Sourcefire VRT Rules Update

Date: 2013-04-11

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.3.1.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:26386 <-> ENABLED <-> SERVER-OTHER Polycom HDX authorization bypass attempt (server-other.rules)
 * 1:26382 <-> DISABLED <-> MALWARE-OTHER UTF-8 BOM in zip file attachment detected (malware-other.rules)
 * 1:26387 <-> ENABLED <-> MALWARE-CNC Android Stels initial server contact (malware-cnc.rules)
 * 1:26393 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX function call access (browser-plugins.rules)
 * 1:26381 <-> DISABLED <-> MALWARE-OTHER UTF-8 BOM in zip file attachment detected (malware-other.rules)
 * 1:26388 <-> ENABLED <-> MALWARE-CNC Android Stels server response (malware-cnc.rules)
 * 1:26392 <-> DISABLED <-> SCADA Schneider Electric IGSS integer underflow attempt (scada.rules)
 * 1:26380 <-> DISABLED <-> MALWARE-OTHER UTF-8 BOM in zip file attachment detected (malware-other.rules)
 * 1:26378 <-> DISABLED <-> BROWSER-PLUGINS Viscom Software Image Viewer ActiveX function call access (browser-plugins.rules)
 * 1:26383 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page (exploit-kit.rules)
 * 1:26389 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (server-other.rules)
 * 1:26384 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page (exploit-kit.rules)
 * 1:26391 <-> DISABLED <-> PROTOCOL-POP libcurl MD5 digest buffer overflow attempt (protocol-pop.rules)
 * 1:26385 <-> DISABLED <-> FILE-EXECUTABLE Portable Executable binary file write over SMB2 (file-executable.rules)
 * 1:26390 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (server-other.rules)
 * 1:26379 <-> ENABLED <-> SERVER-OTHER Squid proxy Accept-Language denial of service attempt (server-other.rules)

Modified Rules:


 * 1:3519 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow default port (server-mysql.rules)
 * 1:4918 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList dos attempt (os-windows.rules)
 * 1:7003 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Recordset ActiveX function call access (browser-plugins.rules)
 * 1:3195 <-> DISABLED <-> OS-WINDOWS name query overflow attempt TCP (os-windows.rules)
 * 1:7940 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Gradient ActiveX clsid access (browser-plugins.rules)
 * 1:7956 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Forms 2.0 ListBox ActiveX clsid access (browser-plugins.rules)
 * 1:8417 <-> DISABLED <-> BROWSER-PLUGINS TriEditDocument.TriEditDocument ActiveX function call access (browser-plugins.rules)
 * 1:8418 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.RevealTrans ActiveX function call access (browser-plugins.rules)
 * 1:8420 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.Gradient ActiveX function call access (browser-plugins.rules)
 * 1:8421 <-> DISABLED <-> BROWSER-PLUGINS OWC11.DataSourceControl.11 ActiveX function call access (browser-plugins.rules)
 * 1:8422 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Outlook View OVCtl ActiveX clsid access (browser-plugins.rules)
 * 1:8423 <-> DISABLED <-> BROWSER-PLUGINS CEnroll.CEnroll.2 ActiveX function call access (browser-plugins.rules)
 * 1:8424 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Forms 2.0 ListBox ActiveX function call access (browser-plugins.rules)
 * 1:8723 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Office Data Source Control 11.0 ActiveX clsid access (browser-plugins.rules)
 * 1:9817 <-> DISABLED <-> BROWSER-PLUGINS CEnroll.CEnroll.2 ActiveX clsid access (browser-plugins.rules)
 * 1:9820 <-> ENABLED <-> BROWSER-PLUGINS OWC11.DataSourceControl.11 ActiveX function call access (browser-plugins.rules)
 * 1:9821 <-> DISABLED <-> BROWSER-PLUGINS TriEditDocument.TriEditDocument ActiveX clsid access (browser-plugins.rules)
 * 1:15612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 20 ActiveX clsid access (browser-plugins.rules)
 * 1:15614 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 21 ActiveX clsid access (browser-plugins.rules)
 * 1:15616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 22 ActiveX clsid access (browser-plugins.rules)
 * 1:15618 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 23 ActiveX clsid access (browser-plugins.rules)
 * 1:15620 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 24 ActiveX clsid access (browser-plugins.rules)
 * 1:15622 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 25 ActiveX clsid access (browser-plugins.rules)
 * 1:15624 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 26 ActiveX clsid access (browser-plugins.rules)
 * 1:15626 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 27 ActiveX clsid access (browser-plugins.rules)
 * 1:15628 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 28 ActiveX clsid access (browser-plugins.rules)
 * 1:15630 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 29 ActiveX clsid access (browser-plugins.rules)
 * 1:15632 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 3 ActiveX clsid access (browser-plugins.rules)
 * 1:15634 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 30 ActiveX clsid access (browser-plugins.rules)
 * 1:15636 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 31 ActiveX clsid access (browser-plugins.rules)
 * 1:15638 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 32 ActiveX clsid access (browser-plugins.rules)
 * 1:15640 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 33 ActiveX clsid access (browser-plugins.rules)
 * 1:15642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 34 ActiveX clsid access (browser-plugins.rules)
 * 1:15644 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 35 ActiveX clsid access (browser-plugins.rules)
 * 1:15646 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 36 ActiveX clsid access (browser-plugins.rules)
 * 1:15648 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 37 ActiveX clsid access (browser-plugins.rules)
 * 1:15650 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 38 ActiveX clsid access (browser-plugins.rules)
 * 1:15652 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 39 ActiveX clsid access (browser-plugins.rules)
 * 1:15654 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 4 ActiveX clsid access (browser-plugins.rules)
 * 1:15656 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 40 ActiveX clsid access (browser-plugins.rules)
 * 1:15658 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 41 ActiveX clsid access (browser-plugins.rules)
 * 1:15660 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 42 ActiveX clsid access (browser-plugins.rules)
 * 1:15662 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 43 ActiveX clsid access (browser-plugins.rules)
 * 1:15664 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 44 ActiveX clsid access (browser-plugins.rules)
 * 1:15666 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 45 ActiveX clsid access (browser-plugins.rules)
 * 1:15668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 5 ActiveX clsid access (browser-plugins.rules)
 * 1:15670 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX clsid access (browser-plugins.rules)
 * 1:15671 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX function call (browser-plugins.rules)
 * 1:15672 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 7 ActiveX clsid access (browser-plugins.rules)
 * 1:15674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 8 ActiveX clsid access (browser-plugins.rules)
 * 1:15676 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 9 ActiveX clsid access (browser-plugins.rules)
 * 1:15678 <-> ENABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:15679 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (browser-plugins.rules)
 * 1:15684 <-> DISABLED <-> OS-WINDOWS Multiple product snews uri handling code execution attempt (os-windows.rules)
 * 1:15896 <-> DISABLED <-> DOS Firebird SQL op_connect_request denial of service attempt (dos.rules)
 * 1:15930 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB malformed process ID high field remote code execution attempt (os-windows.rules)
 * 1:15932 <-> DISABLED <-> PROTOCOL-FTP LIST globbing denial of service attack (protocol-ftp.rules)
 * 1:15965 <-> DISABLED <-> OS-WINDOWS Microsoft Explorer long share name buffer overflow attempt (os-windows.rules)
 * 1:16423 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 7/8 execute local file in Internet zone redirect attempt (browser-ie.rules)
 * 1:16598 <-> ENABLED <-> SPECIFIC-THREATS Green Dam URL handling overflow attempt (specific-threats.rules)
 * 1:16602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow 3 ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:16607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX control access attempt (browser-plugins.rules)
 * 1:16692 <-> DISABLED <-> FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (file-multimedia.rules)
 * 1:16726 <-> DISABLED <-> WEB-CLIENT gAlan malformed file stack overflow attempt (web-client.rules)
 * 1:16751 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16752 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16753 <-> ENABLED <-> SERVER-WEBAPP VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (server-webapp.rules)
 * 1:17103 <-> DISABLED <-> SERVER-IIS IIS 5.1 alternate data stream authentication bypass attempt (server-iis.rules)
 * 1:17117 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-multimedia.rules)
 * 1:17129 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer use-after-free memory corruption attempt (browser-ie.rules)
 * 1:17245 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox image dragging exploit attempt (browser-firefox.rules)
 * 1:17250 <-> ENABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:17296 <-> ENABLED <-> SERVER-WEBAPP Microsoft Office Outlook Web Access XSRF attempt (server-webapp.rules)
 * 1:17467 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17468 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17654 <-> ENABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX exploit attempt (browser-plugins.rules)
 * 1:17702 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrDfsCreateExitPoint dos attempt (os-windows.rules)
 * 1:14170 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 42 ActiveX clsid access (browser-plugins.rules)
 * 1:14158 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 36 ActiveX clsid access (browser-plugins.rules)
 * 1:14202 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 58 ActiveX clsid access (browser-plugins.rules)
 * 1:14198 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 56 ActiveX clsid access (browser-plugins.rules)
 * 1:14226 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 70 ActiveX clsid access (browser-plugins.rules)
 * 1:14190 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 52 ActiveX clsid access (browser-plugins.rules)
 * 1:14168 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 41 ActiveX clsid access (browser-plugins.rules)
 * 1:14124 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 19 ActiveX clsid access (browser-plugins.rules)
 * 1:14206 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 60 ActiveX clsid access (browser-plugins.rules)
 * 1:14122 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 18 ActiveX clsid access (browser-plugins.rules)
 * 1:14128 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 21 ActiveX clsid access (browser-plugins.rules)
 * 1:14178 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 46 ActiveX clsid access (browser-plugins.rules)
 * 1:14130 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 22 ActiveX clsid access (browser-plugins.rules)
 * 1:14146 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 30 ActiveX clsid access (browser-plugins.rules)
 * 1:13859 <-> DISABLED <-> BROWSER-PLUGINS HP Instant Support DataManager ActiveX function call access (browser-plugins.rules)
 * 1:14194 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 54 ActiveX clsid access (browser-plugins.rules)
 * 1:4826 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetRootDeviceInstance attempt (os-windows.rules)
 * 1:14164 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 39 ActiveX clsid access (browser-plugins.rules)
 * 1:14144 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 29 ActiveX clsid access (browser-plugins.rules)
 * 1:13857 <-> DISABLED <-> BROWSER-PLUGINS HP Instant Support DataManager ActiveX clsid access (browser-plugins.rules)
 * 1:17769 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CSS invalid mapping exploit attempt (browser-ie.rules)
 * 1:18172 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18173 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18321 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInterrogator ActiveX clsid access (browser-plugins.rules)
 * 1:18322 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInterrogator ActiveX function call access (browser-plugins.rules)
 * 1:18463 <-> ENABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules)
 * 1:18488 <-> DISABLED <-> WEB-CLIENT Adobe Photoshop wintab32.dll dll-load exploit attempt (web-client.rules)
 * 1:18489 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:18531 <-> DISABLED <-> WEB-CLIENT Multiple Vendors iacenc.dll dll-load exploit attempt (web-client.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules)
 * 1:18565 <-> DISABLED <-> WEB-CLIENT fraudulent digital certificate for mail.google.com detected (web-client.rules)
 * 1:18566 <-> DISABLED <-> WEB-CLIENT fraudulent digital certificate for www.google.com detected (web-client.rules)
 * 1:18567 <-> DISABLED <-> WEB-CLIENT fraudulent digital certificate for login.yahoo.com detected (web-client.rules)
 * 1:18568 <-> DISABLED <-> WEB-CLIENT fraudulent digital certificate for login.yahoo.com detected (web-client.rules)
 * 1:18569 <-> DISABLED <-> WEB-CLIENT fraudulent digital certificate for login.yahoo.com detected (web-client.rules)
 * 1:18570 <-> DISABLED <-> WEB-CLIENT fraudulent digital certificate for login.skype.com detected (web-client.rules)
 * 1:18571 <-> DISABLED <-> WEB-CLIENT fraudulent digital certificate for addons.mozilla.org detected (web-client.rules)
 * 1:18572 <-> DISABLED <-> WEB-CLIENT fraudulent digital certificate for login.live.com detected (web-client.rules)
 * 1:18573 <-> DISABLED <-> WEB-CLIENT fraudulent digital certificate for global trustee detected (web-client.rules)
 * 1:18576 <-> DISABLED <-> WEB-CLIENT fraudulent digital certificate from usertrust.com detected (web-client.rules)
 * 1:18668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (browser-plugins.rules)
 * 1:19084 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules)
 * 1:19105 <-> DISABLED <-> SERVER-OTHER HP Data Protector Manager MMD service buffer overflow attempt (server-other.rules)
 * 1:19108 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX clsid access (browser-plugins.rules)
 * 1:19109 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX function call access (browser-plugins.rules)
 * 1:19243 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19562 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19563 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX function call access (browser-plugins.rules)
 * 1:19564 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19565 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX function call access (browser-plugins.rules)
 * 1:19873 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules)
 * 1:20029 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20224 <-> DISABLED <-> FILE-MULTIMEDIA MPlayer SMI file buffer overflow attempt (file-multimedia.rules)
 * 1:20225 <-> ENABLED <-> NETBIOS SMI file download request (netbios.rules)
 * 1:20226 <-> DISABLED <-> NETBIOS MPlayer SMI file buffer overflow attempt (netbios.rules)
 * 1:20266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Javascript negative option index attack attempt (browser-ie.rules)
 * 1:20431 <-> ENABLED <-> WEB-CLIENT Wireshark DECT packet dissector overflow attempt (web-client.rules)
 * 1:20528 <-> DISABLED <-> SERVER-APACHE Apache mod_proxy reverse proxy information disclosure attempt (server-apache.rules)
 * 1:20535 <-> DISABLED <-> BROWSER-OTHER Opera Config File script access attempt (browser-other.rules)
 * 1:20536 <-> DISABLED <-> BROWSER-PLUGINS Moxa MediaDBPlayback.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:20537 <-> DISABLED <-> BROWSER-PLUGINS Phobos.Playlist ActiveX clsid access (browser-plugins.rules)
 * 1:20538 <-> DISABLED <-> BROWSER-PLUGINS Phobos.Playlist ActiveX function call access (browser-plugins.rules)
 * 1:20619 <-> DISABLED <-> SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (server-webapp.rules)
 * 1:20620 <-> DISABLED <-> SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (server-webapp.rules)
 * 1:20622 <-> DISABLED <-> FILE-OTHER Oracle Java Applet remote code execution attempt (file-other.rules)
 * 1:20659 <-> DISABLED <-> FILE-PDF Adobe Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:20699 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSRF timing attack against XSS filter (browser-ie.rules)
 * 1:20744 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player DirectShow MPEG-2 memory corruption attempt (os-windows.rules)
 * 1:20768 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20770 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20771 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20772 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20773 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20774 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20775 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20786 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20787 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20788 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20789 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20831 <-> DISABLED <-> FILE-OTHER Oracle Java Applet Rhino script engine remote code execution attempt (file-other.rules)
 * 1:20845 <-> DISABLED <-> SERVER-WEBAPP HP Network Node Manager cross site scripting attempt (server-webapp.rules)
 * 1:20846 <-> DISABLED <-> BROWSER-PLUGINS Oracle Hyperion strategic finance client SetDevNames heap buffer overflow ActiveX clsid access (browser-plugins.rules)
 * 1:20847 <-> DISABLED <-> BROWSER-PLUGINS Oracle Hyperion strategic finance client SetDevNames heap buffer overflow ActiveX function call access (browser-plugins.rules)
 * 1:20995 <-> DISABLED <-> POLICY-OTHER HP SiteScope integrationViewer default credentials policy-bypass attempt (policy-other.rules)
 * 1:20996 <-> DISABLED <-> POLICY-OTHER HP SiteScope integrationViewer default credentials policy-bypass attempt (policy-other.rules)
 * 1:20999 <-> ENABLED <-> BROWSER-WEBKIT Microsoft Windows 7 x64 Apple Safari abnormally long iframe exploit attempt (browser-webkit.rules)
 * 1:21002 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules)
 * 1:21019 <-> DISABLED <-> FILE-OTHER Cytel Studio string stack overflow attempt (file-other.rules)
 * 1:21020 <-> DISABLED <-> FILE-OTHER Cytel Studio row overflow attempt (file-other.rules)
 * 1:21021 <-> DISABLED <-> FILE-OTHER Cytel Studio USE command overflow attempt (file-other.rules)
 * 1:21024 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21025 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX function call attempt (browser-plugins.rules)
 * 1:21026 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21027 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX function call attempt (browser-plugins.rules)
 * 1:21051 <-> DISABLED <-> SERVER-WEBAPP Apple OSX software update command execution attempt (server-webapp.rules)
 * 1:21057 <-> ENABLED <-> FILE-OTHER Java Applet Rhino script engine remote code execution attempt (file-other.rules)
 * 1:21065 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Edituser cross site scripting attempt (server-webapp.rules)
 * 1:21066 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Systemdashboard cross site scripting attempt (server-webapp.rules)
 * 1:21067 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager TOC_simple cross site scripting attempt (server-webapp.rules)
 * 1:21082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21084 <-> DISABLED <-> SERVER-MSSQL MSSQL CONVERT function buffer overflow attempt (server-mssql.rules)
 * 1:21085 <-> DISABLED <-> SERVER-MSSQL MSSQL CONVERT function unicode buffer overflow attempt (server-mssql.rules)
 * 1:21086 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption (browser-ie.rules)
 * 1:21093 <-> DISABLED <-> FILE-MULTIMEDIA A-PDF Wav to mp3 converter buffer overfow (file-multimedia.rules)
 * 1:21100 <-> DISABLED <-> RPC Novell Netware xdr decode string length buffer overflow attempt (rpc.rules)
 * 1:21107 <-> DISABLED <-> FILE-MULTIMEDIA MJM Quickplayer s3m buffer overflow (file-multimedia.rules)
 * 1:21214 <-> DISABLED <-> SERVER-APACHE Apache server mod_proxy reverse proxy bypass attempt (server-apache.rules)
 * 1:21243 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:21254 <-> ENABLED <-> FILE-PDF Foxit Reader createDataObject file write attempt (file-pdf.rules)
 * 1:21264 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Internet Security 2004 ActiveX function call (browser-plugins.rules)
 * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21349 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:21350 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:21378 <-> DISABLED <-> SERVER-OTHER Novell iPrint attributes-natural-language buffer overflow attempt (server-other.rules)
 * 1:21387 <-> DISABLED <-> FILE-OTHER Oracle Java runtime RMIConnectionImpl deserialization execution attempt (file-other.rules)
 * 1:21393 <-> DISABLED <-> FILE-MULTIMEDIA Magix Musik Maker 16 buffer overflow attempt (file-multimedia.rules)
 * 1:21397 <-> DISABLED <-> FILE-MULTIMEDIA MicroP mppl stack buffer overflow (file-multimedia.rules)
 * 1:21413 <-> DISABLED <-> FILE-OTHER PeaZip command injection attempt (file-other.rules)
 * 1:21421 <-> DISABLED <-> DOS ISC BIND DNSSEC authority response record overflow attempt (dos.rules)
 * 1:21488 <-> DISABLED <-> APP-DETECT User-Agent known user agent - GetRight (app-detect.rules)
 * 1:21491 <-> DISABLED <-> SCADA Sielco Sistemi Winlog Pro stack buffer overflow attempt (scada.rules)
 * 1:21557 <-> DISABLED <-> FILE-OTHER Apple OSX ZIP archive shell script execution attempt (file-other.rules)
 * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21609 <-> DISABLED <-> SERVER-WEBAPP SurgeMail webmail.exe page format string exploit attempt (server-webapp.rules)
 * 1:21669 <-> DISABLED <-> PROTOCOL-VOIP Asterisk expires header denial of service attempt (protocol-voip.rules)
 * 1:22078 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:22091 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:22948 <-> DISABLED <-> PROTOCOL-VOIP Avaya WinPDM header buffer overflow attempt (protocol-voip.rules)
 * 1:22950 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt big endian (server-webapp.rules)
 * 1:22951 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (server-webapp.rules)
 * 1:22952 <-> ENABLED <-> SERVER-OTHER Iron Mountain connected backup opcode 13 processing command injection attempt (server-other.rules)
 * 1:23008 <-> DISABLED <-> FILE-OTHER Oracle Java Rhino script engine remote code execution attempt (file-other.rules)
 * 1:23009 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:23010 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules)
 * 1:23046 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23047 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23055 <-> DISABLED <-> PROTOCOL-FTP Cisco IOS FTP MKD buffer overflow attempt (protocol-ftp.rules)
 * 1:23102 <-> DISABLED <-> POLICY-OTHER Seagate BlackArmor administrator password reset attempt (policy-other.rules)
 * 1:23111 <-> DISABLED <-> POLICY-OTHER PHP uri tag injection attempt (policy-other.rules)
 * 1:23117 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 DOM element use after free attempt (browser-ie.rules)
 * 1:23124 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:23150 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed graphic record code execution attempt (file-office.rules)
 * 1:23170 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23186 <-> DISABLED <-> BROWSER-PLUGINS Dell CrazyTalk.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:23238 <-> DISABLED <-> NETBIOS Wireshark console.lua file load exploit attempt (netbios.rules)
 * 1:23239 <-> DISABLED <-> SERVER-OTHER Wireshark console.lua file load exploit attempt (server-other.rules)
 * 1:23241 <-> DISABLED <-> SERVER-OTHER HP DPNECentral RequestCopy type SQL injection attempt (server-other.rules)
 * 1:23243 <-> ENABLED <-> FILE-OTHER Oracle Java Zip file directory record overflow attempt (file-other.rules)
 * 1:23271 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23272 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23282 <-> ENABLED <-> SERVER-WEBAPP Microsoft Office SharePoint query.iqy XSS attempt (server-webapp.rules)
 * 1:23346 <-> DISABLED <-> FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (file-other.rules)
 * 1:23397 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (server-other.rules)
 * 1:23398 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (server-other.rules)
 * 1:23445 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox use-after free remote code execution attempt (browser-firefox.rules)
 * 1:23559 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:23560 <-> ENABLED <-> FILE-OTHER Oracle Java Zip file directory record overflow attempt (file-other.rules)
 * 1:23581 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23624 <-> ENABLED <-> SERVER-OTHER Ubisoft Uplay browser plugin backdoor attempt (server-other.rules)
 * 1:23715 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Access file magic detected (file-identify.rules)
 * 1:23716 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:23717 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:23718 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:23783 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (server-webapp.rules)
 * 1:23836 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS SMB Microsoft Windows RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24007 <-> DISABLED <-> OS-WINDOWS SMB Microsoft Windows RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24026 <-> ENABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24029 <-> DISABLED <-> FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (file-other.rules)
 * 1:24128 <-> DISABLED <-> OS-WINDOWS Microsoft SCCM ReportChart xss attempt (os-windows.rules)
 * 1:24203 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24204 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24205 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24291 <-> ENABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24292 <-> ENABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24321 <-> DISABLED <-> SERVER-OTHER HP StorageWorks File Migration Agent buffer overflow attempt (server-other.rules)
 * 1:24337 <-> DISABLED <-> DOS Novell Remote Manager off-by-one denial of service attempt (dos.rules)
 * 1:24339 <-> DISABLED <-> SERVER-WEBAPP Zend Framework Zend_XmlRpc information disclosure attempt (server-webapp.rules)
 * 1:24353 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word RTF malformed listid attempt (file-office.rules)
 * 1:24354 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word RTF malformed listid attempt (file-office.rules)
 * 1:24397 <-> DISABLED <-> APP-DETECT Steam game URI handler (app-detect.rules)
 * 1:24480 <-> DISABLED <-> SCADA WellinTech Kingview HMI history server buffer overflow attempt (scada.rules)
 * 1:24518 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code injection attempt (server-webapp.rules)
 * 1:24519 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code execution attempt (server-webapp.rules)
 * 1:24658 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules)
 * 1:24659 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules)
 * 1:24664 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (file-executable.rules)
 * 1:24665 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (file-executable.rules)
 * 1:24706 <-> DISABLED <-> SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (server-webapp.rules)
 * 1:24707 <-> DISABLED <-> SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (server-webapp.rules)
 * 1:24771 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes buffer overflow ActiveX clsid access (browser-plugins.rules)
 * 1:24772 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes buffer overflow ActiveX function call access (browser-plugins.rules)
 * 1:24773 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus iNotes buffer overflow ActiveX clsid access (browser-plugins.rules)
 * 1:24842 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.helpupdater.net (blacklist.rules)
 * 1:24843 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.helpupdated.com (blacklist.rules)
 * 1:24844 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.helpupdated.net (blacklist.rules)
 * 1:24845 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.helpupdated.org (blacklist.rules)
 * 1:24846 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.helpupdatek.at (blacklist.rules)
 * 1:24847 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.helpupdatek.eu (blacklist.rules)
 * 1:24848 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.helpupdatek.tw (blacklist.rules)
 * 1:24849 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.helpupdates.com (blacklist.rules)
 * 1:2485 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Internet Security 2004 ActiveX clsid access (browser-plugins.rules)
 * 1:24850 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.helpchecks.net (blacklist.rules)
 * 1:24851 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.helpupdates.net (blacklist.rules)
 * 1:24852 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.couchness.com (blacklist.rules)
 * 1:24853 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.chopbell.net (blacklist.rules)
 * 1:24854 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ns1.chopbell.com (blacklist.rules)
 * 1:24855 <-> DISABLED <-> BLACKLIST DNS request for known malware domain existing.suroot.com (blacklist.rules)
 * 1:24856 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 22231.dtdns.net (blacklist.rules)
 * 1:24899 <-> ENABLED <-> MALWARE-OTHER Compromised Website response - leads to Exploit Kit (malware-other.rules)
 * 1:24956 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property use after free memory corruption attempt (browser-ie.rules)
 * 1:24957 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24958 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24959 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24960 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24961 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24962 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24963 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectPlay ActiveX clsid access (browser-plugins.rules)
 * 1:24964 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:13633 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:13720 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 3 ActiveX clsid access (browser-plugins.rules)
 * 1:13629 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:13630 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:13442 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13440 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (browser-plugins.rules)
 * 1:13438 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (browser-plugins.rules)
 * 1:13436 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13434 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13626 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access file magic detected (file-identify.rules)
 * 1:13419 <-> ENABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX clsid access (browser-plugins.rules)
 * 1:13732 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 9 ActiveX clsid access (browser-plugins.rules)
 * 1:11261 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX function call access (browser-plugins.rules)
 * 1:11259 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX clsid access (browser-plugins.rules)
 * 1:1209 <-> DISABLED <-> SERVER-WEBAPP .nsconfig access (server-webapp.rules)
 * 1:12664 <-> ENABLED <-> BROWSER-IE Microsoft Windows ShellExecute and Internet Explorer 7 url handling code execution attempt (browser-ie.rules)
 * 1:12687 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:12688 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:15606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 18 ActiveX clsid access (browser-plugins.rules)
 * 1:26082 <-> DISABLED <-> FILE-PDF Nuance PDF reader launch overflow attempt (file-pdf.rules)
 * 1:26230 <-> DISABLED <-> SERVER-WEBAPP Alcatel-Lucent OmniPCX arbitrary command execution attempt (server-webapp.rules)
 * 1:26309 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (server-mysql.rules)
 * 1:25819 <-> ENABLED <-> FILE-PDF Adobe Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:25583 <-> DISABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:26105 <-> DISABLED <-> SERVER-OTHER BigAnt IM Server buffer overflow attempt (server-other.rules)
 * 1:26334 <-> ENABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules)
 * 1:26185 <-> ENABLED <-> FILE-OTHER Oracle Java Gmbal package sandbox breach attempt (file-other.rules)
 * 1:25810 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:26307 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (server-mysql.rules)
 * 1:26304 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (server-mysql.rules)
 * 1:25534 <-> DISABLED <-> SERVER-WEBAPP Sonicwall Global Management System authentication bypass attempt (server-webapp.rules)
 * 1:26210 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules)
 * 1:25581 <-> DISABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:26193 <-> ENABLED <-> BROWSER-PLUGINS Honeywell HscRemoteDeploy ActiveX control arbitrary HTA execution attempt (browser-plugins.rules)
 * 1:24969 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:26194 <-> ENABLED <-> BROWSER-PLUGINS Honeywell HscRemoteDeploy ActiveX control arbitrary HTA execution attempt (browser-plugins.rules)
 * 1:26312 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (server-mysql.rules)
 * 1:26266 <-> DISABLED <-> MALWARE-CNC Zeus v3 DGA DNS query detected (malware-cnc.rules)
 * 1:26336 <-> ENABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra snmp request buffer overflow attempt (server-other.rules)
 * 1:26281 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26243 <-> DISABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (file-multimedia.rules)
 * 1:26103 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra ping request buffer overflow attempt (server-other.rules)
 * 1:25281 <-> DISABLED <-> MALWARE-BACKDOOR Htran banner (malware-backdoor.rules)
 * 1:26268 <-> DISABLED <-> MALWARE-CNC Zeus v3 DGA DNS query detected (malware-cnc.rules)
 * 1:26364 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26362 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:25369 <-> ENABLED <-> OS-WINDOWS NVIDIA graphics driver nvsr named pipe buffer overflow attempt (os-windows.rules)
 * 1:25818 <-> ENABLED <-> FILE-PDF Adobe Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:26320 <-> ENABLED <-> SERVER-WEBAPP Redmine SCM rev parameter command injection attempt (server-webapp.rules)
 * 1:26010 <-> ENABLED <-> MALWARE-CNC CNC Dirtjumper outbound connection (malware-cnc.rules)
 * 1:26242 <-> DISABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (file-multimedia.rules)
 * 1:26324 <-> DISABLED <-> DOS ISC BIND NAPTR record regular expression handling denial of service attempt (dos.rules)
 * 1:25582 <-> DISABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:24976 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent outbound connection (malware-cnc.rules)
 * 1:24966 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:26107 <-> DISABLED <-> SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (server-other.rules)
 * 1:26365 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26283 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:25811 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:26132 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer saveHistory use after free attempt (browser-ie.rules)
 * 1:26311 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (server-mysql.rules)
 * 1:254 <-> DISABLED <-> DNS SPOOF query response with TTL of 1 min. and no authority (dns.rules)
 * 1:26354 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer expression clause in style tag cross site scripting attempt (browser-ie.rules)
 * 1:26209 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules)
 * 1:25329 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules)
 * 1:24965 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:26299 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (server-mysql.rules)
 * 1:25813 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:26199 <-> ENABLED <-> FILE-OTHER Oracle Java 2D ImagingLib LookupOp integer overflow attempt (file-other.rules)
 * 1:24987 <-> DISABLED <-> POLICY-OTHER Adobe InDesign SOAP interface RunScript method access attempt (policy-other.rules)
 * 1:24993 <-> DISABLED <-> FILE-OTHER Oracle Java Applet remote code execution attempt (file-other.rules)
 * 1:26355 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26270 <-> DISABLED <-> MALWARE-CNC Zeus v3 DGA DNS query detected (malware-cnc.rules)
 * 1:24994 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox onChannelRedirect method attempt (browser-firefox.rules)
 * 1:25392 <-> DISABLED <-> FILE-OTHER Oracle Java Rhino script engine remote code execution attempt (file-other.rules)
 * 1:26301 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (server-mysql.rules)
 * 1:26074 <-> ENABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (server-other.rules)
 * 1:26269 <-> DISABLED <-> MALWARE-CNC Zeus v3 DGA DNS query detected (malware-cnc.rules)
 * 1:25246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:25812 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:26356 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26280 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:3196 <-> DISABLED <-> OS-WINDOWS name query overflow attempt UDP (os-windows.rules)
 * 1:26200 <-> ENABLED <-> FILE-OTHER Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (file-other.rules)
 * 1:26073 <-> ENABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (server-other.rules)
 * 1:25272 <-> DISABLED <-> SERVER-WEBAPP Microsoft System Center Operations Manger cross site scripting attempt (server-webapp.rules)
 * 1:26267 <-> DISABLED <-> MALWARE-CNC Zeus v3 DGA DNS query detected (malware-cnc.rules)
 * 1:26310 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query linestring object integer overflow attempt (server-mysql.rules)
 * 1:26313 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (server-mysql.rules)
 * 1:26183 <-> DISABLED <-> BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX clsid access attempt (browser-plugins.rules)
 * 1:26184 <-> DISABLED <-> BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX function call access attempt (browser-plugins.rules)
 * 1:25584 <-> DISABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:26361 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:24967 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:25276 <-> DISABLED <-> SERVER-OTHER Asterisk oversized Content-Length memory corruption attempt (server-other.rules)
 * 1:26197 <-> ENABLED <-> FILE-OTHER Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (file-other.rules)
 * 1:26333 <-> ENABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules)
 * 1:25586 <-> DISABLED <-> SERVER-WEBAPP Nagios Core get_history buffer overflow attempt (server-webapp.rules)
 * 1:26345 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page (exploit-kit.rules)
 * 1:26308 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (server-mysql.rules)
 * 1:25855 <-> DISABLED <-> SERVER-WEBAPP Nagios XI alert cloud cross site scripting attempt (server-webapp.rules)
 * 1:26011 <-> ENABLED <-> MALWARE-CNC CNC Dirtjumper outbound connection (malware-cnc.rules)
 * 1:26133 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer saveHistory use after free attempt (browser-ie.rules)
 * 1:26198 <-> ENABLED <-> FILE-OTHER Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-other.rules)
 * 1:26108 <-> DISABLED <-> SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (server-other.rules)
 * 1:25366 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:26306 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query linestring object integer overflow attempt (server-mysql.rules)
 * 1:26303 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (server-mysql.rules)
 * 1:26196 <-> ENABLED <-> FILE-OTHER Oracle Java 2D ImagingLib LookupOp integer overflow attempt (file-other.rules)
 * 1:24970 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:25808 <-> ENABLED <-> EXPLOIT-KIT Fiesta exploit kit landing page detection - specific-structure (exploit-kit.rules)
 * 1:25278 <-> DISABLED <-> MALWARE-BACKDOOR possible Htran setup command - listen (malware-backdoor.rules)
 * 1:26195 <-> ENABLED <-> FILE-OTHER Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-other.rules)
 * 1:26357 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:25771 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer custom cursor file use after free attempt (browser-ie.rules)
 * 1:25279 <-> DISABLED <-> MALWARE-BACKDOOR possible Htran setup command - slave (malware-backdoor.rules)
 * 1:26359 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:25798 <-> DISABLED <-> EXPLOIT-KIT Multiple Exploit Kit 32-alpha jar request (exploit-kit.rules)
 * 1:25280 <-> DISABLED <-> MALWARE-BACKDOOR possible Htran setup command - tran (malware-backdoor.rules)
 * 1:25817 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bolsilloner.es (blacklist.rules)
 * 1:26302 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query linestring object integer overflow attempt (server-mysql.rules)
 * 1:26363 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26360 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:25772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onbeforeeditfocus element attribute use after free attempt (browser-ie.rules)
 * 1:26271 <-> DISABLED <-> MALWARE-CNC Zeus v3 DGA DNS query detected (malware-cnc.rules)
 * 1:25585 <-> DISABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:26186 <-> ENABLED <-> FILE-OTHER Oracle Java Gmbal package sandbox breach attempt (file-other.rules)
 * 1:26358 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (browser-plugins.rules)
 * 1:26305 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (server-mysql.rules)
 * 1:12780 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access (browser-plugins.rules)
 * 1:12782 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access (browser-plugins.rules)
 * 1:12784 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12785 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12786 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:13228 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 1 ActiveX clsid access (browser-plugins.rules)
 * 1:13230 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13269 <-> DISABLED <-> OS-WINDOWS Multiple product nntp uri handling code execution attempt (os-windows.rules)
 * 1:13270 <-> DISABLED <-> OS-WINDOWS Multiple product news uri handling code execution attempt (os-windows.rules)
 * 1:13271 <-> DISABLED <-> OS-WINDOWS Multiple product telnet uri handling code execution attempt (os-windows.rules)
 * 1:13421 <-> ENABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX function call access (browser-plugins.rules)
 * 1:13272 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:13726 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 6 ActiveX clsid access (browser-plugins.rules)
 * 1:13444 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13722 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 4 ActiveX clsid access (browser-plugins.rules)
 * 1:13724 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 5 ActiveX clsid access (browser-plugins.rules)
 * 1:13728 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 7 ActiveX clsid access (browser-plugins.rules)
 * 1:13734 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 10 ActiveX clsid access (browser-plugins.rules)
 * 1:13736 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 11 ActiveX clsid access (browser-plugins.rules)
 * 1:15592 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 11 ActiveX clsid access (browser-plugins.rules)
 * 1:14114 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 14 ActiveX clsid access (browser-plugins.rules)
 * 1:14138 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 26 ActiveX clsid access (browser-plugins.rules)
 * 1:13963 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (browser-ie.rules)
 * 1:14108 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 11 ActiveX clsid access (browser-plugins.rules)
 * 1:14228 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 71 ActiveX clsid access (browser-plugins.rules)
 * 1:14172 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 43 ActiveX clsid access (browser-plugins.rules)
 * 1:15604 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 17 ActiveX clsid access (browser-plugins.rules)
 * 1:14150 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 32 ActiveX clsid access (browser-plugins.rules)
 * 1:14200 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 57 ActiveX clsid access (browser-plugins.rules)
 * 1:15472 <-> DISABLED <-> FILE-MULTIMEDIA Multiple MP3 player PLS buffer overflow attempt (file-multimedia.rules)
 * 1:14230 <-> DISABLED <-> SERVER-WEBAPP SAP DB web server stack buffer overflow attempt (server-webapp.rules)
 * 1:14148 <-> ENABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 31 ActiveX clsid access (browser-plugins.rules)
 * 1:14162 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 38 ActiveX clsid access (browser-plugins.rules)
 * 1:4150 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Outlook View OVCtl ActiveX function call access (browser-plugins.rules)
 * 1:14112 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 13 ActiveX clsid access (browser-plugins.rules)
 * 1:14218 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 66 ActiveX clsid access (browser-plugins.rules)
 * 1:15590 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 10 ActiveX clsid access (browser-plugins.rules)
 * 1:14106 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 10 ActiveX clsid access (browser-plugins.rules)
 * 1:14132 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 23 ActiveX clsid access (browser-plugins.rules)
 * 1:14156 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 35 ActiveX clsid access (browser-plugins.rules)
 * 1:14182 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 48 ActiveX clsid access (browser-plugins.rules)
 * 1:13748 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 17 ActiveX clsid access (browser-plugins.rules)
 * 1:14188 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 51 ActiveX clsid access (browser-plugins.rules)
 * 1:15588 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 1 ActiveX clsid access (browser-plugins.rules)
 * 1:14180 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 47 ActiveX clsid access (browser-plugins.rules)
 * 1:14204 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 59 ActiveX clsid access (browser-plugins.rules)
 * 1:14214 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 64 ActiveX clsid access (browser-plugins.rules)
 * 1:15596 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 13 ActiveX clsid access (browser-plugins.rules)
 * 1:13756 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 21 ActiveX clsid access (browser-plugins.rules)
 * 1:14118 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 16 ActiveX clsid access (browser-plugins.rules)
 * 1:14224 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 69 ActiveX clsid access (browser-plugins.rules)
 * 1:14192 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 53 ActiveX clsid access (browser-plugins.rules)
 * 1:14166 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 40 ActiveX clsid access (browser-plugins.rules)
 * 1:14104 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 9 ActiveX clsid access (browser-plugins.rules)
 * 1:14152 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 33 ActiveX clsid access (browser-plugins.rules)
 * 1:14136 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 25 ActiveX clsid access (browser-plugins.rules)
 * 1:14094 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 4 ActiveX clsid access (browser-plugins.rules)
 * 1:14174 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 44 ActiveX clsid access (browser-plugins.rules)
 * 1:14088 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 1 ActiveX clsid access (browser-plugins.rules)
 * 1:14126 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 20 ActiveX clsid access (browser-plugins.rules)
 * 1:14142 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 28 ActiveX clsid access (browser-plugins.rules)
 * 1:13746 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 16 ActiveX clsid access (browser-plugins.rules)
 * 1:13754 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 20 ActiveX clsid access (browser-plugins.rules)
 * 1:14184 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 49 ActiveX clsid access (browser-plugins.rules)
 * 1:14210 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 62 ActiveX clsid access (browser-plugins.rules)
 * 1:14092 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 3 ActiveX clsid access (browser-plugins.rules)
 * 1:13742 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 14 ActiveX clsid access (browser-plugins.rules)
 * 1:15602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 16 ActiveX clsid access (browser-plugins.rules)
 * 1:14100 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 7 ActiveX clsid access (browser-plugins.rules)
 * 1:13752 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 19 ActiveX clsid access (browser-plugins.rules)
 * 1:13750 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 18 ActiveX clsid access (browser-plugins.rules)
 * 1:1485 <-> DISABLED <-> SERVER-IIS mkilog.exe access (server-iis.rules)
 * 1:14134 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 24 ActiveX clsid access (browser-plugins.rules)
 * 1:14186 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 50 ActiveX clsid access (browser-plugins.rules)
 * 1:14090 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 2 ActiveX clsid access (browser-plugins.rules)
 * 1:14140 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 27 ActiveX clsid access (browser-plugins.rules)
 * 1:14212 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 63 ActiveX clsid access (browser-plugins.rules)
 * 1:15598 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 14 ActiveX clsid access (browser-plugins.rules)
 * 1:14102 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 8 ActiveX clsid access (browser-plugins.rules)
 * 1:13740 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 13 ActiveX clsid access (browser-plugins.rules)
 * 1:3814 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javaprxy.dll COM access (browser-ie.rules)
 * 1:14110 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 12 ActiveX clsid access (browser-plugins.rules)
 * 1:14208 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 61 ActiveX clsid access (browser-plugins.rules)
 * 1:14154 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 34 ActiveX clsid access (browser-plugins.rules)
 * 1:14120 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 17 ActiveX clsid access (browser-plugins.rules)
 * 1:14096 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 5 ActiveX clsid access (browser-plugins.rules)
 * 1:14176 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 45 ActiveX clsid access (browser-plugins.rules)
 * 1:15594 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 12 ActiveX clsid access (browser-plugins.rules)
 * 1:14220 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 67 ActiveX clsid access (browser-plugins.rules)
 * 1:14160 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 37 ActiveX clsid access (browser-plugins.rules)
 * 1:14216 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 65 ActiveX clsid access (browser-plugins.rules)
 * 1:14098 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 6 ActiveX clsid access (browser-plugins.rules)
 * 1:13744 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 15 ActiveX clsid access (browser-plugins.rules)
 * 1:14116 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 15 ActiveX clsid access (browser-plugins.rules)
 * 1:14222 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 68 ActiveX clsid access (browser-plugins.rules)
 * 1:14196 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 55 ActiveX clsid access (browser-plugins.rules)
 * 1:15600 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 15 ActiveX clsid access (browser-plugins.rules)
 * 1:15610 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 2 ActiveX clsid access (browser-plugins.rules)
 * 1:3518 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow (server-mysql.rules)
 * 1:15608 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 19 ActiveX clsid access (browser-plugins.rules)
 * 1:7004 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Internet.HHCtrl.1 ActiveX function call access (browser-plugins.rules)
 * 1:13738 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 12 ActiveX clsid access (browser-plugins.rules)
 * 1:26300 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (server-mysql.rules)
 * 1:25367 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:24968 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:26282 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:13730 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 8 ActiveX clsid access (browser-plugins.rules)
 * 1:7922 <-> DISABLED <-> BROWSER-PLUGINS DXImageTransform.Microsoft.RevealTrans ActiveX clsid access (browser-plugins.rules)
 * 3:24973 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 response file name length overflow attempt (netbios.rules)