPlugIn.1 ActiveX clsid access (browser-plugins.rules)
 * 1:5485 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:6693 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (file-image.rules)
 * 1:7490 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Switch Filter ActiveX clsid access (browser-plugins.rules)
 * 1:39614 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:41731 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:35748 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:45154 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:4913 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Workspace ActiveX object access (browser-plugins.rules)
 * 1:7938 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7862 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsAppExpired ActiveX function call access (browser-plugins.rules)
 * 1:3591 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMDeleteObject overflow attempt (os-windows.rules)
 * 1:39628 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:42444 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:39621 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:34890 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32ZLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34906 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:43675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:7429 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Bitmap ActiveX clsid access (browser-plugins.rules)
 * 1:39619 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:4911 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Type Library ActiveX object access (browser-plugins.rules)
 * 1:45148 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:3485 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9c client domain overflow (server-other.rules)
 * 1:7450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Stetch ActiveX clsid access (browser-plugins.rules)
 * 1:7870 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Data Source Control 9.0 ActiveX clsid access (browser-plugins.rules)
 * 1:44290 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:34896 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:37029 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:3661 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 00 buffer overflow attempt (server-other.rules)
 * 1:38576 <-> ENABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:3524 <-> DISABLED <-> SERVER-OTHER Computer Associates license invalid GCR CHECKSUMS attempt (server-other.rules)
 * 1:42443 <-> ENABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:34293 <-> DISABLED <-> FILE-IMAGE Microsoft Windows wmf integer overflow attempt (file-image.rules)
 * 1:6412 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Address Book attachment detected (server-mail.rules)
 * 1:33116 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:7498 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM TV Out Smooth Picture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7942 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer http Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:44069 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:36560 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:37294 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt  (file-office.rules)
 * 1:39609 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39631 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:32870 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:39875 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt (netbios.rules)
 * 1:8850 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:32738 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:7474 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion ActiveX clsid access (browser-plugins.rules)
 * 1:33198 <-> DISABLED <-> OS-WINDOWS Outlook Express WAB file parsing buffer overflow attempt (os-windows.rules)
 * 1:44044 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox invalid watchpoint memory corruption attempt (browser-firefox.rules)
 * 1:33829 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:34056 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:7439 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer HTML Help ActiveX clsid access (browser-plugins.rules)
 * 1:34905 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:7500 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM VIH2 Fix ActiveX clsid access (browser-plugins.rules)
 * 1:7029 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:4987 <-> DISABLED <-> SERVER-WEBAPP Twiki viewfile rev command injection attempt (server-webapp.rules)
 * 1:37035 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:40246 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:33115 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:3476 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9b client domain overflow (server-other.rules)
 * 1:34897 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:7928 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:4915 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shortcut Handler ActiveX object access (browser-plugins.rules)
 * 1:32840 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:7437 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Frame Eater ActiveX clsid access (browser-plugins.rules)
 * 1:44131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:3477 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9b client name overflow (server-other.rules)
 * 1:42445 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:39632 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:34899 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:4897 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSOAInterface ActiveX object access (browser-plugins.rules)
 * 1:7028 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:33493 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:39624 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:43674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:4895 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeInfo ActiveX object access (browser-plugins.rules)
 * 1:33492 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:7464 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Filter ActiveX clsid access (browser-plugins.rules)
 * 1:34912 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:7472 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion Prop Page ActiveX clsid access (browser-plugins.rules)
 * 1:33602 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:39870 <-> DISABLED <-> INDICATOR-COMPROMISE Oracle E-Business Suite arbitrary node deletion (indicator-compromise.rules)
 * 1:43830 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:32739 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:32842 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:8387 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8848 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid access (browser-plugins.rules)
 * 1:8740 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX function call access (browser-plugins.rules)
 * 1:8852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX clsid access (browser-plugins.rules)
 * 1:8389 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8405 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ActiveX clsid access (browser-plugins.rules)
 * 1:8385 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX clsid access (browser-plugins.rules)
 * 1:8425 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX function call access (browser-plugins.rules)
 * 1:34857 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Fanny outbound connection (malware-cnc.rules)
 * 1:7456 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxa.dll ActiveX clsid access (browser-plugins.rules)
 * 1:44049 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:33586 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (file-multimedia.rules)
 * 1:7866 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Connection ActiveX clsid access (browser-plugins.rules)
 * 1:44146 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JSXML integer overflow attempt (browser-firefox.rules)
 * 1:4891 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer cfw Class ActiveX object access (browser-plugins.rules)
 * 1:7934 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:39625 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:4900 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Outlook Progress Ctl ActiveX object access (browser-plugins.rules)
 * 1:43699 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:6701 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (file-image.rules)
 * 1:37423 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:38577 <-> ENABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:3458 <-> DISABLED <-> SERVER-OTHER Arkeia backup client type 84 overflow attempt (server-other.rules)
 * 1:3529 <-> DISABLED <-> SERVER-OTHER Computer Associates license GETCONFIG client overflow attempt (server-other.rules)
 * 1:5705 <-> DISABLED <-> PROTOCOL-IMAP CAPABILITY overflow attempt (protocol-imap.rules)
 * 1:6691 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (file-image.rules)
 * 1:36559 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:33589 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:7452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WM Color Converter Filter ActiveX clsid access (browser-plugins.rules)
 * 1:3662 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 03 little endian buffer overflow attempt (server-other.rules)
 * 1:33828 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:45143 <-> ENABLED <-> BROWSER-IE Microsoft Edge Array type confusion attempt (browser-ie.rules)
 * 1:37034 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:7208 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_METADATA access attempt (server-oracle.rules)
 * 1:33495 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:7478 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Interlacer ActiveX clsid access (browser-plugins.rules)
 * 1:44048 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:36453 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (browser-ie.rules)
 * 1:7482 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT MuxDeMux Filter ActiveX clsid access (browser-plugins.rules)
 * 1:39623 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:33670 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size1 dos attempt (server-other.rules)
 * 1:39604 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:43337 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:8409 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX clsid access (browser-plugins.rules)
 * 1:34898 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:44147 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JSXML integer overflow attempt (browser-firefox.rules)
 * 1:44132 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:33045 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access attempt (browser-plugins.rules)
 * 1:34891 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32Zlib.dll dll-load exploit attempt (file-other.rules)
 * 1:44877 <-> DISABLED <-> SERVER-OTHER  Citrix XenApp and XenDesktop XML service memory corruption attempt (server-other.rules)
 * 1:8377 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:3531 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP msg 0x99 client domain overflow (server-other.rules)
 * 1:34895 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:7496 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Volume ActiveX clsid access (browser-plugins.rules)
 * 1:4986 <-> DISABLED <-> SERVER-WEBAPP Twiki view rev command injection attempt (server-webapp.rules)
 * 1:7035 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans mailslot heap overflow attempt (os-windows.rules)
 * 1:5711 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player zero length bitmap heap overflow attempt (file-image.rules)
 * 1:36645 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:4908 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Method Definition ActiveX object access (browser-plugins.rules)
 * 1:44282 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:37293 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt  (file-office.rules)
 * 1:34904 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:44068 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:33585 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:7039 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:7944 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer https Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:37033 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:41094 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:4914 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Script Definition ActiveX object access (browser-plugins.rules)
 * 1:43698 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:3483 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9b client domain overflow (server-other.rules)
 * 1:39611 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39605 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:33566 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules)
 * 1:33575 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:3663 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 03 buffer overflow attempt (server-other.rules)
 * 1:33578 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:7037 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans mailslot heap overflow attempt (os-windows.rules)
 * 1:39606 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:7444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Mmedia.AsyncMHandler.1 ActiveX clsid access (browser-plugins.rules)
 * 1:33671 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size2 dos attempt (server-other.rules)
 * 1:35772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:39610 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:32786 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:43989 <-> DISABLED <-> INDICATOR-OBFUSCATION newlines embedded in rtf header (indicator-obfuscation.rules)
 * 1:4893 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Trident HTMLEditor ActiveX object access (browser-plugins.rules)
 * 1:3475 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP slot info msg client domain overflow (server-other.rules)
 * 1:7462 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Black Frame Generator ActiveX clsid access (browser-plugins.rules)
 * 1:36432 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:4910 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Relationship Definition ActiveX object access (browser-plugins.rules)
 * 1:33584 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:36644 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:7041 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans andx mailslot heap overflow attempt (os-windows.rules)
 * 1:43068 <-> DISABLED <-> SERVER-OTHER IBM Lotus Domino IMAP server CRAM-MD5 authentication buffer overflow attempt (server-other.rules)
 * 1:3479 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9c client name overflow (server-other.rules)
 * 1:36365 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS show_rechis cross site scripting attempt (server-webapp.rules)
 * 1:44284 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:39612 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:7436 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Dynamic Casts ActiveX function call (browser-plugins.rules)
 * 1:38669 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onpropertychange use-after-free attempt (browser-ie.rules)
 * 1:40243 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:34892 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:7981 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:41728 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:39618 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:38670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onpropertychange use-after-free attempt (browser-ie.rules)
 * 1:39603 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:34900 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:44035 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:6690 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iCCP overflow attempt (file-image.rules)
 * 1:44031 <-> DISABLED <-> FILE-OFFICE Powerpoint Viewer malformed msoDrawing property table buffer overflow attempt (file-office.rules)
 * 1:7494 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Source ActiveX clsid access (browser-plugins.rules)
 * 1:7978 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (browser-plugins.rules)
 * 1:6502 <-> DISABLED <-> FILE-IMAGE Mozilla GIF single packet heap overflow - ANIMEXTS1.0 (file-image.rules)
 * 1:44281 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:37030 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:3484 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9c client name overflow (server-other.rules)
 * 1:3660 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 00 little endian buffer overflow attempt (server-other.rules)
 * 1:39602 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:36782 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:33548 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Access multiple control instantiation memory corruption attempt (browser-plugins.rules)
 * 1:33576 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:7460 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Audio Analyzer ActiveX clsid access (browser-plugins.rules)
 * 1:7468 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DirectX Transform Wrapper ActiveX clsid access (browser-plugins.rules)
 * 1:6510 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mhtml uri shortcut buffer overflow attempt (browser-ie.rules)
 * 1:4906 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Interface Definition ActiveX object access (browser-plugins.rules)
 * 1:44729 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler buffer overflow attempt (browser-ie.rules)
 * 1:44296 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:3478 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP product info msg 0x9c client domain overflow (server-other.rules)
 * 1:39616 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:39601 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:7958 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer mk Asychronous Pluggable Protocol Handler ActiveX clsid access (browser-plugins.rules)
 * 1:7476 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Import Filter ActiveX clsid access (browser-plugins.rules)
 * 1:33577 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:33044 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX clsid access attempt (browser-plugins.rules)
 * 1:39630 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:36364 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS index cross site scripting attempt (server-webapp.rules)
 * 1:44456 <-> DISABLED <-> FILE-IMAGE Apple PICT Quickdraw image converter packType 4 buffer overflow attempt (file-image.rules)
 * 1:3822 <-> DISABLED <-> SERVER-WEBAPP RealNetworks RealPlayer realtext long URI request attempt (server-webapp.rules)
 * 1:36363 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS show_rechis cross site scripting attempt (server-webapp.rules)
 * 1:7036 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode mailslot heap overflow attempt (os-windows.rules)
 * 1:43990 <-> DISABLED <-> INDICATOR-OBFUSCATION RTF obfuscation string (indicator-obfuscation.rules)
 * 1:6699 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (file-image.rules)
 * 1:43338 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:33601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:39764 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:5702 <-> DISABLED <-> PROTOCOL-IMAP subscribe directory traversal attempt (protocol-imap.rules)
 * 1:36783 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:6413 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Address Book Base64 encoded attachment detected (server-mail.rules)
 * 1:33979 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:4905 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Object ActiveX object access (browser-plugins.rules)
 * 1:34893 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:34907 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:6507 <-> DISABLED <-> SERVER-WEBAPP novell edirectory imonitor overflow attempt (server-webapp.rules)
 * 1:33043 <-> DISABLED <-> FILE-MULTIMEDIA Multiple media players M3U playlist file handling buffer overflow attempt (file-multimedia.rules)
 * 1:3453 <-> DISABLED <-> SERVER-OTHER Arkeia client backup system info probe (server-other.rules)
 * 1:42441 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:37710 <-> ENABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:7431 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectFrame.DirectControl.1 ActiveX clsid access (browser-plugins.rules)
 * 1:39627 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:8060 <-> DISABLED <-> SERVER-OTHER UltraVNC VNCLog buffer overflow (server-other.rules)
 * 1:3637 <-> DISABLED <-> SERVER-OTHER Computer Associates license PUTOLF directory traversal attempt (server-other.rules)
 * 1:44130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:33041 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:7433 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DirectX Transform Wrapper Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:4902 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Video Mixing Renderer 9 ActiveX object access (browser-plugins.rules)
 * 1:7040 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode andx mailslot heap overflow attempt (os-windows.rules)
 * 1:4909 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Property Definition ActiveX object access (browser-plugins.rules)
 * 1:43606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (browser-plugins.rules)
 * 1:7003 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX function call access (browser-plugins.rules)
 * 1:35771 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:4896 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeLib ActiveX object access (browser-plugins.rules)
 * 1:34894 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34061 <-> DISABLED <-> SERVER-IIS Microsoft IIS Range header integer overflow attempt (server-iis.rules)
 * 1:35747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules)
 * 1:6698 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (file-image.rules)
 * 1:7425 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 9x8Resize ActiveX clsid access (browser-plugins.rules)
 * 1:32844 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules)
 * 1:33479 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt (os-windows.rules)
 * 1:39617 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:7863 <-> DISABLED <-> BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsOldAppInstalled ActiveX function call access (browser-plugins.rules)
 * 1:3553 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM null DHTML element insertion attempt (browser-ie.rules)
 * 1:7486 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen Capture Filter Task Page ActiveX clsid access (browser-plugins.rules)
 * 1:33672 <-> DISABLED <-> SERVER-OTHER Symantec AMS Intel handler service overly large size3 dos attempt (server-other.rules)
 * 1:34908 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34915 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro quserex.dll dll-load exploit attempt (netbios.rules)
 * 1:44032 <-> DISABLED <-> FILE-OFFICE Powerpoint Viewer malformed msoDrawing property table buffer overflow attempt (file-office.rules)
 * 1:33827 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:36772 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Scriptlet Component ActiveX clsid access (browser-plugins.rules)
 * 1:4892 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MTSEvents Class ActiveX object access (browser-plugins.rules)
 * 1:33590 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:34903 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:33684 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:36431 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules)
 * 1:3481 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP slot info msg client domain overflow (server-other.rules)
 * 1:7458 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxb.dll ActiveX clsid access (browser-plugins.rules)
 * 1:32843 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:7042 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode andx mailslot heap overflow attempt (os-windows.rules)
 * 1:33980 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:7448 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer ShotDetect ActiveX clsid access (browser-plugins.rules)
 * 1:4172 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent v1.5 ActiveX clsid access (browser-plugins.rules)
 * 1:39607 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:3659 <-> DISABLED <-> SERVER-OTHER ARCserve universal backup agent option 1000 buffer overflow attempt (server-other.rules)
 * 1:7427 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Allocator Fix ActiveX clsid access (browser-plugins.rules)
 * 1:44046 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:34055 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:37031 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:4826 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetRootDeviceInstance attempt (os-windows.rules)
 * 1:40244 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:42446 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:34910 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:39608 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:44129 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (os-windows.rules)
 * 1:39620 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:3480 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP slot info msg client name overflow (server-other.rules)
 * 1:7492 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Renderer ActiveX clsid access (browser-plugins.rules)
 * 1:4898 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSTypeComp ActiveX object access (browser-plugins.rules)
 * 1:7484 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Sample Info Filter ActiveX clsid access (browser-plugins.rules)
 * 1:7470 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT DV Extract Filter ActiveX clsid access (browser-plugins.rules)
 * 1:3454 <-> DISABLED <-> SERVER-OTHER Arkeia client backup generic info probe (server-other.rules)
 * 1:39613 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:33579 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX clsid access attempt (browser-plugins.rules)
 * 1:40247 <-> DISABLED <-> FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (file-image.rules)
 * 1:8381 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX clsid access (browser-plugins.rules)
 * 1:3482 <-> DISABLED <-> SERVER-OTHER ARCserve backup UDP product info msg 0x9b client name overflow (server-other.rules)
 * 1:7454 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Wmm2ae.dll ActiveX clsid access (browser-plugins.rules)
 * 1:7207 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION SQL injection attempt (server-oracle.rules)
 * 1:7480 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Log Filter ActiveX clsid access (browser-plugins.rules)
 * 1:4904 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Alias ActiveX object access (browser-plugins.rules)
 * 1:34294 <-> DISABLED <-> FILE-IMAGE Microsoft Windows wmf integer overflow attempt (file-image.rules)
 * 1:7868 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX clsid access (browser-plugins.rules)
 * 1:7038 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans unicode mailslot heap overflow attempt (os-windows.rules)
 * 1:34916 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro u32zlib.dll dll-load exploit attempt (netbios.rules)
 * 1:45149 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:3525 <-> DISABLED <-> SERVER-OTHER Computer Associates license invalid GCR NETWORK attempt (server-other.rules)
 * 1:44045 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox invalid watchpoint memory corruption attempt (browser-firefox.rules)
 * 1:44730 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler buffer overflow attempt (browser-ie.rules)
 * 1:4907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Collection Definition ActiveX object access (browser-plugins.rules)
 * 1:33824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:44283 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (browser-ie.rules)
 * 1:4901 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR Allocator Presenter 9 ActiveX object access (browser-plugins.rules)
 * 1:33591 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (file-image.rules)
 * 1:6405 <-> DISABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager overflow attempt (server-other.rules)
 * 1:3521 <-> DISABLED <-> SERVER-OTHER Computer Associates license GCR CHECKSUMS overflow attempt (server-other.rules)
 * 1:39622 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:34632 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes WPD attachment handling buffer overflow attempt (server-mail.rules)
 * 1:43067 <-> ENABLED <-> PROTOCOL-IMAP IMAP CRAM-MD5 authentication attempt (protocol-imap.rules)
 * 1:44188 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption attempt (browser-ie.rules)
 * 1:39626 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:6696 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (file-image.rules)
 * 1:7488 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen capture Filter ActiveX clsid access (browser-plugins.rules)
 * 1:33582 <-> DISABLED <-> SERVER-SAMBA Samba WINS Server Name Registration handling stack buffer overflow attempt (server-samba.rules)
 * 1:44047 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (browser-firefox.rules)
 * 1:43831 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:36366 <-> DISABLED <-> SERVER-WEBAPP Typo3 CMS index cross site scripting attempt (server-webapp.rules)
 * 1:33494 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:45142 <-> ENABLED <-> BROWSER-IE Microsoft Edge Array type confusion attempt (browser-ie.rules)
 * 1:4072 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_DetectResourceConflict attempt (os-windows.rules)
 * 1:34914 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:4903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer VMR ImageSync 9 ActiveX object access (browser-plugins.rules)
 * 1:36646 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:34909 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34913 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:3474 <-> DISABLED <-> SERVER-OTHER ARCserve backup TCP slot info msg client name overflow (server-other.rules)
 * 1:39629 <-> DISABLED <-> FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (file-image.rules)
 * 1:7446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Record Queue ActiveX clsid access (browser-plugins.rules)
 * 1:37032 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:39763 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:34902 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34135 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (file-image.rules)
 * 1:5319 <-> DISABLED <-> OS-WINDOWS Microsoft Windows picture and fax viewer wmf arbitrary code execution attempt (os-windows.rules)
 * 1:4129 <-> DISABLED <-> SERVER-OTHER Novell ZenWorks Remote Management Agent large login packet DoS attempt (server-other.rules)
 * 1:7914 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX clsid access (browser-plugins.rules)
 * 1:4912 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Repository Root ActiveX object access (browser-plugins.rules)
 * 1:34911 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:4894 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer PSEnumVariant ActiveX object access (browser-plugins.rules)
 * 1:42442 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:4890 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer IAVIStream & IAVIFile Proxy ActiveX object access (browser-plugins.rules)
 * 1:41729 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:32754 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX clsid access (browser-plugins.rules)
 * 1:8854 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX function call access (browser-plugins.rules)
 * 1:8856 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Agent v1.5 ActiveX function call access (browser-plugins.rules)
 * 1:9131 <-> DISABLED <-> BROWSER-PLUGINS WinZip FileView 6.1 ActiveX function call access (browser-plugins.rules)
 * 1:9132 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwrOpenEnumNdsStubTrees_Any overflow attempt (os-windows.rules)
 * 1:9228 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwGetConnectionInformation overflow attempt (os-windows.rules)
 * 1:9421 <-> ENABLED <-> MALWARE-OTHER zotob attempt (malware-other.rules)
 * 1:9432 <-> DISABLED <-> OS-WINDOWS Microsoft Agent buffer overflow attempt (os-windows.rules)
 * 1:9433 <-> DISABLED <-> OS-WINDOWS Microsoft Agent buffer overflow attempt (os-windows.rules)
 * 1:9441 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath overflow attempt (netbios.rules)
 * 1:9634 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9C remote buffer overflow attempt TCP (server-other.rules)
 * 1:9635 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9B remote buffer overflow attempt UDP (server-other.rules)
 * 1:9636 <-> DISABLED <-> SERVER-OTHER Computer Associates Product Discovery Service type 9C remote buffer overflow attempt UDP (server-other.rules)
 * 1:9769 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:9848 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vector Markup Language recolorinfo tag numfills parameter buffer overflow attempt (os-windows.rules)
 * 1:10062 <-> DISABLED <-> FILE-IMAGE Oracle Java Virtual Machine malformed GIF buffer overflow attempt (file-image.rules)
 * 1:10063 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox query interface suspicious function call access attempt (browser-firefox.rules)
 * 1:10087 <-> DISABLED <-> SERVER-OTHER VNC password request buffer overflow attempt (server-other.rules)
 * 1:10188 <-> DISABLED <-> PROTOCOL-FTP Ipswitch Ws_ftp XMD5 overflow attempt (protocol-ftp.rules)
 * 1:10390 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX clsid access (browser-plugins.rules)
 * 1:10392 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX function call access (browser-plugins.rules)
 * 1:10395 <-> DISABLED <-> BROWSER-PLUGINS Symantec SupportSoft SmartIssue ActiveX function call access (browser-plugins.rules)
 * 1:10603 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP dns R_DnssrvUpdateRecord2 overflow attempt (os-windows.rules)
 * 1:11186 <-> DISABLED <-> SERVER-OTHER CA eTrust key handling dos (password -- server-other.rules)
 * 1:11196 <-> DISABLED <-> SERVER-OTHER MaxDB WebDBM get buffer overflow (server-other.rules)
 * 1:11257 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (browser-ie.rules)
 * 1:11324 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Input Method Editor 3 ActiveX function call access (browser-plugins.rules)
 * 1:11443 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt (netbios.rules)
 * 1:11823 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX clsid unicode access (browser-plugins.rules)
 * 1:11824 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call access (browser-plugins.rules)
 * 1:11825 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call unicode access (browser-plugins.rules)
 * 1:11828 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Voice Control ActiveX function call access (browser-plugins.rules)
 * 1:11832 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Direct Speech Recognition ActiveX function call access (browser-plugins.rules)
 * 1:11837 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail file execution attempt (server-mail.rules)
 * 1:12064 <-> DISABLED <-> SERVER-IIS w3svc _vti_bin null pointer dereference attempt (server-iis.rules)
 * 1:12079 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12114 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12115 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12195 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Widgets Engine ActiveX function call access (browser-plugins.rules)
 * 1:12197 <-> DISABLED <-> SERVER-OTHER CA message queuing server buffer overflow attempt (server-other.rules)
 * 1:12205 <-> DISABLED <-> BROWSER-PLUGINS VMWare Vielib.dll ActiveX function call access (browser-plugins.rules)
 * 1:12212 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail literal search date command buffer overflow attempt (server-mail.rules)
 * 1:12217 <-> DISABLED <-> SERVER-OTHER Borland interbase string length buffer overflow attempt (server-other.rules)
 * 1:12261 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX clsid access (browser-plugins.rules)
 * 1:12263 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX function call access (browser-plugins.rules)
 * 1:12265 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX clsid access (browser-plugins.rules)
 * 1:12267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX function call access (browser-plugins.rules)
 * 1:12270 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TLIApplication ActiveX function call (browser-plugins.rules)
 * 1:12273 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid access (browser-plugins.rules)
 * 1:12275 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX function call access (browser-plugins.rules)
 * 1:12277 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS memory corruption exploit (browser-ie.rules)
 * 1:12281 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (browser-ie.rules)
 * 1:12282 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (browser-ie.rules)
 * 1:12332 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _TakeActionOnAFile attempt (netbios.rules)
 * 1:12341 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_a0030 attempt (netbios.rules)
 * 1:12444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX clsid access (browser-plugins.rules)
 * 1:12446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX function call access (browser-plugins.rules)
 * 1:12450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent Control ActiveX function call access (browser-plugins.rules)
 * 1:12452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent File Provider ActiveX clsid access (browser-plugins.rules)
 * 1:12463 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Visual Studio Crystal Reports RPT file handling buffer overflow attempt (os-windows.rules)
 * 1:12595 <-> DISABLED <-> SERVER-IIS malicious ASP file upload attempt (server-iis.rules)
 * 1:12612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX clsid access (browser-plugins.rules)
 * 1:12616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access attempt (browser-plugins.rules)
 * 1:12631 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging small offset malformed jpeg tables (os-windows.rules)
 * 1:12632 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging large offset malformed jpeg tables (os-windows.rules)
 * 1:12634 <-> DISABLED <-> FILE-IMAGE Microsoft Windows 2000 Kodak Imaging large offset malformed tiff 2 (file-image.rules)
 * 1:12642 <-> DISABLED <-> OS-WINDOWS RPC NTLMSSP malformed credentials (os-windows.rules)
 * 1:12643 <-> DISABLED <-> OS-WINDOWS Microsoft Windows URI External handler arbitrary command attempt (os-windows.rules)
 * 1:12664 <-> DISABLED <-> BROWSER-IE Microsoft Windows ShellExecute and Internet Explorer 7 url handling code execution attempt (browser-ie.rules)
 * 1:12687 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:12731 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX function call access (browser-plugins.rules)
 * 1:12742 <-> DISABLED <-> SERVER-OTHER Apple Quicktime UDP RTSP sdp type buffer overflow attempt (server-other.rules)
 * 1:12768 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules)
 * 1:12775 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer obfuscated Ierpplug.dll ActiveX exploit attempt (browser-plugins.rules)
 * 1:12780 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access attempt (browser-plugins.rules)
 * 1:12782 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access attempt (browser-plugins.rules)
 * 1:12985 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt (netbios.rules)
 * 1:13158 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format interchange data integer overflow attempt (file-multimedia.rules)
 * 1:13159 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format audio error masking integer overflow attempt (file-multimedia.rules)
 * 1:13160 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming audio spread error correction data length integer overflow attempt (file-multimedia.rules)
 * 1:13162 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (netbios.rules)
 * 1:13216 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX function call access (browser-plugins.rules)
 * 1:13222 <-> DISABLED <-> SERVER-OTHER Motorola Timbuktu crafted login request buffer overflow attempt (server-other.rules)
 * 1:13226 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar YShortcut ActiveX function call access (browser-plugins.rules)
 * 1:13269 <-> DISABLED <-> OS-WINDOWS Multiple product nntp uri handling code execution attempt (os-windows.rules)
 * 1:13270 <-> DISABLED <-> OS-WINDOWS Multiple product news uri handling code execution attempt (os-windows.rules)
 * 1:13271 <-> DISABLED <-> OS-WINDOWS Multiple product telnet uri handling code execution attempt (os-windows.rules)
 * 1:13272 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:13298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX function call access (browser-plugins.rules)
 * 1:13305 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX function call access (browser-plugins.rules)
 * 1:13316 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing ART buffer overflow attempt (file-multimedia.rules)
 * 1:13318 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cmt buffer overflow attempt (file-multimedia.rules)
 * 1:13319 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing des buffer overflow attempt (file-multimedia.rules)
 * 1:13320 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cpy buffer overflow attempt (file-multimedia.rules)
 * 1:13323 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX function call access (browser-plugins.rules)
 * 1:13421 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX function call access (browser-plugins.rules)
 * 1:13430 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13432 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX function call access (browser-plugins.rules)
 * 1:13434 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13436 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13438 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (browser-plugins.rules)
 * 1:13440 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (browser-plugins.rules)
 * 1:13442 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13444 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13448 <-> DISABLED <-> OS-WINDOWS Microsoft Windows vbscript/jscript scripting engine begin buffer overflow attempt (os-windows.rules)
 * 1:13453 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid access (browser-ie.rules)
 * 1:13454 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid unicode access (browser-ie.rules)
 * 1:13456 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX function call unicode access (browser-ie.rules)
 * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox streaming malicious metadata (server-other.rules)
 * 1:13541 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX function call access (browser-plugins.rules)
 * 1:13554 <-> DISABLED <-> SERVER-OTHER Sybase SQL Anywhere Mobilink version string buffer overflow (server-other.rules)
 * 1:13555 <-> DISABLED <-> SERVER-OTHER Sybase SQL Anywhere Mobilink remoteID string buffer overflow (server-other.rules)
 * 1:13580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components remote code execution attempt ActiveX clsid access (browser-plugins.rules)
 * 1:13583 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file download request (file-identify.rules)
 * 1:13584 <-> ENABLED <-> FILE-IDENTIFY CSV file download request (file-identify.rules)
 * 1:13585 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:13591 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan CGI password decryption buffer overflow attempt (server-webapp.rules)
 * 1:13605 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:13607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX clsid access (browser-plugins.rules)
 * 1:13609 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX function call access (browser-plugins.rules)
 * 1:13623 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX function call access (browser-plugins.rules)
 * 1:13629 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:13630 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:13633 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:13668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX clsid access (browser-plugins.rules)
 * 1:13670 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX function call access (browser-plugins.rules)
 * 1:13674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control 2 ActiveX function call access (browser-plugins.rules)
 * 1:13699 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:13720 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 3 ActiveX clsid access (browser-plugins.rules)
 * 1:13722 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 4 ActiveX clsid access (browser-plugins.rules)
 * 1:13724 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 5 ActiveX clsid access (browser-plugins.rules)
 * 1:13726 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 6 ActiveX clsid access (browser-plugins.rules)
 * 1:13728 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 7 ActiveX clsid access (browser-plugins.rules)
 * 1:13730 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 8 ActiveX clsid access (browser-plugins.rules)
 * 1:13732 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 9 ActiveX clsid access (browser-plugins.rules)
 * 1:13736 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 11 ActiveX clsid access (browser-plugins.rules)
 * 1:13738 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 12 ActiveX clsid access (browser-plugins.rules)
 * 1:13740 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 13 ActiveX clsid access (browser-plugins.rules)
 * 1:13742 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 14 ActiveX clsid access (browser-plugins.rules)
 * 1:13744 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 15 ActiveX clsid access (browser-plugins.rules)
 * 1:13746 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 16 ActiveX clsid access (browser-plugins.rules)
 * 1:13748 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 17 ActiveX clsid access (browser-plugins.rules)
 * 1:13750 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 18 ActiveX clsid access (browser-plugins.rules)
 * 1:13752 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 19 ActiveX clsid access (browser-plugins.rules)
 * 1:13754 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 20 ActiveX clsid access (browser-plugins.rules)
 * 1:13756 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 21 ActiveX clsid access (browser-plugins.rules)
 * 1:13804 <-> DISABLED <-> SERVER-OTHER Borland Software InterBase ibserver.exe Service Attach Request buffer overflow attempt (server-other.rules)
 * 1:13821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13823 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX SAMI file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:13824 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (file-multimedia.rules)
 * 1:13888 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13889 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13890 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13891 <-> DISABLED <-> SERVER-MSSQL Memory page overwrite attempt  (server-mssql.rules)
 * 1:13892 <-> DISABLED <-> SERVER-MSSQL Convert function style overwrite  (server-mssql.rules)
 * 1:13903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13912 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer isComponentInstalled attack attempt (browser-ie.rules)
 * 1:13918 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13922 <-> DISABLED <-> SERVER-IIS Microsoft IIS HTMLEncode Unicode string buffer overflow  (server-iis.rules)
 * 1:13948 <-> DISABLED <-> PROTOCOL-DNS large number of NXDOMAIN replies - possible DNS cache poisoning (protocol-dns.rules)
 * 1:13960 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (browser-ie.rules)
 * 1:13963 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (browser-ie.rules)
 * 1:13964 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption attempt (browser-ie.rules)
 * 1:14023 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:14027 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14029 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:14031 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14040 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt (server-other.rules)
 * 1:14041 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt - 2 (server-other.rules)
 * 1:14042 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer General Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:14044 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX function call access (browser-plugins.rules)
 * 1:14046 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14048 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14050 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14052 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX function call access (browser-plugins.rules)
 * 1:14257 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (browser-plugins.rules)
 * 1:14607 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:14613 <-> DISABLED <-> BROWSER-PLUGINS VMWare VMCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft RSClientPrint ActiveX clsid access (browser-plugins.rules)
 * 1:14647 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search Search filename size integer underflow attempt (os-windows.rules)
 * 1:14648 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14650 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14651 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14652 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14653 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14654 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14726 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt (os-windows.rules)
 * 1:14758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX function call access (browser-plugins.rules)
 * 1:14762 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX function call access (browser-plugins.rules)
 * 1:14765 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service Agent ActiveX function call (browser-plugins.rules)
 * 1:14773 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer handshake buffer overflow attempt (server-other.rules)
 * 1:14783 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (os-windows.rules)
 * 1:14896 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB v4 srvsvc NetrpPathCononicalize unicode path cononicalization stack overflow attempt (os-windows.rules)
 * 1:14897 <-> DISABLED <-> BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX function call access (browser-plugins.rules)
 * 1:14988 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt (netbios.rules)
 * 1:14990 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory SOAP Accept Charset header overflow attempt (server-webapp.rules)
 * 1:15012 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML DLL memory corruption attempt (browser-ie.rules)
 * 1:15084 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX clsid access (browser-plugins.rules)
 * 1:15086 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX function call access (browser-plugins.rules)
 * 1:15096 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15102 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:15109 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15112 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX function call access (browser-plugins.rules)
 * 1:15146 <-> DISABLED <-> SERVER-OTHER Apple CUPS RGB+Alpha PNG filter overly large image height integer overflow attempt (server-other.rules)
 * 1:15186 <-> DISABLED <-> SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (server-other.rules)
 * 1:15191 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox animated PNG processing integer overflow (browser-firefox.rules)
 * 1:15197 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15198 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode param_count underflow attempt (os-windows.rules)
 * 1:15199 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15200 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15201 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15202 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15203 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15204 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15205 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15207 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15208 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15209 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15210 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15211 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15212 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15213 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15214 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15215 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15216 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15217 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15218 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15219 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15221 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode param_count underflow attempt (os-windows.rules)
 * 1:15224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15245 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX function call access (browser-plugins.rules)
 * 1:15256 <-> DISABLED <-> SERVER-ORACLE BPEL process manager XSS injection attempt (server-oracle.rules)
 * 1:15257 <-> DISABLED <-> SERVER-ORACLE Secure Backup common.php variable based command injection attempt (server-oracle.rules)
 * 1:15268 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode ActiveX function call access (browser-plugins.rules)
 * 1:15299 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (file-office.rules)
 * 1:15303 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Malformed IconBitsComponent arbitrary code execution attempt (file-office.rules)
 * 1:15313 <-> DISABLED <-> BROWSER-PLUGINS Research In Motion AxLoader ActiveX function call access (browser-plugins.rules)
 * 1:15358 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:15422 <-> DISABLED <-> SERVER-OTHER Sun One web proxy server overflow attempt (server-other.rules)
 * 1:15430 <-> DISABLED <-> FILE-OTHER Microsoft EMF+ GpFont.SetData buffer overflow attempt (file-other.rules)
 * 1:15455 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office Text Converters XST parsing buffer overflow attempt (file-office.rules)
 * 1:15457 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (os-windows.rules)
 * 1:15459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted/unitialized object memory corruption attempt (browser-ie.rules)
 * 1:15460 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ActiveX load/unload race condition attempt (browser-ie.rules)
 * 1:15468 <-> ENABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:15479 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP Request Proxy-Require header heap buffer overflow attempt (server-other.rules)
 * 1:15482 <-> DISABLED <-> SERVER-OTHER Oracle Java System sockd authentication buffer overflow attempt (server-other.rules)
 * 1:15508 <-> DISABLED <-> SERVER-OTHER DCERPC NCADG-IP-UDP lsarpc LsarLookupSids translated_names overflow attempt (server-other.rules)
 * 1:15523 <-> DISABLED <-> OS-WINDOWS Microsoft Windows srvsvc NetrShareEnum netname overflow attempt (os-windows.rules)
 * 1:15524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15526 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:15529 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain navigation cookie stealing attempt (browser-ie.rules)
 * 1:15554 <-> DISABLED <-> SERVER-ORACLE Application Server 10g OPMN service format string vulnerability exploit attempt (server-oracle.rules)
 * 1:15588 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15590 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 10 ActiveX clsid access (browser-plugins.rules)
 * 1:15592 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 11 ActiveX clsid access (browser-plugins.rules)
 * 1:15594 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 12 ActiveX clsid access (browser-plugins.rules)
 * 1:15596 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 13 ActiveX clsid access (browser-plugins.rules)
 * 1:15598 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 14 ActiveX clsid access (browser-plugins.rules)
 * 1:15600 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 15 ActiveX clsid access (browser-plugins.rules)
 * 1:15602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 16 ActiveX clsid access (browser-plugins.rules)
 * 1:15604 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 17 ActiveX clsid access (browser-plugins.rules)
 * 1:15606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 18 ActiveX clsid access (browser-plugins.rules)
 * 1:15608 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 19 ActiveX clsid access (browser-plugins.rules)
 * 1:15610 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 20 ActiveX clsid access (browser-plugins.rules)
 * 1:15614 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 21 ActiveX clsid access (browser-plugins.rules)
 * 1:15616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 22 ActiveX clsid access (browser-plugins.rules)
 * 1:15618 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 23 ActiveX clsid access (browser-plugins.rules)
 * 1:15620 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 24 ActiveX clsid access (browser-plugins.rules)
 * 1:15622 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 25 ActiveX clsid access (browser-plugins.rules)
 * 1:15624 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 26 ActiveX clsid access (browser-plugins.rules)
 * 1:15626 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 27 ActiveX clsid access (browser-plugins.rules)
 * 1:15628 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 28 ActiveX clsid access (browser-plugins.rules)
 * 1:15630 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 29 ActiveX clsid access (browser-plugins.rules)
 * 1:15632 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 3 ActiveX clsid access (browser-plugins.rules)
 * 1:15634 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 30 ActiveX clsid access (browser-plugins.rules)
 * 1:15636 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 31 ActiveX clsid access (browser-plugins.rules)
 * 1:15640 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 33 ActiveX clsid access (browser-plugins.rules)
 * 1:15642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 34 ActiveX clsid access (browser-plugins.rules)
 * 1:15644 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 35 ActiveX clsid access (browser-plugins.rules)
 * 1:15646 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 36 ActiveX clsid access (browser-plugins.rules)
 * 1:15648 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 37 ActiveX clsid access (browser-plugins.rules)
 * 1:15650 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 38 ActiveX clsid access (browser-plugins.rules)
 * 1:15652 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 39 ActiveX clsid access (browser-plugins.rules)
 * 1:15654 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 4 ActiveX clsid access (browser-plugins.rules)
 * 1:15656 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 40 ActiveX clsid access (browser-plugins.rules)
 * 1:15658 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 41 ActiveX clsid access (browser-plugins.rules)
 * 1:15660 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 42 ActiveX clsid access (browser-plugins.rules)
 * 1:15662 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 43 ActiveX clsid access (browser-plugins.rules)
 * 1:15664 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 44 ActiveX clsid access (browser-plugins.rules)
 * 1:15666 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 45 ActiveX clsid access (browser-plugins.rules)
 * 1:15668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 5 ActiveX clsid access (browser-plugins.rules)
 * 1:15671 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX function call (browser-plugins.rules)
 * 1:15674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 8 ActiveX clsid access (browser-plugins.rules)
 * 1:15676 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 9 ActiveX clsid access (browser-plugins.rules)
 * 1:15678 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:15679 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (browser-plugins.rules)
 * 1:15684 <-> DISABLED <-> OS-WINDOWS Multiple product snews uri handling code execution attempt (os-windows.rules)
 * 1:15687 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 10 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15689 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:15691 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15695 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (file-other.rules)
 * 1:15703 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15704 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMSS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15705 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PCAST protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15706 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes DAAP protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15849 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (os-windows.rules)
 * 1:15852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components Datasource ActiveX clsid access (browser-plugins.rules)
 * 1:15855 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (browser-plugins.rules)
 * 1:15881 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters Name Field attempt (netbios.rules)
 * 1:15894 <-> DISABLED <-> OS-WINDOWS Microsoft Color Management Module remote code execution attempt (os-windows.rules)
 * 1:15907 <-> DISABLED <-> OS-LINUX Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (os-linux.rules)
 * 1:15911 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt (netbios.rules)
 * 1:15924 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:15943 <-> DISABLED <-> SERVER-OTHER CA Multiple Products Console Server login credentials handling overflow attempt (server-other.rules)
 * 1:15949 <-> DISABLED <-> FILE-OTHER McAfee LHA file handling overflow attempt (file-other.rules)
 * 1:15952 <-> DISABLED <-> SERVER-MYSQL create function libc arbitrary code execution attempt (server-mysql.rules)
 * 1:15992 <-> DISABLED <-> FILE-OTHER Trend Micro Products Antivirus Library overflow attempt (file-other.rules)
 * 1:16002 <-> DISABLED <-> FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (file-other.rules)
 * 1:16003 <-> DISABLED <-> FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (file-other.rules)
 * 1:16023 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Vista Windows mail file execution attempt (file-executable.rules)
 * 1:16024 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (browser-firefox.rules)
 * 1:16034 <-> DISABLED <-> SERVER-SAMBA Samba spools RPC smb_io_notify_option_type_data request handling buffer overflow attempt (server-samba.rules)
 * 1:16043 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html tag memory corruption attempt (browser-ie.rules)
 * 1:16050 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (browser-firefox.rules)
 * 1:16068 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music Jukebox ActiveX exploit (browser-plugins.rules)
 * 1:16073 <-> DISABLED <-> OS-WINDOWS MS-SQL convert function unicode overflow (os-windows.rules)
 * 1:16074 <-> DISABLED <-> SQL Suspicious SQL ansi_padding option (sql.rules)
 * 1:16191 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration server authentication bypass attempt - via GET (server-oracle.rules)
 * 1:16193 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent SMTP AUTH LOGIN command buffer overflow attempt (server-mail.rules)
 * 1:16194 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory HTTP request content-length heap buffer overflow attempt (server-webapp.rules)
 * 1:16198 <-> DISABLED <-> SERVER-APACHE Apache mod_auth_pgsql module logging facility format string exploit attempt (server-apache.rules)
 * 1:16296 <-> DISABLED <-> FILE-OTHER Kaspersky antivirus library heap buffer overflow - with optional fields (file-other.rules)
 * 1:16364 <-> DISABLED <-> SERVER-OTHER IBM DB2 database server SQLSTT denial of service attempt (server-other.rules)
 * 1:16432 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:16521 <-> DISABLED <-> SERVER-OTHER Squid Proxy http version number overflow attempt (server-other.rules)
 * 1:16578 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder 9 ActiveX buffer overflow attempt (os-windows.rules)
 * 1:16588 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX clsid access (browser-plugins.rules)
 * 1:16602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow 3 ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:16607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX control access attempt (browser-plugins.rules)
 * 1:16610 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (browser-plugins.rules)
 * 1:16679 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDIplus integer overflow attempt (os-windows.rules)
 * 1:16690 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:16748 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX function call access (browser-plugins.rules)
 * 1:16751 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16762 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX andx attempt (netbios.rules)
 * 1:16764 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX unicode andx attempt (netbios.rules)
 * 1:16766 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow andx attempt (netbios.rules)
 * 1:16777 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16778 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16786 <-> DISABLED <-> FILE-OFFICE Microsoft Office Web Components Spreadsheet ActiveX buffer overflow attempt (file-office.rules)
 * 1:16798 <-> DISABLED <-> FILE-OTHER Orbit Downloader long URL buffer overflow attempt (file-other.rules)
 * 1:17050 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration Server authentication bypass attempt (server-webapp.rules)
 * 1:17052 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17053 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17054 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17213 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (browser-firefox.rules)
 * 1:17220 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17221 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17222 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17226 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX initialization via script (browser-plugins.rules)
 * 1:17228 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player skin decompression code execution attempt (os-windows.rules)
 * 1:17262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17269 <-> DISABLED <-> PROTOCOL-TELNET Client env_opt_add Buffer Overflow attempt (protocol-telnet.rules)
 * 1:17272 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer AVI parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17280 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (server-webapp.rules)
 * 1:17313 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17348 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17349 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17370 <-> ENABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17374 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:17379 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (browser-firefox.rules)
 * 1:17384 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17385 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17386 <-> DISABLED <-> SERVER-WEBAPP Lighttpd mod_fastcgi Extension CGI Variable Overwriting Vulnerability attempt (server-webapp.rules)
 * 1:17388 <-> DISABLED <-> FILE-IMAGE OpenOffice EMF file EMR record parsing integer overflow attempt (file-image.rules)
 * 1:17405 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17406 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17413 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:17415 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (browser-firefox.rules)
 * 1:17440 <-> DISABLED <-> SERVER-IIS RSA authentication agent for web redirect buffer overflow attempt (server-iis.rules)
 * 1:17459 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17460 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17464 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX clsid access (browser-plugins.rules)
 * 1:17467 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17468 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17471 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17472 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17474 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17475 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17476 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt (server-oracle.rules)
 * 1:17477 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17478 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17479 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17480 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17489 <-> DISABLED <-> FILE-OTHER Microsoft Windows Help File Heap Buffer Overflow attempt (file-other.rules)
 * 1:17498 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17499 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17500 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17501 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17502 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17508 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file download request (file-identify.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:17512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17513 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17514 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17516 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17546 <-> DISABLED <-> FILE-IDENTIFY Microsoft Media Player compressed skin download request (file-identify.rules)
 * 1:17568 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:17570 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (browser-firefox.rules)
 * 1:17598 <-> ENABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17619 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17624 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (file-java.rules)
 * 1:17626 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (os-windows.rules)
 * 1:17628 <-> DISABLED <-> FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (file-image.rules)
 * 1:17634 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian object call overflow attempt (netbios.rules)
 * 1:17636 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 object call overflow attempt (netbios.rules)
 * 1:17637 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 overflow attempt (netbios.rules)
 * 1:17643 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCServe logger servie null-pointer dereference attempt (server-other.rules)
 * 1:17644 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (browser-ie.rules)
 * 1:17646 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:17652 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS source code disclosure attempt (server-iis.rules)
 * 1:17664 <-> DISABLED <-> FILE-OFFICE Microsoft Office GIF image descriptor memory corruption attempt (file-office.rules)
 * 1:17678 <-> DISABLED <-> FILE-IMAGE Adobe BMP image handler buffer overflow attempt (file-image.rules)
 * 1:17691 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17695 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:17736 <-> DISABLED <-> SERVER-OTHER McAfee LHA Type-2 file handling overflow attempt (server-other.rules)
 * 1:17808 <-> DISABLED <-> FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (file-flash.rules)
 * 1:18171 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18172 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18173 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18189 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18190 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18191 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18192 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18193 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18194 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18248 <-> DISABLED <-> SERVER-OTHER Unisys Business Information Server stack buffer overflow attempt (server-other.rules)
 * 1:18250 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products EscapeAttributeValue integer overflow attempt (browser-firefox.rules)
 * 1:18283 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:18284 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:18285 <-> DISABLED <-> SERVER-OTHER BrightStor ARCserve backup tape engine buffer overflow attempt (server-other.rules)
 * 1:18291 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 77 Attempt (server-other.rules)
 * 1:18292 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 84 Attempt (server-other.rules)
 * 1:18296 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products frame comment objects manipulation memory corruption attempt (browser-firefox.rules)
 * 1:18303 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler overflow attempt (browser-ie.rules)
 * 1:18304 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18305 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18306 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18313 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:18317 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail RCPT TO proxy overflow attempt (server-mail.rules)
 * 1:18319 <-> DISABLED <-> SERVER-SAMBA Samba DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (server-samba.rules)
 * 1:18476 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:18484 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (file-multimedia.rules)
 * 1:18512 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:18518 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:18520 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18521 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18522 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18523 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules)
 * 1:18574 <-> DISABLED <-> SERVER-MAIL RCPT TO overflow (server-mail.rules)
 * 1:18579 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager OpenView5 CGI buffer overflow attempt (server-webapp.rules)
 * 1:18591 <-> DISABLED <-> FILE-OTHER CoolPlayer Playlist File Handling Buffer Overflow (file-other.rules)
 * 1:18600 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:18603 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (server-mail.rules)
 * 1:18616 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18635 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:18710 <-> DISABLED <-> SERVER-OTHER McAfee ePolicy Orchestrator Framework Services buffer overflow attempt (server-other.rules)
 * 1:18771 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18772 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18800 <-> DISABLED <-> FILE-OTHER Adobe RoboHelp Server Arbitrary File Upload (file-other.rules)
 * 1:18905 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18906 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18907 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18908 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18909 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18910 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18911 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18912 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18913 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18914 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18915 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18916 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18917 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18918 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18919 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18920 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18921 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18922 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18923 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18924 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18925 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18962 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:18992 <-> DISABLED <-> FILE-FLASH Adobe Flash Player content parsing execution attempt (file-flash.rules)
 * 1:19079 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getElementById object corruption (browser-ie.rules)
 * 1:19087 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19088 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19089 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19090 <-> DISABLED <-> SERVER-OTHER CA Discovery Serice Overflow Attempt (server-other.rules)
 * 1:19293 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:1930 <-> DISABLED <-> PROTOCOL-IMAP auth literal overflow attempt (protocol-imap.rules)
 * 1:19559 <-> DISABLED <-> INDICATOR-SCAN SSH brute force login attempt (indicator-scan.rules)
 * 1:19599 <-> DISABLED <-> SERVER-ORACLE Warehouse builder WE_OLAP_AW_REMOVE_SOLVE_ID SQL Injection attempt (server-oracle.rules)
 * 1:19618 <-> DISABLED <-> FILE-OTHER Multiple products dwmapi.dll dll-load exploit attempt (file-other.rules)
 * 1:19693 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:19714 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:19811 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:19815 <-> DISABLED <-> SERVER-OTHER HP Operations Manager Server Default Credientials in use attempt (server-other.rules)
 * 1:19892 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System modem string buffer overflow attempt (server-other.rules)
 * 1:19925 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX client browser plugin call-back-url buffer overflow attempt (browser-plugins.rules)
 * 1:20071 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID access (browser-plugins.rules)
 * 1:20204 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Taidoor variant outbound connection (malware-cnc.rules)
 * 1:20277 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:20278 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:20279 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:20546 <-> DISABLED <-> SERVER-OTHER BakBone NetVault client heap overflow attempt (server-other.rules)
 * 1:20552 <-> DISABLED <-> SERVER-MAIL Mercury Mail Transport System buffer overflow attempt (server-mail.rules)
 * 1:20554 <-> ENABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:20555 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:20575 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:20576 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:20590 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:20671 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory Crafted LDAP ModifyRequest (os-windows.rules)
 * 1:20744 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player DirectShow MPEG-2 memory corruption attempt (os-windows.rules)
 * 1:20878 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:20879 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:20882 <-> ENABLED <-> FILE-OFFICE Microsoft Windows embedded packager object identifier (file-office.rules)
 * 1:20883 <-> DISABLED <-> FILE-OFFICE Microsoft Windows embedded packager object with .application extension bypass attempt (file-office.rules)
 * 1:21003 <-> DISABLED <-> MALWARE-CNC Cute Pack cute-ie.html request (malware-cnc.rules)
 * 1:21004 <-> DISABLED <-> MALWARE-CNC Cute Pack cute-ie.html landing page (malware-cnc.rules)
 * 1:21006 <-> DISABLED <-> MALWARE-CNC Yang Pack yg.htm landing page (malware-cnc.rules)
 * 1:21041 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - main.php?page= (exploit-kit.rules)
 * 1:21042 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?f= (exploit-kit.rules)
 * 1:21043 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?e= (exploit-kit.rules)
 * 1:21044 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:21045 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:2105 <-> DISABLED <-> PROTOCOL-IMAP authenticate literal overflow attempt (protocol-imap.rules)
 * 1:2106 <-> DISABLED <-> PROTOCOL-IMAP lsub overflow attempt (protocol-imap.rules)
 * 1:21068 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit landing page (exploit-kit.rules)
 * 1:21069 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit exploit fetch request (exploit-kit.rules)
 * 1:21070 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit pdf exploit page request (exploit-kit.rules)
 * 1:21071 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit post-exploit page request (exploit-kit.rules)
 * 1:21084 <-> DISABLED <-> SERVER-MSSQL MSSQL CONVERT function buffer overflow attempt (server-mssql.rules)
 * 1:21085 <-> DISABLED <-> SERVER-MSSQL MSSQL CONVERT function unicode buffer overflow attempt (server-mssql.rules)
 * 1:21096 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit control panel access (exploit-kit.rules)
 * 1:21097 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit post-exploit download request (exploit-kit.rules)
 * 1:21098 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:21099 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit malicious pdf request (exploit-kit.rules)
 * 1:21141 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit control panel access (exploit-kit.rules)
 * 1:21156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21158 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21163 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook VEVENT overflow attempt (file-office.rules)
 * 1:21186 <-> DISABLED <-> SERVER-ORACLE MDSYS drop table trigger injection attempt (server-oracle.rules)
 * 1:21233 <-> DISABLED <-> SERVER-WEBAPP Symantec Antivirus admin scan interface negative Content-Length attempt (server-webapp.rules)
 * 1:21259 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit response (exploit-kit.rules)
 * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21298 <-> DISABLED <-> SERVER-WEBAPP Microsoft SharePoint chart webpart XSS attempt (server-webapp.rules)
 * 1:21309 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules)
 * 1:21310 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules)
 * 1:21343 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit pdf request (exploit-kit.rules)
 * 1:21344 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit pdf download (exploit-kit.rules)
 * 1:21345 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit malicious jar request (exploit-kit.rules)
 * 1:21346 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit malicious jar download (exploit-kit.rules)
 * 1:21347 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - .php?page= (exploit-kit.rules)
 * 1:21348 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - search.php?page= (exploit-kit.rules)
 * 1:21414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules)
 * 1:21438 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit JavaScript carat string splitting with hostile applet (exploit-kit.rules)
 * 1:21462 <-> DISABLED <-> FILE-JAVA Oracle Java Plugin security bypass (file-java.rules)
 * 1:21492 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21529 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 Find_First2 filename overflow attempt (os-windows.rules)
 * 1:21539 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific header (exploit-kit.rules)
 * 1:21549 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific header (exploit-kit.rules)
 * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21567 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21581 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - BBB (exploit-kit.rules)
 * 1:21640 <-> DISABLED <-> EXPLOIT-KIT Phoenix exploit kit landing page (exploit-kit.rules)
 * 1:21646 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21647 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:21657 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:21658 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:21659 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Home/index.php (exploit-kit.rules)
 * 1:21660 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Index/index.php (exploit-kit.rules)
 * 1:21661 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - catch (exploit-kit.rules)
 * 1:21754 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:21766 <-> DISABLED <-> FILE-IMAGE Apple QuickDraw PICT images ARGB records handling memory corruption attempt (file-image.rules)
 * 1:21770 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21771 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21772 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21773 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21774 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21775 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21791 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21794 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:21806 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:21860 <-> ENABLED <-> MALWARE-CNC Phoenix exploit kit post-compromise behavior (malware-cnc.rules)
 * 1:21874 <-> ENABLED <-> EXPLOIT-KIT Possible exploit kit post compromise activity - StrReverse (exploit-kit.rules)
 * 1:21875 <-> ENABLED <-> EXPLOIT-KIT Possible exploit kit post compromise activity - taskkill (exploit-kit.rules)
 * 1:21876 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit landing page with specific structure - Loading (exploit-kit.rules)
 * 1:21917 <-> DISABLED <-> SERVER-OTHER Novell Groupwise HTTP response message parsing overflow (server-other.rules)
 * 1:21928 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:21931 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:21932 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:21933 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (file-office.rules)
 * 1:21942 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:21943 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:22003 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:22004 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22005 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22006 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22007 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22008 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22010 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22011 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22012 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:22039 <-> DISABLED <-> EXPLOIT-KIT Blackhole suspected landing page (exploit-kit.rules)
 * 1:22040 <-> DISABLED <-> EXPLOIT-KIT Blackhole suspected landing page (exploit-kit.rules)
 * 1:22041 <-> DISABLED <-> EXPLOIT-KIT Blackhole landing redirection page (exploit-kit.rules)
 * 1:22081 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:22949 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:22951 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (server-webapp.rules)
 * 1:23010 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules)
 * 1:23055 <-> DISABLED <-> PROTOCOL-FTP Cisco IOS FTP MKD buffer overflow attempt (protocol-ftp.rules)
 * 1:23091 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23092 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23093 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23094 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23095 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23105 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23127 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET xbap STGMEDIUM.unionmember arbitrary number overwrite attempt (file-executable.rules)
 * 1:23142 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23143 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23144 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23145 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23146 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23150 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed graphic record code execution attempt (file-office.rules)
 * 1:23153 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23154 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23155 <-> DISABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23156 <-> DISABLED <-> EXPLOIT-KIT Nuclear Pack exploit kit landing page (exploit-kit.rules)
 * 1:23157 <-> ENABLED <-> EXPLOIT-KIT Nuclear Pack exploit kit binary download (exploit-kit.rules)
 * 1:23158 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:23159 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:23162 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Online ncrypt.dll dll-load exploit attempt (os-windows.rules)
 * 1:23163 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Online wlanapi.dll dll-load exploit attempt (os-windows.rules)
 * 1:23165 <-> DISABLED <-> SERVER-OTHER Microsoft Lync Online wlanapi.dll dll-load exploit attempt (server-other.rules)
 * 1:23181 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework xbap DataObject object pointer attempt (file-executable.rules)
 * 1:23211 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook arbitrary command line attempt (file-office.rules)
 * 1:23218 <-> ENABLED <-> EXPLOIT-KIT Redkit Repeated Exploit Request Pattern (exploit-kit.rules)
 * 1:23224 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page Requested - 8Digit.html (exploit-kit.rules)
 * 1:23228 <-> DISABLED <-> BROWSER-PLUGINS Oracle Webcenter ActiveX clsid access (browser-plugins.rules)
 * 1:23240 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules)
 * 1:23259 <-> DISABLED <-> SERVER-WEBAPP LANDesk Thinkmanagement Suite ServerSetup directory traversal attempt (server-webapp.rules)
 * 1:23266 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23267 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23268 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23270 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules)
 * 1:23272 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23279 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (server-webapp.rules)
 * 1:23283 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23287 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23288 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23289 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23290 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23291 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23292 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23293 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23294 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23295 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23296 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23297 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23299 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23300 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23301 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23302 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23304 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23371 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:23407 <-> DISABLED <-> SERVER-WEBAPP Apple iChat url format string exploit attempt (server-webapp.rules)
 * 1:23499 <-> DISABLED <-> FILE-OTHER Microsoft Windows CUR file parsing overflow attempt (file-other.rules)
 * 1:23500 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt (file-pdf.rules)
 * 1:23501 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23502 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23503 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23505 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compressed media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23508 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:23509 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules)
 * 1:23510 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules)
 * 1:23511 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules)
 * 1:23512 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules)
 * 1:23526 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:23527 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:23528 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules)
 * 1:23534 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:23535 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Download of version 4.0 file (file-office.rules)
 * 1:23536 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint CurrentUserAtom remote code execution attempt (file-office.rules)
 * 1:23537 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint HashCode10Atom memory corruption attempt (file-office.rules)
 * 1:23538 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PP7 Component buffer overflow attempt (file-office.rules)
 * 1:23539 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:23545 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules)
 * 1:23546 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules)
 * 1:23547 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules)
 * 1:23548 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:23549 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:23550 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules)
 * 1:23551 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:23552 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:23553 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:23554 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:23558 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:23559 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:23560 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23561 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules)
 * 1:23562 <-> DISABLED <-> FILE-OTHER Microsoft MHTML XSS attempt (file-other.rules)
 * 1:23563 <-> DISABLED <-> FILE-OTHER Microsoft Windows MHTML XSS attempt (file-other.rules)
 * 1:23565 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI DirectShow QuickTime parsing overflow attempt (file-multimedia.rules)
 * 1:23567 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI Header insufficient data corruption attempt (file-multimedia.rules)
 * 1:23568 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23569 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23570 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (file-multimedia.rules)
 * 1:23571 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (file-multimedia.rules)
 * 1:23572 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (file-multimedia.rules)
 * 1:23573 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (file-multimedia.rules)
 * 1:23574 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (file-multimedia.rules)
 * 1:23575 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23576 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23579 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules)
 * 1:23581 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23582 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules)
 * 1:23583 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23584 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules)
 * 1:23585 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:23586 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23591 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:23592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules)
 * 1:23619 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch broken (exploit-kit.rules)
 * 1:23622 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page request - tkr (exploit-kit.rules)
 * 1:23623 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime VR Track Header Atom heap corruption attempt (file-multimedia.rules)
 * 1:23699 <-> DISABLED <-> FILE-IDENTIFY SAP Crystal Reports file magic detected (file-identify.rules)
 * 1:23700 <-> DISABLED <-> FILE-IDENTIFY Microsoft Word for Mac 5 file magic detected (file-identify.rules)
 * 1:23701 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:23715 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access file magic detected (file-identify.rules)
 * 1:23716 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:23717 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:23718 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:23781 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:23785 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.floor catch (exploit-kit.rules)
 * 1:23786 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.round catch (exploit-kit.rules)
 * 1:23797 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection page (exploit-kit.rules)
 * 1:23837 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB host announcement format string exploit attempt (os-windows.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:23843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23848 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:23849 <-> DISABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:23850 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - hwehes (exploit-kit.rules)
 * 1:23943 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Visual Basic 6.0 malformed AVI buffer overflow attempt (file-multimedia.rules)
 * 1:23956 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23962 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - fewbgazr catch (exploit-kit.rules)
 * 1:23992 <-> DISABLED <-> FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (file-office.rules)
 * 1:24053 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (exploit-kit.rules)
 * 1:24054 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (exploit-kit.rules)
 * 1:24124 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:24186 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF variable name overflow attempt (file-office.rules)
 * 1:24187 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:24188 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:24189 <-> DISABLED <-> FILE-IMAGE XPM file format overflow attempt (file-image.rules)
 * 1:24197 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules)
 * 1:24198 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (server-webapp.rules)
 * 1:24200 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules)
 * 1:24203 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24204 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24205 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24220 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules)
 * 1:24226 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page received (exploit-kit.rules)
 * 1:24228 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page Received (exploit-kit.rules)
 * 1:24237 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (file-executable.rules)
 * 1:24238 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (file-executable.rules)
 * 1:24240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24242 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24272 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:24273 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:24274 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24275 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24276 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24277 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:24278 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:24279 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:24280 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request attempt (server-webapp.rules)
 * 1:24314 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules)
 * 1:24379 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24380 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24452 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG rendering buffer overflow attempt (browser-ie.rules)
 * 1:24501 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit fallback executable download (exploit-kit.rules)
 * 1:24535 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table integer overflow attempt (file-other.rules)
 * 1:24543 <-> DISABLED <-> EXPLOIT-KIT Blackhole admin page inbound access attempt (exploit-kit.rules)
 * 1:24544 <-> DISABLED <-> EXPLOIT-KIT Blackhole admin page outbound access attempt (exploit-kit.rules)
 * 1:24546 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24547 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24548 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24550 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (file-multimedia.rules)
 * 1:24556 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24557 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24558 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24593 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page received - specific structure (exploit-kit.rules)
 * 1:24599 <-> ENABLED <-> FILE-IDENTIFY Alt-N MDaemon IMAP Server (file-identify.rules)
 * 1:24608 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24636 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (exploit-kit.rules)
 * 1:24637 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (exploit-kit.rules)
 * 1:24638 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:24641 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie buffer overflow attempt (file-multimedia.rules)
 * 1:24657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules)
 * 1:24672 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules)
 * 1:24681 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24682 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24683 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24684 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24685 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24695 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules)
 * 1:24699 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24719 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP call state message offhook (protocol-voip.rules)
 * 1:24728 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (server-webapp.rules)
 * 1:24771 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:24772 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (browser-plugins.rules)
 * 1:24815 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio VSD file icon memory corruption attempt (file-office.rules)
 * 1:24823 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:24839 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:24840 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - JAR redirection (exploit-kit.rules)
 * 1:24904 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24905 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24906 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24907 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup exec_qr command injection attempt (server-oracle.rules)
 * 1:24913 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules)
 * 1:24915 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24997 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24999 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:25000 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:25043 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit url structure detected (exploit-kit.rules)
 * 1:25044 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25051 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit landing page redirection (exploit-kit.rules)
 * 1:25052 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit Java Exploit requested - 3 digit (exploit-kit.rules)
 * 1:25053 <-> DISABLED <-> EXPLOIT-KIT Redkit outbound class retrieval (exploit-kit.rules)
 * 1:25065 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:25066 <-> DISABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:25067 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riler variant outbound connection (malware-cnc.rules)
 * 1:25068 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riler inbound connection (malware-cnc.rules)
 * 1:25232 <-> DISABLED <-> BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (browser-firefox.rules)
 * 1:25233 <-> DISABLED <-> BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (browser-firefox.rules)
 * 1:25246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:25251 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules)
 * 1:25298 <-> DISABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules)
 * 1:25311 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules)
 * 1:25383 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.exe (exploit-kit.rules)
 * 1:25384 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - contacts.exe (exploit-kit.rules)
 * 1:25385 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - calc.exe (exploit-kit.rules)
 * 1:25386 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - about.exe (exploit-kit.rules)
 * 1:25387 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - readme.exe (exploit-kit.rules)
 * 1:25388 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:25389 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25390 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25391 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit obfuscated payload download (exploit-kit.rules)
 * 1:25502 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft GDI EMF malformed file buffer overflow attempt (file-multimedia.rules)
 * 1:25568 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:25569 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page (exploit-kit.rules)
 * 1:25587 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:25588 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader FlateDecode integer overflow attempt (file-pdf.rules)
 * 1:25611 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:25649 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:25797 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules)
 * 1:25800 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit Javascript request (exploit-kit.rules)
 * 1:25802 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit encoded portable executable request (exploit-kit.rules)
 * 1:25856 <-> DISABLED <-> PROTOCOL-TELNET Client env_opt_add Buffer Overflow attempt (protocol-telnet.rules)
 * 1:25969 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (file-office.rules)
 * 1:25972 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit three number PDF Request (exploit-kit.rules)
 * 1:26066 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26067 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26068 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26069 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:26089 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio version number anomaly (file-office.rules)
 * 1:26109 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Obji Atom parsing stack buffer overflow attempt (file-multimedia.rules)
 * 1:26174 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:26175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:26227 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:26329 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel format record code execution attempt (file-office.rules)
 * 1:26330 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint TxMasterStyle10Atom atom numLevels buffer overflow attempt (file-office.rules)
 * 1:26337 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26338 <-> ENABLED <-> EXPLOIT-KIT IFRAMEr injection detection - leads to exploit kit (exploit-kit.rules)
 * 1:26339 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval - ff.php (exploit-kit.rules)
 * 1:26341 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:26342 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26343 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:26372 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:26373 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:26421 <-> DISABLED <-> BROWSER-PLUGINS Metalink file download parameter buffer overflow attempt (browser-plugins.rules)
 * 1:26434 <-> DISABLED <-> EXPLOIT-KIT Blackholev2 exploit kit jar file downloaded (exploit-kit.rules)
 * 1:26453 <-> DISABLED <-> FILE-OFFICE OpenOffice OLE File Stream Buffer Overflow attempt (file-office.rules)
 * 1:26472 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:26473 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26474 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26475 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26476 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26477 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26478 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26508 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.dll (exploit-kit.rules)
 * 1:26535 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26536 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:26599 <-> ENABLED <-> EXPLOIT-KIT Impact/Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26600 <-> ENABLED <-> EXPLOIT-KIT Impact/Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26602 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet name memory corruption attempt (file-office.rules)
 * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:2665 <-> DISABLED <-> PROTOCOL-IMAP login literal format string attempt (protocol-imap.rules)
 * 1:26663 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:26667 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes playlist overflow attempt (file-multimedia.rules)
 * 1:26672 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26676 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:26706 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26707 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26708 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26709 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26710 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26711 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed ftCMO record remote code execution attempt (file-office.rules)
 * 1:26724 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (file-multimedia.rules)
 * 1:26799 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26800 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26801 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26832 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control exploit attempt (file-office.rules)
 * 1:26856 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (file-image.rules)
 * 1:26857 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sRGB overflow attempt (file-image.rules)
 * 1:26858 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (file-image.rules)
 * 1:26859 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (file-image.rules)
 * 1:26861 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (file-image.rules)
 * 1:26862 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sPLT overflow attempt (file-image.rules)
 * 1:26863 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (file-image.rules)
 * 1:26864 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (file-image.rules)
 * 1:26866 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (file-image.rules)
 * 1:26978 <-> DISABLED <-> FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (file-image.rules)
 * 1:27001 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks Remote Management overflow attempt (server-other.rules)
 * 1:27071 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:27072 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:27081 <-> ENABLED <-> EXPLOIT-KIT Nailed exploit kit Internet Explorer exploit download - autopwn (exploit-kit.rules)
 * 1:27082 <-> ENABLED <-> EXPLOIT-KIT Nailed exploit kit flash remote code execution exploit download - autopwn (exploit-kit.rules)
 * 1:27166 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27167 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27168 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:27212 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27213 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27214 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:27215 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint schemes record buffer overflow (file-office.rules)
 * 1:27216 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint printer record buffer overflow (file-office.rules)
 * 1:27222 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:27243 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirectAction (server-apache.rules)
 * 1:27251 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (file-other.rules)
 * 1:27271 <-> ENABLED <-> EXPLOIT-KIT iFramer toolkit injected iframe detected - specific structure (exploit-kit.rules)
 * 1:27544 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab runtime traffic detected (malware-cnc.rules)
 * 1:27545 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27546 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27547 <-> ENABLED <-> MALWARE-CNC Osx.Trojan.Janicab outbound connection (malware-cnc.rules)
 * 1:27548 <-> ENABLED <-> MALWARE-OTHER Osx.Trojan.Janicab file download attempt (malware-other.rules)
 * 1:27549 <-> ENABLED <-> MALWARE-OTHER Osx.Trojan.Janicab file download attempt (malware-other.rules)
 * 1:27580 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27581 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27584 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27585 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27586 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27587 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27588 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27589 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27590 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27591 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27634 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (file-office.rules)
 * 1:27635 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Record Code Execution attempt (file-office.rules)
 * 1:27671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (file-flash.rules)
 * 1:27695 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27696 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27697 <-> ENABLED <-> EXPLOIT-KIT Kore exploit kit successful Java exploit (exploit-kit.rules)
 * 1:27718 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file buffer overflow attempt (os-windows.rules)
 * 1:27719 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (os-windows.rules)
 * 1:27757 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX clsid access (browser-plugins.rules)
 * 1:27758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:27788 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access (browser-plugins.rules)
 * 1:27789 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27790 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27791 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27792 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (browser-plugins.rules)
 * 1:27793 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access (browser-plugins.rules)
 * 1:27798 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules)
 * 1:27799 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules)
 * 1:27800 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (browser-plugins.rules)
 * 1:27865 <-> ENABLED <-> EXPLOIT-KIT Blackholev2/Darkleech exploit kit landing page request (exploit-kit.rules)
 * 1:27881 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Flash Player (exploit-kit.rules)
 * 1:27883 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Oracle Java (exploit-kit.rules)
 * 1:27885 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27886 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27892 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Acrobat Reader (exploit-kit.rules)
 * 1:27893 <-> ENABLED <-> EXPLOIT-KIT Teletubbies exploit kit payload download (exploit-kit.rules)
 * 1:27894 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - about.dll (exploit-kit.rules)
 * 1:27895 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.dll (exploit-kit.rules)
 * 1:27896 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - contacts.dll (exploit-kit.rules)
 * 1:27897 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - calc.dll (exploit-kit.rules)
 * 1:27898 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - readme.dll (exploit-kit.rules)
 * 1:27908 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules)
 * 1:27909 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules)
 * 1:27945 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules)
 * 1:27947 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:27948 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (file-office.rules)
 * 1:28029 <-> ENABLED <-> EXPLOIT-KIT Magnitude/Popads/Nuclear exploit kit jnlp request (exploit-kit.rules)
 * 1:28108 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Adobe Flash exploit download attempt (exploit-kit.rules)
 * 1:28113 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (file-office.rules)
 * 1:28124 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (file-other.rules)
 * 1:28128 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28130 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28133 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:28228 <-> DISABLED <-> SERVER-WEBAPP Microsoft Interactive Training buffer overflow attempt (server-webapp.rules)
 * 1:28236 <-> ENABLED <-> EXPLOIT-KIT Magnitude/Nuclear exploit kit landing page (exploit-kit.rules)
 * 1:28263 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:28311 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28312 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28313 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28314 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28316 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28317 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28318 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28319 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28320 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28321 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28322 <-> DISABLED <-> FILE-OTHER Microsoft Office Image filter BMP overflow attempt (file-other.rules)
 * 1:28413 <-> ENABLED <-> EXPLOIT-KIT Magnitude exploit kit embedded redirection attempt (exploit-kit.rules)
 * 1:28428 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit landing page (exploit-kit.rules)
 * 1:28429 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit outbound jnlp download attempt (exploit-kit.rules)
 * 1:28430 <-> ENABLED <-> EXPLOIT-KIT Glazunov exploit kit zip file download (exploit-kit.rules)
 * 1:28440 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file invalid memory allocation exploit attempt (file-office.rules)
 * 1:28441 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28442 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28443 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:28482 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Terminator RAT variant outbound connection (malware-cnc.rules)
 * 1:28493 <-> ENABLED <-> MALWARE-CNC DeputyDog diskless method outbound connection (malware-cnc.rules)
 * 1:28612 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28613 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit landing page - specific-structure (exploit-kit.rules)
 * 1:28614 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit landing page (exploit-kit.rules)
 * 1:28616 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit payload download attempt (exploit-kit.rules)
 * 1:28677 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28678 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28686 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:28989 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Egobot variant outbound connection (malware-cnc.rules)
 * 1:29032 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MasterPagePackedText structure CharacterFormatArrayOuterHeaderSize buffer overflow (file-office.rules)
 * 1:29033 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MasterPagePackedText structure CharacterFormatArrayOuterHeaderSize buffer overflow (file-office.rules)
 * 1:29066 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit XORed payload download attempt (exploit-kit.rules)
 * 1:29128 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit plugin detection page (exploit-kit.rules)
 * 1:29130 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit malicious payload download attempt (exploit-kit.rules)
 * 1:29264 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtX memory corruption attempt (file-office.rules)
 * 1:29326 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules)
 * 1:29327 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules)
 * 1:29328 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules)
 * 1:29329 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtX memory corruption attempt (file-office.rules)
 * 1:29404 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel country record arbitrary code execution attempt (file-office.rules)
 * 1:29434 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file overread buffer overflow attempt (file-image.rules)
 * 1:29435 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:29436 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:29502 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules)
 * 1:29511 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM jovgraph.exe CGI hostname parameter bugger overflow attempt (server-webapp.rules)
 * 1:29513 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows RAP API NetServerEnum2 long comment buffer overflow attempt (os-windows.rules)
 * 1:29523 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:29528 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 46 integer overflow attempt (server-other.rules)
 * 1:29529 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 47 integer overflow attempt (server-other.rules)
 * 1:29530 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 54 integer overflow attempt (server-other.rules)
 * 1:29531 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 25 integer overflow attempt (server-other.rules)
 * 1:29532 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 81 integer overflow attempt (server-other.rules)
 * 1:29536 <-> DISABLED <-> SERVER-OTHER Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (server-other.rules)
 * 1:29580 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox SVG data processing obfuscated memory corruption attempt (browser-firefox.rules)
 * 1:29581 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:29617 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules)
 * 1:29621 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (netbios.rules)
 * 1:29624 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow attempt (browser-firefox.rules)
 * 1:29625 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow attempt (browser-firefox.rules)
 * 1:29754 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules)
 * 1:29796 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:29797 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:29804 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29805 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29806 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:29814 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer null attribute DoS attempt (browser-ie.rules)
 * 1:29936 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - CookieInterceptor (server-apache.rules)
 * 1:29937 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules)
 * 1:29943 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB2 client NetBufferList NULL entry remote code execution attempt (os-windows.rules)
 * 1:30037 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zaleelq variant outbound connection (malware-cnc.rules)
 * 1:30232 <-> DISABLED <-> OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (os-windows.rules)
 * 1:30233 <-> DISABLED <-> OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (os-windows.rules)
 * 1:3066 <-> DISABLED <-> PROTOCOL-IMAP append overflow attempt (protocol-imap.rules)
 * 1:30941 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:30990 <-> ENABLED <-> MALWARE-CNC Shiqiang Gang malicious XLS targeted attack detection (malware-cnc.rules)
 * 1:30991 <-> ENABLED <-> MALWARE-CNC Shiqiang Gang malicious XLS targeted attack detection (malware-cnc.rules)
 * 1:31017 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Adobe Reader Extension race condition attempt (browser-plugins.rules)
 * 1:31018 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Adobe Reader Extension race condition attempt (browser-plugins.rules)
 * 1:31031 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word WordPerfect converter buffer overflow attempt (file-office.rules)
 * 1:31032 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word WordPerfect converter buffer overflow attempt (file-office.rules)
 * 1:31279 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31296 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules)
 * 1:31301 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules)
 * 1:31365 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager remote code execution attempt (server-webapp.rules)
 * 1:31373 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:31374 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Qsir and Qsif record remote code execution attempt (file-office.rules)
 * 1:31420 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:31421 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:31427 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules)
 * 1:31428 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:31434 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Section Table Array Buffer Overflow attempt (file-office.rules)
 * 1:31437 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:31439 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31440 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules)
 * 1:31462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules)
 * 1:31473 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31474 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31475 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31476 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:31504 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:31562 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (file-office.rules)
 * 1:31591 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:31592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:31650 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail file execution attempt (server-mail.rules)
 * 1:3171 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:31716 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Otupsys variant outbound connection (malware-cnc.rules)
 * 1:31756 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:31757 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:31758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (browser-plugins.rules)
 * 1:31759 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX clsid access (browser-plugins.rules)
 * 1:31760 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31761 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31762 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31763 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:31777 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing announce overflow attempt (file-other.rules)
 * 1:31778 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing comment overflow attempt (file-other.rules)
 * 1:31779 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing name overflow attempt (file-other.rules)
 * 1:31780 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing path overflow attempt (file-other.rules)
 * 1:31843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules)
 * 1:31844 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules)
 * 1:31845 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules)
 * 1:31846 <-> DISABLED <-> POLICY-OTHER HP Universal CMDB default credentials authentication attempt (policy-other.rules)
 * 1:31875 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (file-office.rules)
 * 1:31876 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (file-office.rules)
 * 1:31946 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start arbitrary command execution attempt (file-java.rules)
 * 1:32062 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32063 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32064 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:32082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Filter Records Handling Code Execution attempt (file-office.rules)
 * 1:32083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed file format parsing code execution attempt (file-office.rules)
 * 1:32094 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalete Record Memory Corruption attempt (file-office.rules)
 * 1:32095 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (file-office.rules)
 * 1:32122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtWnDesk record memory corruption exploit attempt (file-office.rules)
 * 1:32131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:32132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (file-office.rules)
 * 1:32133 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XBM image processing buffer overflow attempt (browser-firefox.rules)
 * 1:32136 <-> DISABLED <-> FILE-OTHER GNU gzip LZH decompression make_table overflow attempt (file-other.rules)
 * 1:32206 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style record overflow attempt (file-office.rules)
 * 1:32223 <-> DISABLED <-> SERVER-OTHER Firebird database invalid state integer overflow attempt (server-other.rules)
 * 1:32224 <-> DISABLED <-> SERVER-OTHER Firebird database invalid state integer overflow attempt (server-other.rules)
 * 1:32365 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (browser-ie.rules)
 * 1:32532 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules)
 * 1:32615 <-> DISABLED <-> OS-WINDOWS Microsoft Windows search protocol remote command injection attempt (os-windows.rules)
 * 1:32625 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DV record buffer overflow attempt (file-office.rules)
 * 1:32629 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:32630 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (browser-ie.rules)
 * 1:32631 <-> DISABLED <-> NETBIOS SMB server response heap overflow attempt (netbios.rules)
 * 1:32642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:32643 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:32644 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)