Sourcefire VRT Rules Update

Date: 2013-08-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.4.6.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:27698 <-> DISABLED <-> BLACKLIST DNS request for known malware domain software.myftp.info - Win.Trojan.Tartober (blacklist.rules)
 * 1:27714 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit jar file download (exploit-kit.rules)
 * 1:27707 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.wolfvr.com (blacklist.rules)
 * 1:27704 <-> ENABLED <-> EXPLOIT-KIT Gong Da exploit kit Java exploit requested (exploit-kit.rules)
 * 1:27713 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection injection (exploit-kit.rules)
 * 1:27712 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection injection (exploit-kit.rules)
 * 1:27699 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Tartober variant connection attempt (malware-cnc.rules)
 * 1:27703 <-> DISABLED <-> EXPLOIT-KIT Gong Da exploit kit plugin detection (exploit-kit.rules)
 * 1:27709 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string umbra (blacklist.rules)
 * 1:27705 <-> ENABLED <-> EXPLOIT-KIT Gong Da exploit kit Java exploit requested (exploit-kit.rules)
 * 1:27706 <-> DISABLED <-> EXPLOIT-KIT Gong Da exploit kit possible jar download (exploit-kit.rules)
 * 1:27717 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 deleted object access memory corruption attempt (browser-ie.rules)
 * 1:27711 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FakeAV outbound connection attempt (malware-cnc.rules)
 * 1:27716 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 deleted object access memory corruption attempt (browser-ie.rules)
 * 1:27715 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection page (exploit-kit.rules)
 * 1:27718 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file buffer overflow attempt (os-windows.rules)
 * 1:27702 <-> ENABLED <-> EXPLOIT-KIT Gong Da exploit kit landing page (exploit-kit.rules)
 * 1:27700 <-> DISABLED <-> APP-DETECT NSTX DNS tunnel outbound connection attempt (app-detect.rules)
 * 1:27719 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (os-windows.rules)
 * 1:27710 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string IExplore (blacklist.rules)
 * 1:27701 <-> ENABLED <-> EXPLOIT-KIT Gong Da Jar file download (exploit-kit.rules)
 * 1:27720 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kolok variant connection attempt (malware-cnc.rules)
 * 1:27708 <-> ENABLED <-> MALWARE-CNC Win.Ransomware.Urausy outbound connection attempt (malware-cnc.rules)

Modified Rules:


 * 1:8414 <-> DISABLED <-> FILE-OFFICE Microsoft Office GIF image descriptor memory corruption attempt (file-office.rules)
 * 1:25234 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (browser-ie.rules)
 * 1:25772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onbeforeeditfocus element attribute use after free attempt (browser-ie.rules)
 * 1:26778 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Kazy download attempt (malware-other.rules)
 * 1:25392 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:3632 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Bitmap width integer overflow attempt (file-image.rules)
 * 1:27206 <-> DISABLED <-> BROWSER-PLUGINS SigPlus Pro ActiveX clsid access (browser-plugins.rules)
 * 1:25467 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:26134 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 deleted object access memory corruption attempt (browser-ie.rules)
 * 1:25246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:26351 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page redirection (exploit-kit.rules)
 * 1:27166 <-> ENABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:25640 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:26845 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 10 insertImage with designMode on deleted object access attempt (browser-ie.rules)
 * 1:25858 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit Java exploit download (exploit-kit.rules)
 * 1:27233 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (file-pdf.rules)
 * 1:27592 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25861 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit java exploit retrieval (exploit-kit.rules)
 * 1:26544 <-> DISABLED <-> BROWSER-PLUGINS SafeNet ActiveX clsid access (browser-plugins.rules)
 * 1:26048 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit PDF exploit (exploit-kit.rules)
 * 1:2671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer bitmap BitmapOffset integer overflow attempt (browser-ie.rules)
 * 1:7048 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel object record overflow attempt (file-office.rules)
 * 1:27241 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page detected (exploit-kit.rules)
 * 1:25140 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit exe outbound connection (exploit-kit.rules)
 * 1:27552 <-> ENABLED <-> OS-MOBILE Android Exploit Extra_Field APK file download (os-mobile.rules)
 * 1:26508 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.dll (exploit-kit.rules)
 * 1:25818 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:25563 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader heap-based buffer overflow attempt (file-pdf.rules)
 * 1:26791 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:25775 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer pre-line use after free attempt (browser-ie.rules)
 * 1:25056 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit 32-bit font file download (exploit-kit.rules)
 * 1:25383 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - info.exe (exploit-kit.rules)
 * 1:6693 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (file-image.rules)
 * 1:27568 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox 17 onreadystatechange memory corruption attempt (browser-firefox.rules)
 * 1:25598 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit EOT file download (exploit-kit.rules)
 * 1:27182 <-> ENABLED <-> FILE-FLASH Adobe Flash Player malicious swf file download attempt (file-flash.rules)
 * 1:3552 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLE32 MSHTA masquerade attempt (os-windows.rules)
 * 1:3820 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows CHM file magic detected (file-identify.rules)
 * 1:26786 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:26636 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DCOMTextNode object use after free attempt (browser-ie.rules)
 * 1:26897 <-> ENABLED <-> EXPLOIT-KIT Flashpack/Safe/CritX exploit kit malware download (exploit-kit.rules)
 * 1:25084 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:27129 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 use after free attempt (browser-ie.rules)
 * 1:25461 <-> ENABLED <-> FILE-PDF OpenType parsing buffer overflow attempt (file-pdf.rules)
 * 1:25297 <-> ENABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules)
 * 1:27198 <-> DISABLED <-> MALWARE-OTHER OSX.Trojan.Pintsized file download attempt (malware-other.rules)
 * 1:26765 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start control launchapp ActiveX function call access (browser-plugins.rules)
 * 1:7200 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document summary information null string overflow attempt (file-office.rules)
 * 1:27580 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:25078 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules)
 * 1:25972 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit three number PDF Request (exploit-kit.rules)
 * 1:25515 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file magic detected (file-identify.rules)
 * 1:26617 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25517 <-> DISABLED <-> FILE-IDENTIFY Armadillo v1.71 packer file magic detected (file-identify.rules)
 * 1:26374 <-> ENABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:25086 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:26531 <-> ENABLED <-> MALWARE-OTHER Unix.Backdoor.Cdorked download attempt (malware-other.rules)
 * 1:25767 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JPX malformed code-block width attempt (file-pdf.rules)
 * 1:27232 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (file-pdf.rules)
 * 1:26882 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (browser-ie.rules)
 * 1:25637 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:26520 <-> DISABLED <-> FILE-OTHER Maple Maplet File Creation and Command Execution attempt (file-other.rules)
 * 1:26638 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:25460 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader incomplete JP2K image geometry - potentially malicious (file-pdf.rules)
 * 1:27025 <-> DISABLED <-> MALWARE-OTHER UNIX.Trojan.Netweird.A file download attempt (malware-other.rules)
 * 1:26046 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit landing page (exploit-kit.rules)
 * 1:7002 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel url unicode overflow attempt (file-office.rules)
 * 1:27095 <-> ENABLED <-> OS-MOBILE Android ANDR.Trojan.FakeToken APK file download attempt (os-mobile.rules)
 * 1:26789 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:25824 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit malicious payload retrieval (exploit-kit.rules)
 * 1:26512 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit java payload detection (exploit-kit.rules)
 * 1:26315 <-> ENABLED <-> SERVER-OTHER Coppermine Photo Gallery picEditor.php command execution attempt (server-other.rules)
 * 1:26787 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:27040 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit plugin detection connection jorg (exploit-kit.rules)
 * 1:26332 <-> ENABLED <-> MALWARE-BACKDOOR Jokra dropper download (malware-backdoor.rules)
 * 1:6696 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (file-image.rules)
 * 1:27050 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Dokstormac file download (malware-other.rules)
 * 1:25293 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel IPMT record buffer overflow attempt (file-office.rules)
 * 1:25595 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit java exploit retrieval (exploit-kit.rules)
 * 1:26867 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 select element deleted object access attempt (browser-ie.rules)
 * 1:25810 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25061 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Software Installer MSI binary file magic detected (file-executable.rules)
 * 1:25590 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25607 <-> ENABLED <-> FILE-OTHER Csound hetro audio file buffer overflow attempt (file-other.rules)
 * 1:25960 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit former location - has been removed (exploit-kit.rules)
 * 1:26650 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript regex embedded sandbox escape attempt (file-pdf.rules)
 * 1:25088 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:6697 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sPLT overflow attempt (file-image.rules)
 * 1:25252 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules)
 * 1:25569 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page (exploit-kit.rules)
 * 1:26486 <-> ENABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:4155 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer htmlfile ActiveX object access (browser-plugins.rules)
 * 1:3134 <-> DISABLED <-> FILE-IMAGE Microsoft PNG large colour depth download attempt (file-image.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25459 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader incomplete JP2K image geometry - potentially malicious (file-pdf.rules)
 * 1:27034 <-> DISABLED <-> MALWARE-OTHER Win.Backdoor.Transhell file download (malware-other.rules)
 * 1:27272 <-> ENABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:25821 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit possible plugin detection attempt (exploit-kit.rules)
 * 1:7201 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word summary information null string overflow attempt (file-office.rules)
 * 1:27220 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer virtual function table corruption attempt (browser-ie.rules)
 * 1:27583 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:25593 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit java exploit retrieval (exploit-kit.rules)
 * 1:26641 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer runtimeStyle memory corruption attempt (browser-ie.rules)
 * 1:25636 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:25382 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit malicious jar file dropped (exploit-kit.rules)
 * 1:25323 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit EOT file download (exploit-kit.rules)
 * 1:26090 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:26711 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel malformed ftCMO record remote code execution attempt (file-office.rules)
 * 1:26043 <-> ENABLED <-> EXPLOIT-KIT Crimeboss exploit kit - Portable Executable download attempt (exploit-kit.rules)
 * 1:26489 <-> DISABLED <-> BROWSER-OTHER Novell Messenger Client nim URI handler buffer overflow attempt (browser-other.rules)
 * 1:26033 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit iframe redirection attempt (exploit-kit.rules)
 * 1:26047 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit redirection structure (exploit-kit.rules)
 * 1:26634 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 deleted object access via timer memory corruption attempt (browser-ie.rules)
 * 1:25357 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules)
 * 1:27672 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27693 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib BytePackedRaster signed integer overflow attempt (file-java.rules)
 * 1:27279 <-> DISABLED <-> FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (file-other.rules)
 * 1:26926 <-> DISABLED <-> FILE-OTHER Multiple products ZIP archive virus detection bypass attempt (file-other.rules)
 * 1:25800 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit Javascript request (exploit-kit.rules)
 * 1:26788 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:25136 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit plugin detection connection (exploit-kit.rules)
 * 1:25290 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript arbitrary memory reading attempt (browser-firefox.rules)
 * 1:26251 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:26898 <-> DISABLED <-> BROWSER-PLUGINS Java Applet sql.DriverManager fakedriver exploit attempt (browser-plugins.rules)
 * 1:27059 <-> ENABLED <-> MALWARE-OTHER OSX.Trojan.HackBack file download attempt (malware-other.rules)
 * 1:25451 <-> DISABLED <-> INDICATOR-OBFUSCATION GIF header followed by PDF header (indicator-obfuscation.rules)
 * 1:25594 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit java exploit retrieval (exploit-kit.rules)
 * 1:26753 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CDispNode float css element use after free attempt (browser-ie.rules)
 * 1:26540 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26340 <-> DISABLED <-> FILE-OTHER Corel WordPerfect document parsing buffer overflow attempt (file-other.rules)
 * 1:26892 <-> ENABLED <-> EXPLOIT-KIT Flashpack/Safe/CritX exploit kit jar file download (exploit-kit.rules)
 * 1:6689 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected cHRM overflow attempt (file-image.rules)
 * 1:25259 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BancosBanload outbound connection (malware-cnc.rules)
 * 1:26421 <-> ENABLED <-> BROWSER-PLUGINS Metalink file download parameter buffer overflow attempt (browser-plugins.rules)
 * 1:26687 <-> ENABLED <-> FILE-FLASH Adobe SWF malformed HTML text null dereference attempt (file-flash.rules)
 * 1:26168 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CHTMLEditor use after free attempt (browser-ie.rules)
 * 1:26509 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit java payload detection (exploit-kit.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:26441 <-> DISABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript/html generated by myobfuscate.com detected (indicator-obfuscation.rules)
 * 1:25645 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:27184 <-> ENABLED <-> FILE-FLASH Adobe Flash Player malicious swf file download attempt (file-flash.rules)
 * 1:25967 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:25331 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel conditional code execution attempt (file-office.rules)
 * 1:26440 <-> DISABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript/html generated by myobfuscate.com detected (indicator-obfuscation.rules)
 * 1:26668 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer null object access attempt (browser-ie.rules)
 * 1:26293 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit kit exploit request (exploit-kit.rules)
 * 1:27615 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer MoveToMarkupPointer call with CControlTracker OnExitTree use-after-free attempt (browser-ie.rules)
 * 1:26869 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer double-free memory corruption attempt (browser-ie.rules)
 * 1:25795 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectShow MPEG heap overflow attempt (file-multimedia.rules)
 * 1:26040 <-> ENABLED <-> EXPLOIT-KIT Crimeboss exploit kit - Portable Executable download attempt (exploit-kit.rules)
 * 1:26661 <-> ENABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:26651 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:25090 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:25615 <-> ENABLED <-> OS-MOBILE Apple iOS 6.x jailbreak download attempt (os-mobile.rules)
 * 1:26499 <-> ENABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:26876 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 cached display node use-after-free attempt (browser-ie.rules)
 * 1:26393 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX function call access (browser-plugins.rules)
 * 1:26716 <-> ENABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:6504 <-> DISABLED <-> FILE-OTHER Sophos Anti-Virus CAB file overflow attempt (file-other.rules)
 * 1:27055 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Yakes download attempt (malware-other.rules)
 * 1:25386 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - about.exe (exploit-kit.rules)
 * 1:26883 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (browser-ie.rules)
 * 1:6699 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (file-image.rules)
 * 1:25831 <-> ENABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:27691 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27656 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules)
 * 1:25621 <-> ENABLED <-> BROWSER-OTHER Opera use after free attempt (browser-other.rules)
 * 1:25094 <-> ENABLED <-> MALWARE-OTHER PERL.Exploit.C99 suspicious file download (malware-other.rules)
 * 1:27068 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit malicious jar file download (exploit-kit.rules)
 * 1:27061 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 deleted object access via timer memory corruption attempt (browser-ie.rules)
 * 1:3133 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products PNG large image height download attempt (file-image.rules)
 * 1:26799 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:25638 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:26550 <-> ENABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:25961 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit Portable Executable download (exploit-kit.rules)
 * 1:26056 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit Portable Executable download (exploit-kit.rules)
 * 1:26982 <-> ENABLED <-> FILE-FLASH Adobe SWF remote memory corruption attempt (file-flash.rules)
 * 1:27591 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:4644 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (os-windows.rules)
 * 1:25815 <-> ENABLED <-> FILE-FLASH Adobe Flash Player FLV crafted ADPCM stream heap overflow attempt (file-flash.rules)
 * 1:27679 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Fakeavlock variant outbound connection (malware-cnc.rules)
 * 1:26439 <-> ENABLED <-> FILE-JAVA Oracle Java known malicious jar file download - specific structure (file-java.rules)
 * 1:26951 <-> ENABLED <-> EXPLOIT-KIT DotCachef/DotCache exploit kit Malvertising Campaign URI request (exploit-kit.rules)
 * 1:25823 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit Java V5 exploit download (exploit-kit.rules)
 * 1:25095 <-> ENABLED <-> MALWARE-OTHER HTML.Exploit.C99 suspicious file download (malware-other.rules)
 * 1:27111 <-> DISABLED <-> BROWSER-PLUGINS PcVue SVUIGrd.ocx ActiveX clsid access (browser-plugins.rules)
 * 1:26590 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules)
 * 1:25957 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:25639 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:25562 <-> ENABLED <-> FILE-JAVA Oracle Java obfuscated jar file download attempt (file-java.rules)
 * 1:26477 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26724 <-> ENABLED <-> FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (file-multimedia.rules)
 * 1:25771 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer custom cursor file use after free attempt (browser-ie.rules)
 * 1:26549 <-> ENABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:27582 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27525 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical width overflow attempt (file-image.rules)
 * 1:25385 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - calc.exe (exploit-kit.rules)
 * 1:25328 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit java exploit retrieval (exploit-kit.rules)
 * 1:25096 <-> ENABLED <-> MALWARE-OTHER PHP.Exploit.C99 suspicious file download (malware-other.rules)
 * 1:26021 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:25862 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit java exploit retrieval (exploit-kit.rules)
 * 1:26055 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:25641 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:26054 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:25289 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript arbitrary memory reading attempt (browser-firefox.rules)
 * 1:25561 <-> ENABLED <-> EXPLOIT-KIT JDB exploit kit landing page (exploit-kit.rules)
 * 1:25387 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - readme.exe (exploit-kit.rules)
 * 1:26006 <-> ENABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26627 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio SVG external entity local file disclosure attempt (file-office.rules)
 * 1:27608 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTreeNode object CSS text overflow attempt (browser-ie.rules)
 * 1:27140 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit numerically named exe file dowload (exploit-kit.rules)
 * 1:26873 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 CSS rules cache use-after-free attempt (browser-ie.rules)
 * 1:5318 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows wmf file arbitrary code execution attempt (file-multimedia.rules)
 * 1:25139 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit eot outbound connection (exploit-kit.rules)
 * 1:25509 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit pdf exploit retrieval (exploit-kit.rules)
 * 1:26193 <-> ENABLED <-> BROWSER-PLUGINS Honeywell HscRemoteDeploy ActiveX control arbitrary HTA execution attempt (browser-plugins.rules)
 * 1:25596 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit EOT file download (exploit-kit.rules)
 * 1:26513 <-> DISABLED <-> FILE-PDF PDF with large embedded JavaScript - JS string attempt (file-pdf.rules)
 * 1:26543 <-> DISABLED <-> BROWSER-PLUGINS SafeNet ActiveX clsid access (browser-plugins.rules)
 * 1:27150 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:25316 <-> DISABLED <-> BROWSER-PLUGINS InduSoft ISSymbol InternationalSeparator heap overflow attempt (browser-plugins.rules)
 * 1:26649 <-> ENABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:27607 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer content generation use after free attempt (browser-ie.rules)
 * 1:25454 <-> DISABLED <-> INDICATOR-OBFUSCATION DOC header followed by PDF header (indicator-obfuscation.rules)
 * 1:27148 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer versions 6-9 deleted object access attempt (browser-ie.rules)
 * 1:5712 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player invalid data offset bitmap heap overflow attempt (file-image.rules)
 * 1:25322 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit EOT file download (exploit-kit.rules)
 * 1:26588 <-> ENABLED <-> FILE-JAVA Oracle Java runtime JMX findclass sandbox breach attempt (file-java.rules)
 * 1:27097 <-> ENABLED <-> OS-MOBILE Android ANDR.Trojan.SMSSilence APK file download attempt (os-mobile.rules)
 * 1:4135 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG rendering buffer overflow attempt (browser-ie.rules)
 * 1:26187 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid attempt (browser-plugins.rules)
 * 1:25502 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft GDI EMF malformed file buffer overflow attempt (file-multimedia.rules)
 * 1:25635 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:27606 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSelectionManager use after free attempt (browser-ie.rules)
 * 1:26484 <-> ENABLED <-> FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (file-java.rules)
 * 1:27207 <-> DISABLED <-> BROWSER-PLUGINS SigPlus Pro ActiveX clsid access (browser-plugins.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flashplayer sortOn heap overflow attempt (file-flash.rules)
 * 1:25514 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:27267 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:25951 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit EOT file download (exploit-kit.rules)
 * 1:26708 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26871 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer double-free memory corruption attempt (browser-ie.rules)
 * 1:27609 <-> ENABLED <-> POLICY-OTHER Microsoft ADFS endpoint information disclosure attempt (policy-other.rules)
 * 1:26339 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval - ff.php (exploit-kit.rules)
 * 1:26884 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (browser-ie.rules)
 * 1:26181 <-> DISABLED <-> BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX clsid access attempt (browser-plugins.rules)
 * 1:25353 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord exploit attempt (file-office.rules)
 * 1:26258 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules)
 * 1:27100 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer double-free memory corruption attempt (browser-ie.rules)
 * 1:26896 <-> ENABLED <-> EXPLOIT-KIT Flashpack/Safe/CritX exploit kit Plugin detection response (exploit-kit.rules)
 * 1:25097 <-> ENABLED <-> MALWARE-OTHER PHP.Exploit.C99 suspicious file download (malware-other.rules)
 * 1:27069 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit malicious portable executable download (exploit-kit.rules)
 * 1:25466 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:26766 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start control launchapp ActiveX clsid access (browser-plugins.rules)
 * 1:26132 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer saveHistory use after free attempt (browser-ie.rules)
 * 1:26137 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onBeforeCopy use after free attempt (browser-ie.rules)
 * 1:26197 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (file-java.rules)
 * 1:26507 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26170 <-> ENABLED <-> FILE-OFFICE Microsoft Office OneNote 2010 buffer overread info disclosure attempt (file-office.rules)
 * 1:5741 <-> DISABLED <-> FILE-OTHER Microsoft HTML help workshop buffer overflow attempt (file-other.rules)
 * 1:6502 <-> DISABLED <-> FILE-IMAGE Mozilla GIF single packet heap overflow - ANIMEXTS1.0 (file-image.rules)
 * 1:27174 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Socket ActiveX clsid access (browser-plugins.rules)
 * 1:26795 <-> ENABLED <-> OS-MOBILE Android ANDR.Trojan.ZertSecurity apk download (os-mobile.rules)
 * 1:25787 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 deleted object access memory corruption attempt (browser-ie.rules)
 * 1:26891 <-> ENABLED <-> EXPLOIT-KIT Flashpack/Safe/CritX exploit kit executable download (exploit-kit.rules)
 * 1:26000 <-> ENABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:25770 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (browser-ie.rules)
 * 1:25376 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime Targa image file buffer overflow attempt (file-multimedia.rules)
 * 1:27132 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer PreviousTreePos use after free attempt (browser-ie.rules)
 * 1:26475 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26545 <-> DISABLED <-> BROWSER-PLUGINS SafeNet ActiveX clsid access (browser-plugins.rules)
 * 1:25332 <-> DISABLED <-> FILE-OTHER Adobe Audition Session file tkrm stack buffer overflow attempt (file-other.rules)
 * 1:26176 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXDB memory corruption attempt (file-office.rules)
 * 1:25859 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious jar file download (exploit-kit.rules)
 * 1:26434 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit jar file downloaded (exploit-kit.rules)
 * 1:6692 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sRGB overflow attempt (file-image.rules)
 * 1:26316 <-> ENABLED <-> SERVER-OTHER Coppermine Photo Gallery picEditor.php command execution attempt (server-other.rules)
 * 1:26764 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start control launchapp ActiveX clsid access (browser-plugins.rules)
 * 1:27112 <-> DISABLED <-> BROWSER-PLUGINS PcVue SVUIGrd.ocx ActiveX function call access (browser-plugins.rules)
 * 1:25513 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:27570 <-> DISABLED <-> BROWSER-PLUGINS CEnroll.CEnroll.2 ActiveX function stringtoBinary access attempt (browser-plugins.rules)
 * 1:27605 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer TreeNode use after free attempt (browser-ie.rules)
 * 1:25111 <-> DISABLED <-> BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX clsid access attempt (browser-plugins.rules)
 * 1:25112 <-> DISABLED <-> BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX function call access attempt (browser-plugins.rules)
 * 1:26988 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 CTreeNodeobject use-after-free attempt (browser-ie.rules)
 * 1:26977 <-> DISABLED <-> FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (file-image.rules)
 * 1:26242 <-> DISABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (file-multimedia.rules)
 * 1:26989 <-> DISABLED <-> FILE-OTHER Multiple products ZIP archive virus detection bypass attempt (file-other.rules)
 * 1:25955 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious jar file download (exploit-kit.rules)
 * 1:27581 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:26565 <-> ENABLED <-> INDICATOR-OBFUSCATION base64-encoded nop sled detected (indicator-obfuscation.rules)
 * 1:25984 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:25956 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:25113 <-> DISABLED <-> BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX function call access attempt (browser-plugins.rules)
 * 1:6691 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (file-image.rules)
 * 1:27215 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint schemes record buffer overflow (file-office.rules)
 * 1:25798 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit 32-alpha jar request (exploit-kit.rules)
 * 1:27527 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules)
 * 1:25634 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:27096 <-> DISABLED <-> FILE-OTHER XML exponential entity expansion attack attempt (file-other.rules)
 * 1:27136 <-> ENABLED <-> OS-WINDOWS Microsoft Windows .NET CLR mutlidimensional array handling remote code execution attempt (os-windows.rules)
 * 1:25954 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit SWF file download (exploit-kit.rules)
 * 1:25065 <-> ENABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:25664 <-> ENABLED <-> SERVER-OTHER MiniUPnPd SSDP request buffer overflow attempt (server-other.rules)
 * 1:26317 <-> DISABLED <-> FILE-MULTIMEDIA Cool Player Plus M3U buffer overflow attempt (file-multimedia.rules)
 * 1:26272 <-> ENABLED <-> OS-MOBILE Android ANDR.Trojan.Chuli APK file download attempt (os-mobile.rules)
 * 1:27208 <-> DISABLED <-> BROWSER-PLUGINS Symantec WinFax Pro ActiveX heap buffer overflow attempt (browser-plugins.rules)
 * 1:25681 <-> ENABLED <-> FILE-FLASH Adobe Flash Player CFF FeatureCount integer overflow attempt (file-flash.rules)
 * 1:26157 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:26893 <-> ENABLED <-> EXPLOIT-KIT Flashpack/Safe/CritX exploit kit landing page (exploit-kit.rules)
 * 1:27597 <-> DISABLED <-> BROWSER-PLUGINS Morovia Barcode ActiveX Professional arbitrary file overwrite attempt (browser-plugins.rules)
 * 1:26227 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:26834 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page in.php base64 uri (exploit-kit.rules)
 * 1:27151 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:27621 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:25564 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader heap-based buffer overflow attempt (file-pdf.rules)
 * 1:27024 <-> DISABLED <-> MALWARE-OTHER OSX.Trojan.Netweird.A file download attempt (malware-other.rules)
 * 1:3534 <-> DISABLED <-> FILE-IMAGE Mozilla GIF single packet heap overflow - NETSCAPE2.0 (file-image.rules)
 * 1:25303 <-> DISABLED <-> FILE-OTHER Cisco WebEx WRF memory corruption attempt (file-other.rules)
 * 1:25506 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit EOT file download (exploit-kit.rules)
 * 1:27156 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer table column-count integer overflow attempt (browser-ie.rules)
 * 1:27250 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash.9 ActiveX function overflow attempt (browser-plugins.rules)
 * 1:25786 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 deleted object access memory corruption attempt (browser-ie.rules)
 * 1:26541 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit successful redirection - jnlp bypass (exploit-kit.rules)
 * 1:26002 <-> ENABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26922 <-> ENABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:27188 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27620 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer merged stylesheet array use after free attempt (browser-ie.rules)
 * 1:25391 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit obfuscated payload download (exploit-kit.rules)
 * 1:3689 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer tRNS overflow attempt (browser-ie.rules)
 * 1:25507 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit pdf exploit retrieval (exploit-kit.rules)
 * 1:25393 <-> ENABLED <-> FILE-OFFICE Microsoft Office RTF malformed pfragments field (file-office.rules)
 * 1:6694 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (file-image.rules)
 * 1:25324 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit landing page detected (exploit-kit.rules)
 * 1:26057 <-> ENABLED <-> FILE-IDENTIFY ZIP file download detected (file-identify.rules)
 * 1:27542 <-> ENABLED <-> FILE-IDENTIFY Python bytecode file magic detected (file-identify.rules)
 * 1:26323 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit redirection page (exploit-kit.rules)
 * 1:25560 <-> ENABLED <-> EXPLOIT-KIT JDB exploit kit landing page (exploit-kit.rules)
 * 1:27071 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:26790 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:25114 <-> DISABLED <-> BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX function call access attempt (browser-plugins.rules)
 * 1:25128 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (browser-ie.rules)
 * 1:6505 <-> DISABLED <-> FILE-IMAGE Apple QuickTime fpx file SectNumMiniFAT overflow attempt (file-image.rules)
 * 1:2707 <-> DISABLED <-> FILE-IMAGE JPEG parser multipacket heap overflow attempt (file-image.rules)
 * 1:25330 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel conditional code execution attempt (file-office.rules)
 * 1:25227 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox iframe and xul element reload crash attempt (browser-firefox.rules)
 * 1:25597 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit EOT file download (exploit-kit.rules)
 * 1:26495 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules)
 * 1:3473 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer SMIL file overflow attempt (file-multimedia.rules)
 * 1:25388 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:27142 <-> ENABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27526 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules)
 * 1:27141 <-> ENABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27190 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:25508 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit java exploit retrieval (exploit-kit.rules)
 * 1:26666 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ANIMATECOLOR SMIL access attempt (browser-ie.rules)
 * 1:26460 <-> DISABLED <-> FILE-OTHER Shadow Stream Recorder asx file buffer overflow attempt (file-other.rules)
 * 1:26598 <-> DISABLED <-> FILE-OTHER .tar multiple antivirus evasion attempt (file-other.rules)
 * 1:25811 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25121 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:26664 <-> DISABLED <-> FILE-IMAGE BMP extremely large xpos opcodes (file-image.rules)
 * 1:25225 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules)
 * 1:25778 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SVG use after free attempt (browser-ie.rules)
 * 1:26524 <-> ENABLED <-> BROWSER-PLUGINS Java security warning bypass through JWS attempt (browser-plugins.rules)
 * 1:26511 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit kit redirection structure (exploit-kit.rules)
 * 1:26624 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 7-9 VBScript JSON reference information disclosure attempt (browser-ie.rules)
 * 1:25819 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:26082 <-> DISABLED <-> FILE-PDF Nuance PDF reader launch overflow attempt (file-pdf.rules)
 * 1:4675 <-> DISABLED <-> FILE-FLASH Adobe Flash DOACTION tag overflow attempt (file-flash.rules)
 * 1:27612 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CMarkupPointer with SVG use-after-free attempt (browser-ie.rules)
 * 1:27042 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit plugin detection connection jovf (exploit-kit.rules)
 * 1:25055 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit 64-bit font file download (exploit-kit.rules)
 * 1:26381 <-> DISABLED <-> MALWARE-OTHER UTF-8 BOM in zip file attachment detected (malware-other.rules)
 * 1:25568 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:27144 <-> ENABLED <-> EXPLOIT-KIT Private exploit kit outbound traffic (exploit-kit.rules)
 * 1:25793 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid Shift_JIS character xss attempt (browser-ie.rules)
 * 1:27590 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:26328 <-> ENABLED <-> MALWARE-BACKDOOR Windows vernot download (malware-backdoor.rules)
 * 1:25965 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:26895 <-> ENABLED <-> EXPLOIT-KIT Flashpack/Safe/CritX exploit kit Java V7 exploit download (exploit-kit.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:26050 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit SWF file download (exploit-kit.rules)
 * 1:26569 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer null object access attempt (browser-ie.rules)
 * 1:26847 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 10 use after free attempt (browser-ie.rules)
 * 1:26506 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit jar file redirection (exploit-kit.rules)
 * 1:27286 <-> DISABLED <-> SERVER-WEBAPP DuWare DuClassmate default.asp iCity sql injection attempt (server-webapp.rules)
 * 1:27086 <-> ENABLED <-> EXPLOIT-KIT Unknown Malvertising exploit kit stage-1 redirect (exploit-kit.rules)
 * 1:25122 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:26639 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XML digital signature transformation of digest value (browser-ie.rules)
 * 1:26070 <-> ENABLED <-> FILE-EXECUTABLE Ichitaro JSMISC32.dll dll-load exploit attempt (file-executable.rules)
 * 1:4643 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file buffer overflow attempt (os-windows.rules)
 * 1:26960 <-> ENABLED <-> EXPLOIT-KIT Zuponcic exploit kit redirection received (exploit-kit.rules)
 * 1:6700 <-> ENABLED <-> FILE-IMAGE Microsoft Multiple Products malformed PNG detected tEXt overflow attempt (file-image.rules)
 * 1:25642 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:26122 <-> DISABLED <-> FILE-OTHER Lattice Semiconductor ispXCF version attribute overflow attempt (file-other.rules)
 * 1:26832 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control exploit attempt (file-office.rules)
 * 1:25346 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:26052 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:26901 <-> DISABLED <-> BROWSER-PLUGINS Java Applet sql.DriverManager exploit attempt (browser-plugins.rules)
 * 1:25453 <-> DISABLED <-> INDICATOR-OBFUSCATION JPEG header followed by PDF header (indicator-obfuscation.rules)
 * 1:26566 <-> ENABLED <-> INDICATOR-OBFUSCATION base64-encoded nop sled detected (indicator-obfuscation.rules)
 * 1:7025 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel url unicode overflow attempt (file-office.rules)
 * 1:25644 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:26894 <-> ENABLED <-> EXPLOIT-KIT Flashpack/Safe/CritX exploit kit Java V6 exploit download (exploit-kit.rules)
 * 1:26159 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:26008 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SWF-based shellcode download attempt (file-flash.rules)
 * 1:26568 <-> DISABLED <-> INDICATOR-OBFUSCATION eval of base64-encoded data (indicator-obfuscation.rules)
 * 1:26041 <-> ENABLED <-> EXPLOIT-KIT Crimeboss exploit kit - Portable Executable download attempt (exploit-kit.rules)
 * 1:26182 <-> DISABLED <-> BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX function call access attempt (browser-plugins.rules)
 * 1:26817 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript regex embedded sandbox escape attempt (file-pdf.rules)
 * 1:26053 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:27548 <-> ENABLED <-> MALWARE-OTHER Osx.Trojan.Janicab file download attempt (malware-other.rules)
 * 1:26570 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer null object access attempt (browser-ie.rules)
 * 1:27052 <-> DISABLED <-> MALWARE-OTHER Trojan.Java.JVDrop.A jar file download attempt (malware-other.rules)
 * 1:26526 <-> ENABLED <-> EXPLOIT-KIT Portable Executable downloaded with bad DOS stub (exploit-kit.rules)
 * 1:25643 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:25325 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit pdf exploit retrieval (exploit-kit.rules)
 * 1:25962 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit EOT file download (exploit-kit.rules)
 * 1:25953 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit landing page (exploit-kit.rules)
 * 1:26767 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start control launchapp embed access (browser-plugins.rules)
 * 1:27618 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6 usp10.dll Bengali font stack overrun attempt (browser-ie.rules)
 * 1:27197 <-> DISABLED <-> MALWARE-OTHER OSX.Trojan.Pintsized file download attempt (malware-other.rules)
 * 1:27212 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:26610 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Dulevco.A runtime detection (malware-backdoor.rules)
 * 1:25505 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit EOT file download (exploit-kit.rules)
 * 1:25588 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader FlateDecode integer overflow attempt (file-pdf.rules)
 * 1:26707 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:26158 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:27076 <-> ENABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:25247 <-> ENABLED <-> FILE-OTHER Lattice PAC Designer symbol value buffer overflow attempt (file-other.rules)
 * 1:27613 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CElement use-after-free attempt (browser-ie.rules)
 * 1:25559 <-> ENABLED <-> EXPLOIT-KIT JDB exploit kit landing page retrieval (exploit-kit.rules)
 * 1:26344 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page redirection (exploit-kit.rules)
 * 1:25826 <-> DISABLED <-> SERVER-OTHER TLSv1.1 plaintext recovery attempt (server-other.rules)
 * 1:26051 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious jar file download (exploit-kit.rules)
 * 1:26246 <-> ENABLED <-> OS-MOBILE Android ANDR.Trojan.PremiumSMS APK file download attempt (os-mobile.rules)
 * 1:26672 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26535 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:27102 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:26068 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:25472 <-> ENABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:27585 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:26004 <-> ENABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:25341 <-> ENABLED <-> FILE-OTHER Cisco WebEx player remote code execution attempt (file-other.rules)
 * 1:26185 <-> ENABLED <-> FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (file-java.rules)
 * 1:26473 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:27133 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer display node use after free attempt (browser-ie.rules)
 * 1:25968 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit Portable Executable download (exploit-kit.rules)
 * 1:5711 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player zero length bitmap heap overflow attempt (file-image.rules)
 * 1:25384 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit Payload detection - contacts.exe (exploit-kit.rules)
 * 1:26928 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26783 <-> ENABLED <-> OS-MOBILE Android ANDR.Trojan.Opfake APK file download (os-mobile.rules)
 * 1:26326 <-> ENABLED <-> MALWARE-BACKDOOR DarkSeoul related wiper (malware-backdoor.rules)
 * 1:26536 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit landing page (exploit-kit.rules)
 * 1:26314 <-> ENABLED <-> SERVER-OTHER Coppermine Photo Gallery picEditor.php command execution attempt (server-other.rules)
 * 1:27692 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:25137 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:26623 <-> ENABLED <-> BROWSER-IE Microsoft Windows Live Writer wlw protocol handler information disclosure attempt (browser-ie.rules)
 * 1:27265 <-> ENABLED <-> FILE-FLASH Adobe SWF heap buffer overflow attempt (file-flash.rules)
 * 1:25646 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules)
 * 1:27085 <-> ENABLED <-> EXPLOIT-KIT Unknown Malvertising exploit kit Hostile Jar pipe.class (exploit-kit.rules)
 * 1:26888 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTreeNode use after free memory corruption attempt (browser-ie.rules)
 * 1:25964 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:7197 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MSO.DLL malformed string parsing single byte buffer over attempt (file-office.rules)
 * 1:25377 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime Targa image file buffer overflow attempt (file-multimedia.rules)
 * 1:26195 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:6701 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (file-image.rules)
 * 1:27216 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint printer record buffer overflow (file-office.rules)
 * 1:25801 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit jar file request (exploit-kit.rules)
 * 1:25952 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit landing page (exploit-kit.rules)
 * 1:25827 <-> DISABLED <-> SERVER-OTHER TLSv1.2 plaintext recovery attempt (server-other.rules)
 * 1:6698 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (file-image.rules)
 * 1:26546 <-> DISABLED <-> BROWSER-PLUGINS SafeNet ActiveX clsid access (browser-plugins.rules)
 * 1:27242 <-> ENABLED <-> EXPLOIT-KIT embedded iframe redirection - possible exploit kit indicator (exploit-kit.rules)
 * 1:27089 <-> ENABLED <-> FILE-OFFICE Microsoft Office eps filters memory corruption attempt (file-office.rules)
 * 1:26875 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 CTreeNodeobject use-after-free attempt (browser-ie.rules)
 * 1:26135 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer saveHistory use after free attempt (browser-ie.rules)
 * 1:25773 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer VML shape object malformed path attempt (browser-ie.rules)
 * 1:25366 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:3079 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer ANI file parsing buffer overflow attempt (browser-ie.rules)
 * 1:26567 <-> ENABLED <-> INDICATOR-OBFUSCATION base64-encoded nop sled detected (indicator-obfuscation.rules)
 * 1:26066 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:25123 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:25950 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit PDF exploit (exploit-kit.rules)
 * 1:26259 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules)
 * 1:25677 <-> ENABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25125 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (browser-ie.rules)
 * 1:27033 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Transhell outbound connection user-agent (malware-cnc.rules)
 * 1:26049 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit EOT file download (exploit-kit.rules)
 * 1:25802 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit encoded portable executable request (exploit-kit.rules)
 * 1:4679 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file component name integer overflow multipacket attempt (file-multimedia.rules)
 * 1:27584 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:27278 <-> DISABLED <-> FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (file-other.rules)
 * 1:25126 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (browser-ie.rules)
 * 1:26209 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules)
 * 1:25680 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player embedded compact font detected (file-identify.rules)
 * 1:27285 <-> ENABLED <-> SERVER-WEBAPP Gazi Download Portal down_indir.asp SQL injection attempt (server-webapp.rules)
 * 1:26849 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer superscript use after free attempt (browser-ie.rules)
 * 1:26998 <-> DISABLED <-> MALWARE-CNC OSX.Trojan.Morcut file download attempt (malware-cnc.rules)
 * 1:25822 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit malicious PDF retrieval (exploit-kit.rules)
 * 1:25232 <-> DISABLED <-> BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (browser-firefox.rules)
 * 1:26976 <-> DISABLED <-> FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (file-image.rules)
 * 1:25320 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules)
 * 1:6695 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tRNS overflow attempt (file-image.rules)
 * 1:26534 <-> ENABLED <-> EXPLOIT-KIT Stamp exploit kit portable executable download (exploit-kit.rules)
 * 1:26830 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control access (file-office.rules)
 * 1:25803 <-> ENABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25452 <-> DISABLED <-> INDICATOR-OBFUSCATION PNG header followed by PDF header (indicator-obfuscation.rules)
 * 1:25764 <-> ENABLED <-> MALWARE-OTHER Java.Trojan.FlashPlayer file download attempt (malware-other.rules)
 * 1:3823 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer realtext file bad version buffer overflow attempt (file-multimedia.rules)
 * 1:26646 <-> ENABLED <-> BROWSER-PLUGINS Java security warning bypass through JWS attempt (browser-plugins.rules)
 * 1:26510 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit pdf payload detection (exploit-kit.rules)
 * 1:26652 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26419 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (browser-ie.rules)
 * 1:27127 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 10 CTreePos use-after-free attempt (browser-ie.rules)
 * 1:25510 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit java exploit retrieval (exploit-kit.rules)
 * 1:25254 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (browser-plugins.rules)
 * 1:25449 <-> DISABLED <-> FILE-PDF Javascript openDoc UNC network request attempt (file-pdf.rules)
 * 1:27010 <-> ENABLED <-> MALWARE-CNC WIN.Trojan.Zbot payment .scr download attempt (malware-cnc.rules)
 * 1:26354 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer expression clause in style tag cross site scripting attempt (browser-ie.rules)
 * 1:26573 <-> ENABLED <-> BROWSER-PLUGINS Honeywell HscRemoteDeploy ActiveX control arbitrary HTA execution attempt (browser-plugins.rules)
 * 1:25462 <-> DISABLED <-> FILE-PDF OpenType parsing buffer overflow attempt (file-pdf.rules)
 * 1:2550 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp XM file buffer overflow attempt (file-other.rules)
 * 1:25963 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit SWF file download (exploit-kit.rules)
 * 1:25784 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer text layout calculation use after free attempt (browser-ie.rules)
 * 1:26852 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer create-add range on DOM objects memory corruption attempt (browser-ie.rules)
 * 1:25830 <-> ENABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26630 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CDispNode float css element use after free attempt (browser-ie.rules)
 * 1:25958 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:27183 <-> ENABLED <-> FILE-FLASH Adobe Flash Player malicious swf file download attempt (file-flash.rules)
 * 1:25825 <-> DISABLED <-> SERVER-OTHER TLSv1.0 plaintext recovery attempt (server-other.rules)
 * 1:25129 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (browser-ie.rules)
 * 1:26129 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer htc file use after free attempt (browser-ie.rules)
 * 1:25294 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel IPMT record buffer overflow attempt (file-office.rules)
 * 1:25611 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:25860 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit landing page (exploit-kit.rules)
 * 1:26587 <-> ENABLED <-> FILE-JAVA Oracle Java runtime JMX findclass sandbox breach attempt (file-java.rules)
 * 1:25327 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit pdf exploit retrieval (exploit-kit.rules)
 * 1:27067 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:27211 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:25127 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (browser-ie.rules)
 * 1:26700 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules)
 * 1:26622 <-> ENABLED <-> BROWSER-IE Microsoft Windows Live Writer wlw protocol handler information disclosure attempt (browser-ie.rules)
 * 1:25591 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25966 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:27143 <-> ENABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:26125 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 2D-position use after free attempt (browser-ie.rules)
 * 1:25138 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit pdf outbound connection (exploit-kit.rules)
 * 1:25326 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit java exploit retrieval (exploit-kit.rules)
 * 1:26163 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSheet code execution attempt (file-office.rules)
 * 1:27041 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit plugin detection connection jlnp (exploit-kit.rules)
 * 1:27274 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit request structure (exploit-kit.rules)
 * 1:25516 <-> ENABLED <-> FILE-IDENTIFY Microsoft Software Installer MSI binary file magic detected (file-identify.rules)
 * 1:25676 <-> ENABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:26670 <-> ENABLED <-> MALWARE-OTHER OSX.Trojan.KitM file download (malware-other.rules)
 * 1:26694 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader dll injection sandbox escape (file-pdf.rules)
 * 1:25788 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe use after free attempt (browser-ie.rules)
 * 1:25828 <-> DISABLED <-> SERVER-OTHER SSLv3 plaintext recovery attempt (server-other.rules)
 * 1:26459 <-> DISABLED <-> FILE-OTHER Shadow Stream Recorder asx file buffer overflow attempt (file-other.rules)
 * 1:27228 <-> ENABLED <-> MALWARE-OTHER OSX.Trojan.Janicab file download attempt (malware-other.rules)
 * 1:27137 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTreeNode use after free memory corruption attempt (browser-ie.rules)
 * 1:3132 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products PNG large image width download attempt (file-image.rules)
 * 1:27175 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Socket ActiveX clsid access (browser-plugins.rules)
 * 1:26619 <-> DISABLED <-> INDICATOR-OBFUSCATION multiple comment tags used in embedded RTF object - potentially malicious (indicator-obfuscation.rules)
 * 1:25226 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules)
 * 1:26196 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (file-java.rules)
 * 1:27674 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:6690 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iCCP overflow attempt (file-image.rules)
 * 1:25309 <-> DISABLED <-> FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (file-other.rules)
 * 1:25959 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit malicious class file download (exploit-kit.rules)
 * 1:25857 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit PDF exploit (exploit-kit.rules)
 * 1:25305 <-> DISABLED <-> FILE-IDENTIFY Adobe Audition Session file magic detected (file-identify.rules)
 * 1:7205 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (file-office.rules)
 * 1:9625 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player ASX file ref href buffer overflow attempt (os-windows.rules)
 * 1:8448 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel colinfo XF record overflow attempt (file-office.rules)
 * 1:8445 <-> DISABLED <-> FILE-OFFICE Microsoft Windows RTF file with embedded object package download attempt (file-office.rules)
 * 1:8478 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file magic detected (file-identify.rules)
 * 1:7202 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (file-office.rules)
 * 1:7204 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel object ftCmo overflow attempt (file-office.rules)
 * 1:25806 <-> ENABLED <-> EXPLOIT-KIT Whitehole exploit kit landing page (exploit-kit.rules)
 * 1:25814 <-> DISABLED <-> FILE-FLASH Adobe Flash Player nested SWF cross domain clickjacking attempt (file-flash.rules)
 * 1:2673 <-> DISABLED <-> FILE-IMAGE libpng tRNS overflow attempt (file-image.rules)
 * 1:3685 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer bitmap BitmapOffset multipacket integer overflow attempt (browser-ie.rules)
 * 1:25790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer compatibility mode invalid memory access attempt (browser-ie.rules)
 * 1:27282 <-> DISABLED <-> BROWSER-PLUGINS PPMate PPMPlayer.dll ActiveX clsid access (browser-plugins.rules)
 * 1:26848 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 7 emulation via meta tag (browser-ie.rules)
 * 1:26927 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26648 <-> ENABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:25799 <-> DISABLED <-> EXPLOIT-KIT Stamp exploit kit pdf request (exploit-kit.rules)
 * 1:27171 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:3686 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Content Advisor memory corruption attempt (browser-ie.rules)
 * 1:27072 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page retrieval (exploit-kit.rules)
 * 1:7203 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word information string overflow attempt (file-office.rules)
 * 1:7866 <-> DISABLED <-> BROWSER-PLUGINS ADODB.Connection ActiveX clsid access (browser-plugins.rules)
 * 1:10062 <-> DISABLED <-> FILE-IMAGE Oracle Java Virtual Machine malformed GIF buffer overflow attempt (file-image.rules)
 * 1:9637 <-> DISABLED <-> FILE-OTHER Adobe Download Manger dm.ini stack overflow attempt (file-other.rules)
 * 1:9639 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Address Book file magic detected (file-identify.rules)
 * 1:9793 <-> DISABLED <-> BROWSER-PLUGINS YMMAPI.YMailAttach ActiveX clsid access (browser-plugins.rules)
 * 1:9795 <-> DISABLED <-> BROWSER-PLUGINS Panda ActiveScan ActiveScan.1 ActiveX clsid access (browser-plugins.rules)
 * 1:9798 <-> DISABLED <-> BROWSER-PLUGINS Panda ActiveScan PAVPZ.SOS.1 ActiveX clsid access (browser-plugins.rules)
 * 1:9801 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player or Explorer Malformed MIDI File DOS attempt (file-multimedia.rules)
 * 1:9840 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime HREF Track Detected (file-multimedia.rules)
 * 1:9842 <-> DISABLED <-> FILE-PDF Adobe Acrobat Plugin Universal cross-site scripting attempt (file-pdf.rules)
 * 1:9843 <-> DISABLED <-> FILE-PDF Adobe Acrobat Plugin JavaScript parameter double free attempt (file-pdf.rules)
 * 1:9844 <-> DISABLED <-> FILE-MULTIMEDIA VLC Media Player udp URI format string attempt (file-multimedia.rules)
 * 1:9845 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)
 * 1:9847 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook Saved Search download attempt (file-office.rules)
 * 1:10115 <-> DISABLED <-> FILE-IMAGE Microsoft Windows WMF FILE-IMAGE attempt (file-image.rules)
 * 1:10126 <-> DISABLED <-> FILE-IMAGE Apple QuickTime JPEG Huffman Table integer underflow attempt (file-image.rules)
 * 1:10128 <-> DISABLED <-> BROWSER-PLUGINS Aliplay ActiveX clsid access (browser-plugins.rules)
 * 1:10189 <-> DISABLED <-> BROWSER-PLUGINS DivXBrowserPlugin ActiveX clsid access (browser-plugins.rules)
 * 1:10387 <-> DISABLED <-> BROWSER-PLUGINS McAfee Site Manager ActiveX clsid access attempt (browser-plugins.rules)
 * 1:10389 <-> DISABLED <-> BROWSER-PLUGINS McAfee Site Manager ActiveX function call access attempt (browser-plugins.rules)
 * 1:10390 <-> DISABLED <-> BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX clsid access (browser-plugins.rules)
 * 1:10404 <-> DISABLED <-> BROWSER-PLUGINS SignKorea SKCommAX ActiveX clsid access (browser-plugins.rules)
 * 1:10504 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:10505 <-> DISABLED <-> INDICATOR-SHELLCODE unescape encoded shellcode (indicator-shellcode.rules)
 * 1:11180 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie ftyp buffer underflow (file-multimedia.rules)
 * 1:11192 <-> DISABLED <-> FILE-EXECUTABLE download of executable content (file-executable.rules)
 * 1:11257 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (browser-ie.rules)
 * 1:11259 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX clsid access (browser-plugins.rules)
 * 1:11261 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX function call access (browser-plugins.rules)
 * 1:11267 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop PNG file handling stack buffer overflow attempt (file-image.rules)
 * 1:11835 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:11836 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio version number anomaly (file-office.rules)
 * 1:12070 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed version field (file-office.rules)
 * 1:12099 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtWindow1 record handling arbitrary code execution attempt (file-office.rules)
 * 1:12182 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:12183 <-> DISABLED <-> FILE-FLASH Adobe FLV long string script data buffer overflow attempt (file-flash.rules)
 * 1:12184 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel workbook workspace designation handling arbitrary code execution attempt (file-office.rules)
 * 1:12219 <-> ENABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer SMIL wallclock parsing buffer overflow (file-multimedia.rules)
 * 1:12256 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record (file-office.rules)
 * 1:12283 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:12284 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtWnDesk record memory corruption exploit attempt (file-office.rules)
 * 1:12454 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:12456 <-> DISABLED <-> FILE-IDENTIFY SAP Crystal Reports file magic detected (file-identify.rules)
 * 1:12593 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Apple Quicktime chrome exploit (browser-firefox.rules)
 * 1:12618 <-> DISABLED <-> FILE-OTHER Microsoft Visual Basic VBP file reference overflow attempt (file-other.rules)
 * 1:12630 <-> DISABLED <-> INDICATOR-SHELLCODE unescape unicode encoded shellcode (indicator-shellcode.rules)
 * 1:12634 <-> DISABLED <-> FILE-IMAGE Microsoft Windows 2000 Kodak Imaging large offset malformed tiff 2 (file-image.rules)
 * 1:12641 <-> DISABLED <-> FILE-IDENTIFY Microsoft Word for Mac 5 file magic detected (file-identify.rules)
 * 1:12707 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer lyrics heap overflow attempt (file-multimedia.rules)
 * 1:12728 <-> ENABLED <-> FILE-MULTIMEDIA RealNetworks SMIL wallclock stack overflow attempt (file-multimedia.rules)
 * 1:12743 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC picture description metadata buffer overflow attempt (file-multimedia.rules)
 * 1:12744 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC VORBIS string buffer overflow attempt (file-multimedia.rules)
 * 1:12745 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC picture metadata buffer overflow attempt (file-multimedia.rules)
 * 1:12746 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD atom overflow attempt (file-multimedia.rules)
 * 1:12757 <-> ENABLED <-> FILE-IMAGE Apple QuickTime uncompressed PICT stack overflow attempt (file-image.rules)
 * 1:12971 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:12972 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player asf/wmv/wma file magic detected (file-identify.rules)
 * 1:12983 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX SAMI file CRawParser buffer overflow attempt (file-multimedia.rules)
 * 1:13293 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (file-multimedia.rules)
 * 1:13300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (file-flash.rules)
 * 1:13316 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing ART buffer overflow attempt (file-multimedia.rules)
 * 1:13317 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing nam buffer overflow attempt (file-multimedia.rules)
 * 1:13318 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cmt buffer overflow attempt (file-multimedia.rules)
 * 1:13319 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing des buffer overflow attempt (file-multimedia.rules)
 * 1:13320 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cpy buffer overflow attempt (file-multimedia.rules)
 * 1:13361 <-> DISABLED <-> FILE-OTHER ClamAV MEW PE file integer overflow attempt (file-other.rules)
 * 1:13466 <-> ENABLED <-> FILE-OFFICE Microsoft Works file converter file section length headers memory corruption attempt (file-office.rules)
 * 1:13470 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher memory corruption attempt (file-office.rules)
 * 1:13472 <-> DISABLED <-> FILE-OFFICE Microsoft Works invalid chunk size (file-office.rules)
 * 1:13477 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader collab.collectEmailInfo exploit attempt - compressed (file-pdf.rules)
 * 1:13478 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader collab.collectEmailInfo exploit attempt (file-pdf.rules)
 * 1:13517 <-> DISABLED <-> FILE-MULTIMEDIA Apple Quicktime malformed idsc atom (file-multimedia.rules)
 * 1:13569 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:13570 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel cf record arbitrary code excecution attempt (file-office.rules)
 * 1:13571 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel dval record arbitrary code excecution attempt (file-office.rules)
 * 1:13572 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:13573 <-> ENABLED <-> FILE-OFFICE Microsoft Office Outlook arbitrary command line attempt (file-office.rules)
 * 1:13585 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:13626 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access file magic detected (file-identify.rules)
 * 1:13629 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (file-identify.rules)
 * 1:13630 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (file-identify.rules)
 * 1:13633 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (file-identify.rules)
 * 1:13665 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio DXF file invalid memory allocation exploit attempt (file-office.rules)
 * 1:13677 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer data stream memory corruption attempt (browser-ie.rules)
 * 1:13797 <-> DISABLED <-> FILE-IDENTIFY Portable Executable compact binary file magic detected (file-identify.rules)
 * 1:13807 <-> DISABLED <-> FILE-IMAGE Microsoft Windows metafile SetPaletteEntries heap overflow attempt (file-image.rules)
 * 1:13820 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13821 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13822 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13823 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX SAMI file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:13824 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (file-multimedia.rules)
 * 1:13865 <-> DISABLED <-> FILE-IMAGE BMP image handler buffer overflow attempt (file-image.rules)
 * 1:13888 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13889 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13890 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13893 <-> DISABLED <-> FILE-OTHER Microsoft malformed saved search heap corruption attempt (file-other.rules)
 * 1:13917 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13918 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13919 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13920 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Obji Atom parsing stack buffer overflow attempt (file-multimedia.rules)
 * 1:13970 <-> ENABLED <-> FILE-OFFICE Microsoft Office eps filters memory corruption attempt (file-office.rules)
 * 1:13971 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint TxMasterStyle10Atom atom numLevels buffer overflow attempt (file-office.rules)
 * 1:13972 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel country record arbitrary code execution attempt (file-office.rules)
 * 1:13981 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed chart arbitrary code execution attempt (file-office.rules)
 * 1:13990 <-> DISABLED <-> SQL union select - possible sql injection attempt - GET parameter (sql.rules)
 * 1:14039 <-> ENABLED <-> FILE-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt (file-other.rules)
 * 1:14235 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Services CallHTMLHelp ActiveX buffer overflow attempt (browser-plugins.rules)
 * 1:14262 <-> DISABLED <-> FILE-OFFICE Microsoft Office OneNote iframe caller exploit attempt (file-office.rules)
 * 1:1437 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Media download detected (file-identify.rules)
 * 1:14641 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:14644 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain unfocusable HTML element (browser-ie.rules)
 * 1:14645 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain setExpression exploit attempt (browser-ie.rules)
 * 1:15014 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (file-pdf.rules)
 * 1:15080 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player WAV processing integer overflow attempt (file-multimedia.rules)
 * 1:15082 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word rtf malformed dpcallout buffer overflow attempt (file-office.rules)
 * 1:15083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word .rtf file double free attempt (file-office.rules)
 * 1:15104 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Visual Basic 6.0 malformed AVI buffer overflow attempt (file-multimedia.rules)
 * 1:15105 <-> ENABLED <-> FILE-IMAGE Microsoft GDI WMF file parsing integer overflow attempt (file-image.rules)
 * 1:15106 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word .rtf file integer overflow attempt (file-office.rules)
 * 1:15107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word .rtf file stylesheet buffer overflow attempt (file-office.rules)
 * 1:15116 <-> ENABLED <-> OS-WINDOWS Microsoft Windows search protocol remote command injection attempt (os-windows.rules)
 * 1:15147 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (browser-ie.rules)
 * 1:15157 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules)
 * 1:15163 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio Object Header Buffer Overflow attempt (file-office.rules)
 * 1:15166 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player RealText buffer overflow attempt (file-multimedia.rules)
 * 1:15191 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox animated PNG processing integer overflow (browser-firefox.rules)
 * 1:15236 <-> DISABLED <-> FILE-IMAGE ACD Systems ACDSee XPM file format overflow attempt (file-image.rules)
 * 1:15238 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime for Java toQTPointer function memory corruption attempt (file-multimedia.rules)
 * 1:15241 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC real.c ReadRealIndex real demuxer integer overflow attempt (file-multimedia.rules)
 * 1:15299 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (file-office.rules)
 * 1:15303 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio Malformed IconBitsComponent arbitrary code execution attempt (file-office.rules)
 * 1:15304 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (browser-ie.rules)
 * 1:15306 <-> DISABLED <-> FILE-EXECUTABLE Portable Executable binary file magic detected (file-executable.rules)
 * 1:15357 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:15358 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:15384 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:15428 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox SVG data processing memory corruption attempt (browser-firefox.rules)
 * 1:15455 <-> ENABLED <-> FILE-OFFICE Microsoft Office WordPad and Office Text Converters XST parsing buffer overflow attempt (file-office.rules)
 * 1:15466 <-> ENABLED <-> FILE-OFFICE Microsoft Office WordPad WordPerfect 6.x converter buffer overflow attempt (file-office.rules)
 * 1:15467 <-> ENABLED <-> FILE-OFFICE Microsoft Office WordPad and Office Text Converters PlcPcd aCP buffer overflow attempt (file-office.rules)
 * 1:15469 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office text converters integer underflow attempt (file-office.rules)
 * 1:15472 <-> DISABLED <-> FILE-MULTIMEDIA Multiple MP3 player PLS buffer overflow attempt (file-multimedia.rules)
 * 1:15473 <-> DISABLED <-> FILE-MULTIMEDIA Multiple media players M3U playlist file handling buffer overflow attempt (file-multimedia.rules)
 * 1:15478 <-> ENABLED <-> FILE-FLASH Adobe Flash Player invalid object reference code execution attempt (file-flash.rules)
 * 1:15480 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime movie record invalid version number exploit attempt (file-multimedia.rules)
 * 1:15487 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime SMIL qtnext redirect file execution attempt (file-multimedia.rules)
 * 1:15492 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt (file-pdf.rules)
 * 1:15493 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnots exploit attempt (file-pdf.rules)
 * 1:15499 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint PP7 Component buffer overflow attempt (file-office.rules)
 * 1:15500 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint LinkedSlide memory corruption (file-office.rules)
 * 1:15501 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint ParaBuildAtom memory corruption attempt (file-office.rules)
 * 1:15502 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint DiagramBuildContainer memory corruption attempt (file-office.rules)
 * 1:15504 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Download of version 4.0 file (file-office.rules)
 * 1:15505 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint HashCode10Atom memory corruption attempt (file-office.rules)
 * 1:15506 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint CurrentUserAtom remote code execution attempt (file-office.rules)
 * 1:15517 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI DirectShow QuickTime parsing overflow attempt (file-multimedia.rules)
 * 1:15524 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15525 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15526 <-> ENABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:15539 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Formula record remote code execution attempt (file-office.rules)
 * 1:15541 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SST record remote code execution attempt (file-office.rules)
 * 1:15542 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Qsir and Qsif record remote code execution attempt (file-office.rules)
 * 1:15559 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:15562 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JPX malformed code-block width attempt (file-pdf.rules)
 * 1:15575 <-> DISABLED <-> FILE-IDENTIFY WordPerfect file magic detected (file-identify.rules)
 * 1:15583 <-> DISABLED <-> FILE-OTHER F-Secure AntiVirus library heap overflow attempt (file-other.rules)
 * 1:15681 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 file format arbitrary code execution attempt (file-office.rules)
 * 1:15682 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectShow QuickTime file stsc atom parsing heap corruption attempt (file-multimedia.rules)
 * 1:15693 <-> ENABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table overflow attempt (file-other.rules)
 * 1:15694 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table integer overflow attempt (file-other.rules)
 * 1:15695 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (file-other.rules)
 * 1:15709 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader FlateDecode integer overflow attempt (file-pdf.rules)
 * 1:15727 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules)
 * 1:15728 <-> ENABLED <-> FILE-PDF Possible Adobe Reader ActionScript byte_array heap spray attempt (file-pdf.rules)
 * 1:15729 <-> ENABLED <-> FILE-FLASH Possible Adobe Flash ActionScript byte_array heap spray attempt (file-flash.rules)
 * 1:15854 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (file-multimedia.rules)
 * 1:15866 <-> DISABLED <-> FILE-OTHER libxml2 file processing long entity overflow attempt (file-other.rules)
 * 1:15867 <-> DISABLED <-> FILE-PDF Adobe Acrobat PDF font processing memory corruption attempt (file-pdf.rules)
 * 1:15871 <-> ENABLED <-> FILE-MULTIMEDIA FFmpeg 4xm processing memory corruption attempt (file-multimedia.rules)
 * 1:15901 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp AIFF parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:15909 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime VR Track Header Atom heap corruption attempt (file-multimedia.rules)
 * 1:15946 <-> DISABLED <-> FILE-OTHER Microsoft Windows Vista Feed Headlines Gagdet code execution attempt (file-other.rules)
 * 1:15957 <-> DISABLED <-> FILE-OTHER Sophos Anti-Virus zip file handling DoS attempt (file-other.rules)
 * 1:15993 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript intrf_count integer overflow attempt (file-flash.rules)
 * 1:15995 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX malformed avi file mjpeg compression arbitrary code execution attempt (file-multimedia.rules)
 * 1:16000 <-> ENABLED <-> FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (file-image.rules)
 * 1:16001 <-> DISABLED <-> FILE-IMAGE Apple QuickDraw PICT images ARGB records handling memory corruption attempt (file-image.rules)
 * 1:16006 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime color table id memory corruption attempt (file-multimedia.rules)
 * 1:16027 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp midi file header overflow attempt (file-multimedia.rules)
 * 1:16041 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime FLIC animation file buffer overflow attempt (file-multimedia.rules)
 * 1:16051 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (file-office.rules)
 * 1:16054 <-> DISABLED <-> FILE-IMAGE Apple QuickTime bitmap multiple header overflow (file-image.rules)
 * 1:16055 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes AAC file handling integer overflow attempt (file-multimedia.rules)
 * 1:16059 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed file format parsing code execution attempt (file-office.rules)
 * 1:16062 <-> DISABLED <-> FILE-OTHER ACD Systems ACDSee Products XPM values section buffer overflow attempt (file-other.rules)
 * 1:16087 <-> DISABLED <-> FILE-OTHER Multiple vendor AV gateway virus detection bypass attempt (file-other.rules)
 * 1:16143 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:16148 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime and iTunes heap memory corruption attempt (file-multimedia.rules)
 * 1:16153 <-> DISABLED <-> FILE-IMAGE Microsoft Windows malformed WMF meta escape record memory corruption (file-image.rules)
 * 1:16157 <-> ENABLED <-> OS-WINDOWS Microsoft Windows malformed ASF voice codec memory corruption attempt (os-windows.rules)
 * 1:16172 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D line set heap corruption attempt (file-pdf.rules)
 * 1:16173 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D progressive mesh continuation pointer overwrite attempt (file-pdf.rules)
 * 1:16174 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D progressive mesh continuation off by one index attempt (file-pdf.rules)
 * 1:16175 <-> ENABLED <-> FILE-PDF Adobe collab.removeStateModel denial of service attempt (file-pdf.rules)
 * 1:16176 <-> ENABLED <-> FILE-PDF Adobe collab.addStateModel remote corruption attempt (file-pdf.rules)
 * 1:16177 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word GDI+ Office Art Property Table remote code execution attempt (file-office.rules)
 * 1:16178 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel GDI+ Office Art Property Table remote code execution attempt (file-office.rules)
 * 1:16183 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET MSIL CombineImpl suspicious usage attempt (file-executable.rules)
 * 1:16184 <-> ENABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:16186 <-> ENABLED <-> FILE-IMAGE Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt (file-image.rules)
 * 1:16188 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint bad text header txttype attempt (file-office.rules)
 * 1:16220 <-> ENABLED <-> FILE-OTHER Adobe Shockwave director file malformed lcsr block memory corruption attempt (file-other.rules)
 * 1:16223 <-> ENABLED <-> FILE-OTHER Adobe Shockwave tSAC pointer overwrite attempt (file-other.rules)
 * 1:16224 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes invalid tref box exploit attempt (file-multimedia.rules)
 * 1:16225 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Flash arbitrary memory access attempt (file-other.rules)
 * 1:16226 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel integer field in row record improper validation remote code execution attempt (file-office.rules)
 * 1:16229 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel oversized ib memory corruption attempt (file-office.rules)
 * 1:16231 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:16233 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel oversized ptgFuncVar cparams value buffer overflow attempt (file-office.rules)
 * 1:16234 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word Document remote code execution attempt (file-office.rules)
 * 1:16235 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file SXDB record exploit attempt (file-office.rules)
 * 1:16236 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file SxView record exploit attempt (file-office.rules)
 * 1:16240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file Window/Pane record exploit attempt (file-office.rules)
 * 1:16241 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel FeatHdr BIFF record remote code execution attempt (file-office.rules)
 * 1:16293 <-> ENABLED <-> FILE-OTHER Adobe Shockwave Flash memory corruption attempt (file-other.rules)
 * 1:16295 <-> DISABLED <-> FILE-OTHER Kaspersky antivirus library heap buffer overflow - without optional fields (file-other.rules)
 * 1:16296 <-> DISABLED <-> FILE-OTHER Kaspersky antivirus library heap buffer overflow - with optional fields (file-other.rules)
 * 1:16300 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:16301 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:16313 <-> DISABLED <-> FILE-EXECUTABLE download of executable content (file-executable.rules)
 * 1:16314 <-> ENABLED <-> FILE-OFFICE Microsoft Windows WordPad and Office text converter integer overflow attempt (file-office.rules)
 * 1:16316 <-> ENABLED <-> FILE-FLASH Adobe Flash Player malformed getPropertyLate actioncode attempt (file-flash.rules)
 * 1:16318 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (file-office.rules)
 * 1:16321 <-> ENABLED <-> FILE-IMAGE Adobe tiff oversized image length attempt (file-image.rules)
 * 1:16322 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader oversized object width attempt (file-pdf.rules)
 * 1:16323 <-> ENABLED <-> FILE-PDF Adobe JPEG2k uninitialized QCC memory corruption attempt (file-pdf.rules)
 * 1:16324 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader doc.export arbitrary file write attempt (file-pdf.rules)
 * 1:16325 <-> ENABLED <-> FILE-PDF Adobe JPEG2k uninitialized QCC memory corruption attempt (file-pdf.rules)
 * 1:16328 <-> DISABLED <-> FILE-OFFICE Microsoft Office Project file parsing arbitrary memory access attempt (file-office.rules)
 * 1:16331 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG parsing heap overflow attempt (file-flash.rules)
 * 1:16333 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:16334 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compressed media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:16335 <-> DISABLED <-> FILE-PDF XPDF ObjectStream integer overflow (file-pdf.rules)
 * 1:16336 <-> DISABLED <-> FILE-PDF Blackberry Server PDF JBIG2 numnewsyms remote code execution attempt (file-pdf.rules)
 * 1:16339 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt - obfuscated (browser-ie.rules)
 * 1:16342 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (file-multimedia.rules)
 * 1:16353 <-> ENABLED <-> FILE-MULTIMEDIA FFmpeg OGV file format memory corruption attempt (file-multimedia.rules)
 * 1:16354 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader start-of-file alternate header obfuscation (file-pdf.rules)
 * 1:16355 <-> DISABLED <-> FILE-PDF Xpdf Splash DrawImage integer overflow attempt (file-pdf.rules)
 * 1:16359 <-> DISABLED <-> FILE-OTHER Adobe Illustrator DSC comment overflow attempt (file-other.rules)
 * 1:16360 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (file-multimedia.rules)
 * 1:16361 <-> DISABLED <-> FILE-OFFICE Microsoft Office BMP header biClrUsed integer overflow attempt (file-office.rules)
 * 1:16373 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshContinuation code execution attempt (file-pdf.rules)
 * 1:16390 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader alternate file magic obfuscation (file-pdf.rules)
 * 1:16410 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint file LinkedSlide10Atom record parsing heap corruption attempt (file-office.rules)
 * 1:16411 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:16412 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid TextByteAtom remote code execution attempt (file-office.rules)
 * 1:16416 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules)
 * 1:16421 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:16422 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Paint JPEG with malformed SOFx field (file-image.rules)
 * 1:16434 <-> DISABLED <-> FILE-IDENTIFY Ultimate Packer for Executables/UPX v0.51-v0.61 packed file magic detected (file-identify.rules)
 * 1:16435 <-> DISABLED <-> FILE-IDENTIFY Ultimate Packer for Executables/UPX v0.62-v1.22 packed file magic detected (file-identify.rules)
 * 1:16436 <-> DISABLED <-> FILE-IDENTIFY Ultimate Packer for Executables/UPX v2.90 v2.93-v3.00 packed file magic detected (file-identify.rules)
 * 1:16461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules)
 * 1:16462 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 formulas from records parsing code execution attempt (file-office.rules)
 * 1:16463 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 formulas from records parsing code execution attempt (file-office.rules)
 * 1:16464 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ContinueFRT12 heap overflow attempt (file-office.rules)
 * 1:16466 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel uninitialized stack variable code execution attempt (file-office.rules)
 * 1:16467 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 1 (file-office.rules)
 * 1:16468 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 2 (file-office.rules)
 * 1:16469 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (file-office.rules)
 * 1:16470 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules)
 * 1:16471 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules)
 * 1:16474 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:16475 <-> DISABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v4 file magic detected (file-identify.rules)
 * 1:16482 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:16490 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (file-pdf.rules)
 * 1:16506 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:16517 <-> ENABLED <-> FILE-OTHER Free Download Manager .torrent parsing comment overflow attempt (file-other.rules)
 * 1:16518 <-> ENABLED <-> FILE-OTHER Free Download Manager .torrent parsing announce overflow attempt (file-other.rules)
 * 1:16519 <-> ENABLED <-> FILE-OTHER Free Download Manager .torrent parsing name overflow attempt (file-other.rules)
 * 1:16520 <-> ENABLED <-> FILE-OTHER Free Download Manager .torrent parsing path overflow attempt (file-other.rules)
 * 1:16523 <-> ENABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:16535 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio improper attribute code execution attempt (file-office.rules)
 * 1:16536 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio off-by-one in array index code execution attempt (file-office.rules)
 * 1:16542 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules)
 * 1:16543 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player codec code execution attempt (file-multimedia.rules)
 * 1:16545 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules)
 * 1:16546 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader/Acrobat Pro CFF font parsing heap overflow attempt (file-pdf.rules)
 * 1:16553 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel ptg index parsing code execution attempt (file-office.rules)
 * 1:16554 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:16586 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word Document remote code execution attempt (file-office.rules)
 * 1:16593 <-> ENABLED <-> FILE-OFFICE Microsoft VBE6.dll stack corruption attempt (file-office.rules)
 * 1:16603 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Linux malformed U3D mesh deceleration block exploit attempt (file-pdf.rules)
 * 1:16633 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules)
 * 1:16634 <-> ENABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules)
 * 1:16638 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:16639 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules)
 * 1:16640 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules)
 * 1:16641 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules)
 * 1:16643 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (file-office.rules)
 * 1:16644 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:16645 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:16646 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules)
 * 1:16647 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 2 (file-office.rules)
 * 1:16648 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 1 (file-office.rules)
 * 1:16650 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 1 (file-office.rules)
 * 1:16651 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 2 (file-office.rules)
 * 1:16652 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 3 (file-office.rules)
 * 1:16653 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 4 (file-office.rules)
 * 1:16654 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules)
 * 1:16655 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lbl record stack overflow attempt (file-office.rules)
 * 1:16656 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 ExternSheet record stack overflow attempt (file-office.rules)
 * 1:16657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DBQueryExt record memory corruption attempt (file-office.rules)
 * 1:16661 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules)
 * 1:16664 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules)
 * 1:16673 <-> DISABLED <-> FILE-OTHER Adobe Shockwave DIR file PAMI chunk code execution attempt (file-other.rules)
 * 1:16675 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX control access (browser-plugins.rules)
 * 1:16676 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode colors declaration (file-pdf.rules)
 * 1:16677 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode colors declaration (file-pdf.rules)
 * 1:16683 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp CAF file processing integer overflow attempt (file-multimedia.rules)
 * 1:16692 <-> DISABLED <-> FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (file-multimedia.rules)
 * 1:16716 <-> DISABLED <-> FILE-IMAGE Oracle Java Web Start Splashscreen PNG processing buffer overflow attempt (file-image.rules)
 * 1:16726 <-> DISABLED <-> FILE-OTHER gAlan malformed file stack overflow attempt (file-other.rules)
 * 1:16734 <-> DISABLED <-> FILE-OTHER UltraISO CUE file handling stack buffer overflow attempt (file-other.rules)
 * 1:16739 <-> DISABLED <-> FILE-MULTIMEDIA MultiMedia Jukebox playlist file handling heap overflow attempt (file-multimedia.rules)
 * 1:16743 <-> DISABLED <-> FILE-OTHER Cain & Abel Remote Desktop Protocol file handling buffer overflow attempt (file-other.rules)
 * 1:16751 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16752 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16786 <-> DISABLED <-> FILE-OFFICE Microsoft Office Web Components Spreadsheet ActiveX buffer overflow attempt (file-office.rules)
 * 1:16800 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:16801 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll remote memory corruption denial of service attempt (file-pdf.rules)
 * 1:17038 <-> ENABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 1 (file-office.rules)
 * 1:17039 <-> ENABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 2 (file-office.rules)
 * 1:17042 <-> ENABLED <-> FILE-OTHER Microsoft LNK shortcut arbitrary dll load attempt (file-other.rules)
 * 1:17086 <-> ENABLED <-> BROWSER-PLUGINS Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX control access attempt (browser-plugins.rules)
 * 1:17106 <-> ENABLED <-> FILE-IDENTIFY download of RMF file - potentially malicious (file-identify.rules)
 * 1:17113 <-> DISABLED <-> OS-WINDOWS Microsoft SilverLight ImageSource redefine flowbit (os-windows.rules)
 * 1:17114 <-> DISABLED <-> OS-WINDOWS Microsoft SilverLight ImageSource remote code execution attempt (os-windows.rules)
 * 1:17117 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-multimedia.rules)
 * 1:17119 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority SPRM overflow attempt (file-office.rules)
 * 1:17120 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules)
 * 1:17121 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules)
 * 1:17122 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules)
 * 1:17123 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word rich text format invalid field size memory corruption attempt (file-office.rules)
 * 1:17124 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word malformed table record memory corruption attempt (file-office.rules)
 * 1:17128 <-> ENABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules)
 * 1:17134 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:17135 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules)
 * 1:17141 <-> ENABLED <-> FILE-FLASH Adobe Flash invalid data precision arbitrary code execution exploit attempt (file-flash.rules)
 * 1:17142 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:17143 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 1 (file-image.rules)
 * 1:17144 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 2 (file-image.rules)
 * 1:17145 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ASL file processing buffer overflow attempt (file-image.rules)
 * 1:17146 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 GRD file processing buffer overflow attempt (file-image.rules)
 * 1:17147 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt (file-image.rules)
 * 1:17148 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 1 (file-multimedia.rules)
 * 1:17149 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 2 (file-multimedia.rules)
 * 1:17150 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 3 (file-multimedia.rules)
 * 1:17179 <-> ENABLED <-> FILE-OTHER Adobe Director file pamm record exploit attempt (file-other.rules)
 * 1:17180 <-> ENABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules)
 * 1:17181 <-> ENABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules)
 * 1:17182 <-> ENABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17183 <-> ENABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17184 <-> ENABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17185 <-> ENABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17186 <-> ENABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17187 <-> ENABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17188 <-> ENABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17189 <-> ENABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17190 <-> ENABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17191 <-> ENABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17192 <-> ENABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17193 <-> ENABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17194 <-> ENABLED <-> FILE-OTHER Adobe Director file tSAC tag exploit attempt (file-other.rules)
 * 1:17196 <-> ENABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17197 <-> ENABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17198 <-> ENABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17200 <-> ENABLED <-> FILE-OTHER Adobe Director file LsCM overflow attempt (file-other.rules)
 * 1:17202 <-> ENABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:17203 <-> ENABLED <-> FILE-OTHER Adobe Director file file rcsL overflow attempt (file-other.rules)
 * 1:17204 <-> ENABLED <-> FILE-OTHER Adobe Director file mmap overflow attempt (file-other.rules)
 * 1:17214 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (file-pdf.rules)
 * 1:17215 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (file-pdf.rules)
 * 1:17227 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel sheet name memory corruption attempt (file-office.rules)
 * 1:17229 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:17230 <-> DISABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:17231 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (file-image.rules)
 * 1:17232 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules)
 * 1:17233 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:17238 <-> ENABLED <-> FILE-OTHER ACD Systems ACDSee Products XBM file handling buffer overflow attempt (file-other.rules)
 * 1:17250 <-> ENABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:17257 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and Reader remote code execution attempt (file-flash.rules)
 * 1:17266 <-> DISABLED <-> FILE-OTHER Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (file-other.rules)
 * 1:17267 <-> DISABLED <-> FILE-OTHER Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (file-other.rules)
 * 1:17271 <-> DISABLED <-> FILE-OFFICE Microsoft Windows Web View script injection attempt (file-office.rules)
 * 1:17272 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer AVI parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17281 <-> DISABLED <-> FILE-OTHER Panda Antivirus ZOO archive decompression buffer overflow attempt (file-other.rules)
 * 1:17282 <-> DISABLED <-> SERVER-OTHER Panda Antivirus ZOO archive decompression buffer overflow attempt (server-other.rules)
 * 1:17284 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed routing slip code execution attempt (file-office.rules)
 * 1:17285 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PPT file parsing memory corruption attempt (file-office.rules)
 * 1:17286 <-> DISABLED <-> FILE-OTHER Microsoft Visual Basic for Applications document properties overflow attempt (file-other.rules)
 * 1:17288 <-> ENABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:17292 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed data record code execution attempt (file-office.rules)
 * 1:17301 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:17304 <-> ENABLED <-> FILE-OFFICE Microsoft Works file converter file section header index table stack overflow attempt (file-office.rules)
 * 1:17308 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:17310 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:17314 <-> ENABLED <-> FILE-IDENTIFY OLE document file magic detected (file-identify.rules)
 * 1:17315 <-> ENABLED <-> FILE-OFFICE OpenOffice OLE file stream buffer overflow attempt (file-office.rules)
 * 1:17318 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (file-office.rules)
 * 1:17319 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (file-office.rules)
 * 1:17320 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (file-office.rules)
 * 1:17330 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GRE WMF Handling Memory Read Exception attempt (file-image.rules)
 * 1:17334 <-> DISABLED <-> FILE-FLASH RealNetworks RealPlayer SWF Flash File buffer overflow attempt (file-flash.rules)
 * 1:17347 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17348 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17349 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17351 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp ID3v2 Tag Handling Buffer Overflow attempt (file-other.rules)
 * 1:17352 <-> DISABLED <-> FILE-OTHER ClamAV CHM File Handling Integer Overflow attempt (file-other.rules)
 * 1:17356 <-> DISABLED <-> FILE-OTHER NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow attempt (file-other.rules)
 * 1:17358 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Buffer Overflow attempt (file-executable.rules)
 * 1:17360 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XBM image processing buffer overflow attempt (browser-firefox.rules)
 * 1:17361 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF Catalog Handling denial of service attempt (file-pdf.rules)
 * 1:17362 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel IMDATA buffer overflow attempt (file-office.rules)
 * 1:17363 <-> ENABLED <-> FILE-OTHER Apple OSX Finder DMG volume name memory corruption (file-other.rules)
 * 1:17365 <-> DISABLED <-> FILE-OTHER Microsoft Windows Help Workshop CNT Help contents buffer overflow attempt (file-other.rules)
 * 1:17366 <-> ENABLED <-> FILE-OTHER Microsoft Help Workshop HPJ OPTIONS section buffer overflow attempt (file-other.rules)
 * 1:17368 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word document stream handling code execution attempt (file-office.rules)
 * 1:17372 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime udta atom parsing heap overflow vulnerability (file-multimedia.rules)
 * 1:17374 <-> ENABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:17377 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Filter Records Handling Code Execution attempt (file-office.rules)
 * 1:17378 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (browser-firefox.rules)
 * 1:17379 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (browser-firefox.rules)
 * 1:17380 <-> ENABLED <-> FILE-IDENTIFY PNG file download request (file-identify.rules)
 * 1:17381 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime PDAT Atom parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17382 <-> ENABLED <-> FILE-OTHER Microsoft Project Invalid Memory Pointer Code Execution attempt (file-other.rules)
 * 1:17383 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher Object Handler Validation Code Execution attempted (file-office.rules)
 * 1:17388 <-> DISABLED <-> FILE-IMAGE OpenOffice EMF file EMR record parsing integer overflow attempt (file-image.rules)
 * 1:17390 <-> ENABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:17392 <-> ENABLED <-> INDICATOR-SHELLCODE JavaScript var shellcode (indicator-shellcode.rules)
 * 1:17393 <-> ENABLED <-> INDICATOR-SHELLCODE JavaScript var heapspray (indicator-shellcode.rules)
 * 1:17395 <-> ENABLED <-> FILE-IMAGE Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt (file-image.rules)
 * 1:17403 <-> ENABLED <-> FILE-OFFICE OpenOffice RTF File parsing heap buffer overflow attempt (file-office.rules)
 * 1:17404 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17405 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17406 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17408 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectX Targa image file heap overflow attempt (os-windows.rules)
 * 1:17430 <-> ENABLED <-> FILE-PDF BitDefender Antivirus PDF processing memory corruption attempt (file-pdf.rules)
 * 1:17442 <-> ENABLED <-> FILE-OTHER Microsoft Windows download of .lnk file that executes cmd.exe detected (file-other.rules)
 * 1:17443 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft DirectShow AVI decoder buffer overflow attempt (file-multimedia.rules)
 * 1:17457 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionDefineFunction memory access vulnerability exploit attempt (file-flash.rules)
 * 1:17458 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17459 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17460 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17461 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer zipped skin file buffer overflow attempt (file-other.rules)
 * 1:17471 <-> ENABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17472 <-> ENABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17489 <-> DISABLED <-> FILE-OTHER Microsoft Windows Help File Heap Buffer Overflow attempt (file-other.rules)
 * 1:17490 <-> DISABLED <-> FILE-OTHER Microsoft Windows itss.dll CHM File Handling Heap Corruption attempt (file-other.rules)
 * 1:17491 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word mso.dll LsCreateLine memory corruption attempt (file-office.rules)
 * 1:17492 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed SELECTION Record Code Execution attempt (file-office.rules)
 * 1:17496 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed NamedShows record code execution attempt (file-office.rules)
 * 1:17497 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed NamedShows record code execution attempt (file-office.rules)
 * 1:17505 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17506 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17507 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17511 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed Graphic Code Execution (file-office.rules)
 * 1:17517 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Record Code Execution attempt (file-office.rules)
 * 1:17523 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime H.264 Movie File Buffer Overflow (file-multimedia.rules)
 * 1:17526 <-> ENABLED <-> FILE-PDF Adobe Acrobat and Adobe Reader U3D RHAdobeMeta Buffer Overflow (file-pdf.rules)
 * 1:17527 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player MP4_BoxDumpStructure Buffer Overflow (file-multimedia.rules)
 * 1:17531 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file JVTCompEncodeFrame heap overflow attempt (file-multimedia.rules)
 * 1:17532 <-> DISABLED <-> FILE-OFFICE Micrsoft Office Excel TXO and OBJ Records Parsing Stack Memory Corruption (file-office.rules)
 * 1:17537 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (file-office.rules)
 * 1:17538 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (file-office.rules)
 * 1:17539 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (file-office.rules)
 * 1:17541 <-> DISABLED <-> FILE-OTHER Avast Antivirus Engine Remote LHA buffer overflow attempt (file-other.rules)
 * 1:17542 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalete Record Memory Corruption attempt (file-office.rules)
 * 1:17543 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Column record handling memory corruption attempt (file-office.rules)
 * 1:17548 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime SMIL File Handling Integer Overflow attempt (file-multimedia.rules)
 * 1:17550 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Font Parsing Buffer Overflow attempt (file-office.rules)
 * 1:17553 <-> DISABLED <-> FILE-OTHER Adobe Pagemaker Font Name Buffer Overflow attempt (file-other.rules)
 * 1:17560 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word Global Array Index Heap Overflow attempt (file-office.rules)
 * 1:17563 <-> ENABLED <-> FILE-JAVA Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow (file-java.rules)
 * 1:17565 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint PP7 File Handling Memory Corruption attempt (file-office.rules)
 * 1:17574 <-> DISABLED <-> FILE-OFFICE Sophos Anti-Virus Visio File Parsing Buffer Overflow attempt (file-office.rules)
 * 1:17578 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Section Table Array Buffer Overflow attempt (file-office.rules)
 * 1:17579 <-> DISABLED <-> FILE-OFFICE Microsoft Office Drawing Record msofbtOPT Code Execution attempt (file-office.rules)
 * 1:17591 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:17601 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox file type memory corruption attempt (browser-firefox.rules)
 * 1:17606 <-> ENABLED <-> FILE-FLASH Adobe Flash ASnative command execution attempt (file-flash.rules)
 * 1:17610 <-> ENABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17611 <-> ENABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17612 <-> ENABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17623 <-> ENABLED <-> FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (file-java.rules)
 * 1:17624 <-> ENABLED <-> FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (file-java.rules)
 * 1:17631 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:17633 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer SWF frame handling buffer overflow attempt (file-other.rules)
 * 1:17646 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:17649 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word array data handling buffer overflow attempt (file-office.rules)
 * 1:17650 <-> ENABLED <-> FILE-OTHER Adobe Pagemaker Key Strings Stack Buffer Overflow attempt (file-other.rules)
 * 1:17651 <-> DISABLED <-> FILE-OTHER Multiple AV vendor invalid archive checksum bypass attempt (file-other.rules)
 * 1:17655 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel malformed formula parsing code execution attempt (file-office.rules)
 * 1:17658 <-> ENABLED <-> FILE-FLASH Adobe Flash frame type identifier memory corruption attempt (file-flash.rules)
 * 1:17664 <-> DISABLED <-> FILE-OFFICE Microsoft Office GIF image descriptor memory corruption attempt (file-office.rules)
 * 1:17668 <-> DISABLED <-> FILE-PDF download of a PDF with embedded JavaScript - JS string attempt (file-pdf.rules)
 * 1:17678 <-> DISABLED <-> FILE-IMAGE Adobe BMP image handler buffer overflow attempt (file-image.rules)
 * 1:17688 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:17690 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17691 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17695 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:17704 <-> DISABLED <-> FILE-OTHER McAfee LHA file parsing buffer overflow attempt (file-other.rules)
 * 1:17711 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ASF parsing memory corruption attempt (os-windows.rules)
 * 1:17727 <-> DISABLED <-> FILE-OTHER Oracle JDK image parsing library ICC buffer overflow attempt (file-other.rules)
 * 1:17734 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel REPT integer underflow attempt (file-office.rules)
 * 1:17735 <-> ENABLED <-> FILE-OTHER Adobe Pagemaker Font Name Buffer Overflow attempt (file-other.rules)
 * 1:17740 <-> DISABLED <-> FILE-IMAGE Apple Quicktime FlashPix processing overflow attempt (file-image.rules)
 * 1:17742 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17743 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word RTF parsing memory corruption (file-office.rules)
 * 1:17747 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer compressed HDMX font processing integer overflow attempt (browser-ie.rules)
 * 1:17754 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word bookmark bound check remote code execution attempt (file-office.rules)
 * 1:17755 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (file-office.rules)
 * 1:17756 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word XP PLFLSInTableStream heap overflow attempt (file-office.rules)
 * 1:17757 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel CrErr record integer overflow attempt (file-office.rules)
 * 1:17758 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules)
 * 1:17759 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel invalid SerAr object exploit attempt (file-office.rules)
 * 1:17760 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules)
 * 1:17763 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel GhostRw record exploit attempt (file-office.rules)
 * 1:17764 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:17768 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 object event handler use after free exploit attempt (browser-ie.rules)
 * 1:17770 <-> ENABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules)
 * 1:17773 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player Firefox plugin memory corruption attempt (file-multimedia.rules)
 * 1:17776 <-> DISABLED <-> FILE-JAVA Oracle Java HsbParser.getSoundBank stack buffer overflow attempt (file-java.rules)
 * 1:17778 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17801 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:17803 <-> ENABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:17806 <-> ENABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:17807 <-> ENABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:17808 <-> ENABLED <-> FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (file-flash.rules)
 * 1:18065 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules)
 * 1:18066 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules)
 * 1:18067 <-> ENABLED <-> FILE-OFFICE Microsoft Office RTF parsing remote code execution attempt (file-office.rules)
 * 1:18068 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (file-office.rules)
 * 1:18069 <-> DISABLED <-> FILE-OFFICE Microsoft Office Art drawing invalid shape identifier attempt (file-office.rules)
 * 1:18097 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules)
 * 1:18102 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript extension call (file-pdf.rules)
 * 1:18171 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18200 <-> ENABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:18201 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:18212 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher tyo.oty field heap overflow attempt (file-office.rules)
 * 1:18214 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher 97 conversion remote code execution attempt (file-office.rules)
 * 1:18219 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver remote code execution attempt (file-other.rules)
 * 1:18229 <-> ENABLED <-> FILE-IMAGE Microsoft FlashPix tile length overflow attempt (file-image.rules)
 * 1:18230 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher memory corruption attempt (file-office.rules)
 * 1:18231 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher oversized oti length attempt (file-office.rules)
 * 1:18233 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher Adobe Font Driver code execution attempt (file-office.rules)
 * 1:18235 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules)
 * 1:18236 <-> ENABLED <-> FILE-OFFICE Microsoft Office TIFFIM32.FLT filter memory corruption attempt (file-office.rules)
 * 1:18237 <-> ENABLED <-> FILE-IMAGE Microsoft Windows Flashpix graphics filter fpx32.flt remote code execution attempt (file-image.rules)
 * 1:18265 <-> ENABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:18276 <-> ENABLED <-> FILE-OTHER Microsoft Data Access Components library attempt (file-other.rules)
 * 1:18308 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader icc mluc interger overflow attempt (file-pdf.rules)
 * 1:18331 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio DXF variable name overflow attempt (file-office.rules)
 * 1:18335 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MHTML XSS attempt (os-windows.rules)
 * 1:18398 <-> ENABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:18399 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel BRAI record remote code execution attempt (file-office.rules)
 * 1:18402 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD Adobe font driver remote code execution attempt (file-other.rules)
 * 1:18406 <-> ENABLED <-> FILE-OTHER Microsoft Windows Server 2003 update service principal name spn dos executable attempt (file-other.rules)
 * 1:18413 <-> ENABLED <-> OS-WINDOWS Microsoft Windows WMI tracing api integer truncation attempt (os-windows.rules)
 * 1:18415 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio deserialization double free attempt (file-office.rules)
 * 1:18416 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (file-office.rules)
 * 1:18417 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (file-office.rules)
 * 1:18418 <-> ENABLED <-> FILE-FLASH Adobe Flash player ActionScript apply function memory corruption attempt (file-flash.rules)
 * 1:18419 <-> DISABLED <-> FILE-PDF Adobe field flags exploit attempt (file-pdf.rules)
 * 1:18420 <-> ENABLED <-> FILE-FLASH Adobe Flash player ActionScript ASnative function remote code execution attempt (file-flash.rules)
 * 1:18431 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin sqlite.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18432 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader d3dref9.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18439 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin ace.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18440 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin agm.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18441 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin bibutils.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18442 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin cooltype.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18443 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin cryptocme2.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18447 <-> ENABLED <-> FILE-FLASH Adobe OpenAction crafted URI action thru Firefox attempt (file-flash.rules)
 * 1:18448 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:18450 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed BMP RGBQUAD attempt (file-pdf.rules)
 * 1:18451 <-> DISABLED <-> FILE-PDF Adobe Acrobat ICC color integer overflow attempt (file-pdf.rules)
 * 1:18452 <-> DISABLED <-> FILE-OTHER Adobe malicious IFF memory corruption attempt (file-other.rules)
 * 1:18453 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:18454 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:18455 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed jpeg2000 superbox attempt (file-pdf.rules)
 * 1:18456 <-> ENABLED <-> FILE-PDF Adobe Acrobat XML entity escape attempt (file-pdf.rules)
 * 1:18457 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules)
 * 1:18463 <-> ENABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules)
 * 1:18484 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (file-multimedia.rules)
 * 1:18498 <-> DISABLED <-> FILE-OTHER Microsoft Media Player dvr-ms file parsing remote code execution attempt (file-other.rules)
 * 1:18503 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript flash.geom.Point constructor memory corruption attempt (file-flash.rules)
 * 1:18506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18507 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18510 <-> ENABLED <-> FILE-IMAGE Apple QuickTime FlashPix Movie file integer overflow attempt (file-image.rules)
 * 1:18514 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:18515 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio VSD file icon memory corruption attempt (file-office.rules)
 * 1:18520 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18526 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (file-pdf.rules)
 * 1:18527 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (file-pdf.rules)
 * 1:18536 <-> ENABLED <-> FILE-OFFICE OpenOffice.org Microsoft Office Word file processing integer underflow attempt (file-office.rules)
 * 1:18537 <-> ENABLED <-> FILE-OTHER OpenOffice.org XPM file processing integer overflow attempt (file-other.rules)
 * 1:18538 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:18543 <-> ENABLED <-> FILE-FLASH embedded Shockwave dropper download (file-flash.rules)
 * 1:18545 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel with embedded Flash file transfer (file-office.rules)
 * 1:18546 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word with embedded Flash file transfer (file-office.rules)
 * 1:18547 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint with embedded Flash file transfer (file-office.rules)
 * 1:18561 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file overread buffer overflow attempt (file-image.rules)
 * 1:18583 <-> DISABLED <-> FILE-IMAGE Microsoft Windows wmf integer overflow attempt (file-image.rules)
 * 1:18585 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (file-pdf.rules)
 * 1:18596 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (file-pdf.rules)
 * 1:18599 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:18600 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:18615 <-> ENABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18616 <-> ENABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18632 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed Label record exploit attempt (file-office.rules)
 * 1:18633 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record memory corruption attempt (file-office.rules)
 * 1:18634 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (file-office.rules)
 * 1:18635 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:18636 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint SlideAtom record exploit attempt (file-office.rules)
 * 1:18637 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint OfficeArt atom memory corruption attempt (file-office.rules)
 * 1:18638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:18639 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel CatSerRange record exploit attempt (file-office.rules)
 * 1:18642 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules)
 * 1:18643 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules)
 * 1:18644 <-> ENABLED <-> FILE-OTHER Microsoft Windows OpenType Fonts CompactFontFormat FontMatrix tranform memory corruption attempt (file-other.rules)
 * 1:18645 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (file-image.rules)
 * 1:18668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (browser-plugins.rules)
 * 1:18680 <-> ENABLED <-> FILE-OFFICE Microsoft Office RTF malformed pfragments field (file-office.rules)
 * 1:18681 <-> DISABLED <-> FILE-PDF transfer of a PDF with embedded JavaScript - JavaScript string attempt (file-pdf.rules)
 * 1:18684 <-> ENABLED <-> FILE-PDF PDF file with embedded PDF object (file-pdf.rules)
 * 1:18685 <-> DISABLED <-> FILE-OFFICE RTF file with embedded OLE object (file-office.rules)
 * 1:18706 <-> ENABLED <-> FILE-OFFICE Microsoft Office RTF malformed second pfragments field (file-office.rules)
 * 1:18740 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:18755 <-> ENABLED <-> FILE-OFFICE Microsoft Office Visio Data Type Memory Corruption (file-office.rules)
 * 1:18771 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18772 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18776 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director pamm chunk memory corruption attempt (file-other.rules)
 * 1:18801 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JpxDecode invalid crgn memory corruption attempt (file-pdf.rules)
 * 1:18805 <-> ENABLED <-> FILE-FLASH Adobe Flash Player undefined tag exploit attempt (file-flash.rules)
 * 1:18806 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules)
 * 1:18928 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules)
 * 1:18948 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules)
 * 1:18952 <-> ENABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:18953 <-> ENABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules)
 * 1:18954 <-> ENABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules)
 * 1:18963 <-> DISABLED <-> FILE-FLASH Adobe ActionScript 3 addEventListener exploit attempt (file-flash.rules)
 * 1:18964 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules)
 * 1:18965 <-> DISABLED <-> FILE-FLASH Adobe Flash file ActionScript 2 ActionJump remote code execution attempt (file-flash.rules)
 * 1:18966 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules)
 * 1:18967 <-> DISABLED <-> FILE-FLASH Adobe ActionScript argumentCount download attempt (file-flash.rules)
 * 1:18968 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript3 stack integer overflow attempt (file-flash.rules)
 * 1:18969 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript ActionIf integer overflow attempt (file-flash.rules)
 * 1:18970 <-> DISABLED <-> FILE-FLASH Adobe Flash Player null pointer dereference attempt (file-flash.rules)
 * 1:18971 <-> DISABLED <-> FILE-FLASH Adobe Flash beginGradientfill improper color validation attempt (file-flash.rules)
 * 1:18986 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:18987 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:18988 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:18989 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:18990 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:18991 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:18992 <-> ENABLED <-> FILE-FLASH Adobe Flash player content parsing execution attempt (file-flash.rules)
 * 1:19002 <-> DISABLED <-> FILE-FLASH RealNetworks RealPlayer FLV parsing two integer overflow vulnerabilities (file-flash.rules)
 * 1:19011 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules)
 * 1:19012 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules)
 * 1:19063 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules)
 * 1:19064 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font index remote code execution attempt (file-other.rules)
 * 1:19071 <-> ENABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19080 <-> ENABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19082 <-> ENABLED <-> FILE-PDF Adobe Flash Player memory corruption attempt (file-pdf.rules)
 * 1:19083 <-> ENABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19112 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D stucture heap overflow (file-other.rules)
 * 1:19113 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 81 overflow attempt (file-other.rules)
 * 1:19114 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 45 overflow attempt (file-other.rules)
 * 1:19115 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 89 overflow attempt (file-other.rules)
 * 1:19117 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D integer overflow (file-pdf.rules)
 * 1:19118 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader script injection vulnerability (file-pdf.rules)
 * 1:19119 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver remote code execution attempt (os-windows.rules)
 * 1:19126 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:19127 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:19128 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:19129 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:19130 <-> DISABLED <-> FILE-IMAGE Microsoft Windows MSPaint jpeg with malformed SOFx field exploit attempt (file-image.rules)
 * 1:19131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:19132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:19133 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules)
 * 1:19134 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules)
 * 1:22080 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer xbap custom ISeralizable object exception attempt (browser-ie.rules)
 * 1:19141 <-> DISABLED <-> FILE-OFFICE Microsoft Access Wizard control memory corruption ActiveX clsid access (file-office.rules)
 * 1:19143 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player JPG header record mismatch memory corruption attempt (file-multimedia.rules)
 * 1:19144 <-> DISABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules)
 * 1:19145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:19146 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules)
 * 1:19148 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player SWF file MP4 data parsing memory corruption attempt (file-multimedia.rules)
 * 1:19153 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word malformed index code execution attempt (file-office.rules)
 * 1:19154 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray parsing attempt (file-office.rules)
 * 1:19156 <-> ENABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:19166 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:19169 <-> ENABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer vidplin.dll avi header parsing execution attempt (file-multimedia.rules)
 * 1:19170 <-> ENABLED <-> FILE-OTHER Microsoft Windows .NET Framework XAML browser applications stack corruption (file-other.rules)
 * 1:19180 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:19188 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules)
 * 1:19200 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff exploit attempt (file-office.rules)
 * 1:19216 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules)
 * 1:19217 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules)
 * 1:19219 <-> ENABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules)
 * 1:19220 <-> ENABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules)
 * 1:19222 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules)
 * 1:19225 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules)
 * 1:19226 <-> DISABLED <-> FILE-OTHER Cisco Webex Player .wrf stack buffer overflow (file-other.rules)
 * 1:19227 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Scenario heap memory overflow (file-office.rules)
 * 1:19229 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules)
 * 1:19230 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules)
 * 1:19231 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Series record exploit attempt (file-office.rules)
 * 1:19232 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel XF record exploit attempt (file-office.rules)
 * 1:19237 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:19243 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19247 <-> DISABLED <-> FILE-IMAGE Adobe jpeg 2000 image exploit attempt (file-image.rules)
 * 1:19248 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D texture continuation integer overflow attempt (file-pdf.rules)
 * 1:19249 <-> DISABLED <-> FILE-FLASH Adobe Universal3D meshes.removeItem exploit attempt (file-flash.rules)
 * 1:19250 <-> ENABLED <-> FILE-PDF Adobe Acrobat and Adobe Reader U3D file include overflow attempt (file-pdf.rules)
 * 1:19251 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CIDFont dictionary glyph width corruption attempt (file-pdf.rules)
 * 1:19253 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malicious language.engtesselate.ln file download attempt (file-pdf.rules)
 * 1:19254 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript in PDF go-to actions exploit attempt (file-pdf.rules)
 * 1:19255 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader ICC ProfileDescriptionTag overflow attempt (file-pdf.rules)
 * 1:19258 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:19259 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:19260 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (file-office.rules)
 * 1:19261 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 invalid Selection.cref exploit attempt (file-office.rules)
 * 1:19262 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:19263 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:19264 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:19265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19293 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19294 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (file-office.rules)
 * 1:19295 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules)
 * 1:19303 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:19306 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher pubconv.dll corruption attempt (file-office.rules)
 * 1:19308 <-> ENABLED <-> FILE-OTHER Microsoft Windows embedded OpenType EOT font integer overflow attempt (file-other.rules)
 * 1:19317 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmTDiagLine80 record parsing stack buffer overflow attempt (file-office.rules)
 * 1:19320 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI Header insufficient data corruption attempt (file-multimedia.rules)
 * 1:19403 <-> ENABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules)
 * 1:19405 <-> ENABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules)
 * 1:19408 <-> ENABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules)
 * 1:19412 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record parsing memory corruption (file-office.rules)
 * 1:19413 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules)
 * 1:19414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules)
 * 1:19416 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPad download attempt (os-mobile.rules)
 * 1:19417 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPad download attempt (os-mobile.rules)
 * 1:19418 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPhone download attempt (os-mobile.rules)
 * 1:19419 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPod download attempt (os-mobile.rules)
 * 1:19420 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow (file-multimedia.rules)
 * 1:19421 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow (file-multimedia.rules)
 * 1:19422 <-> DISABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:19431 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI Timestamp buffer overflow attempt (file-multimedia.rules)
 * 1:19432 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI Timestamp buffer overflow attempt (file-multimedia.rules)
 * 1:19442 <-> ENABLED <-> FILE-OFFICE Microsoft Office embedded Office Art drawings execution attempt (file-office.rules)
 * 1:19444 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (file-multimedia.rules)
 * 1:19445 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (file-multimedia.rules)
 * 1:19446 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (file-multimedia.rules)
 * 1:19447 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (file-multimedia.rules)
 * 1:19448 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (file-multimedia.rules)
 * 1:19449 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:19450 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:19458 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:19459 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:19461 <-> ENABLED <-> OS-WINDOWS Microsoft CSRSS NULL Fontface pointer attempt (os-windows.rules)
 * 1:19462 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CSRSS negative array index code execution attempt (os-windows.rules)
 * 1:19463 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CSRSS double free attempt (os-windows.rules)
 * 1:19552 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel format record code execution attempt (file-office.rules)
 * 1:19560 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PLS file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:19606 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word STSH record parsing memory corruption (file-office.rules)
 * 1:19607 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word STSH record parsing memory corruption (file-office.rules)
 * 1:19646 <-> ENABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:19647 <-> ENABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:19648 <-> ENABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:19669 <-> DISABLED <-> POLICY-OTHER Telnet protocol specifier in web page attempt (policy-other.rules)
 * 1:19675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid UMLString data length exploit attempt (file-office.rules)
 * 1:19676 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid UMLDTOptions object exploit attempt (file-office.rules)
 * 1:19679 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows NDISTAPI Driver code execution attempt (file-executable.rules)
 * 1:19680 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows CSRSS SrvDeviceEvent exploit attempt (file-executable.rules)
 * 1:19682 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (file-flash.rules)
 * 1:19683 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 buffer overflow attempt (file-flash.rules)
 * 1:19684 <-> DISABLED <-> FILE-OTHER Adobe CFF font storage memory corruption attempt (file-other.rules)
 * 1:19685 <-> DISABLED <-> FILE-FLASH Adobe Flash regular expression grouping depth buffer overflow attempt (file-flash.rules)
 * 1:19686 <-> DISABLED <-> FILE-FLASH Adobe Flash uninitialized bitmap structure memory corruption attempt (file-flash.rules)
 * 1:19687 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionStoreRegister instruction length invalidation attempt (file-flash.rules)
 * 1:19688 <-> DISABLED <-> FILE-FLASH Adobe Flash Actionscript BitmapData buffer overflow attempt (file-flash.rules)
 * 1:19689 <-> DISABLED <-> FILE-FLASH Adobe Flash Actionscript dynamic calculation double-free attempt (file-flash.rules)
 * 1:19690 <-> DISABLED <-> FILE-FLASH Adobe Flash Actionscript duplicateDoorInputArguments stack overwrite (file-flash.rules)
 * 1:19691 <-> DISABLED <-> FILE-FLASH Adobe Flash Actionscript File reference buffer overflow attempt (file-flash.rules)
 * 1:19692 <-> DISABLED <-> FILE-FLASH Adobe Flash cross-site request forgery attempt (file-flash.rules)
 * 1:19693 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:19707 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules)
 * 1:19807 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (browser-webkit.rules)
 * 1:19811 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:19894 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint unbound memcpy and remote code execution attempt (file-office.rules)
 * 1:19907 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:19911 <-> ENABLED <-> FILE-OTHER Microsoft SYmbolic LinK stack overflow attempt (file-other.rules)
 * 1:19932 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 pointer dereference attempt (file-office.rules)
 * 1:19943 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (file-office.rules)
 * 1:19956 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker project file heap buffer overflow attempt (file-multimedia.rules)
 * 1:20029 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules)
 * 1:20031 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:20034 <-> DISABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (file-other.rules)
 * 1:20049 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules)
 * 1:20050 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory consumption vulnerability (file-flash.rules)
 * 1:20055 <-> DISABLED <-> FILE-JAVA Oracle Java runtime JPEGImageReader overflow attempt (file-java.rules)
 * 1:20059 <-> DISABLED <-> FILE-IMAGE Apple Quicktime PictureViewer GIF rendering vulnerability (file-image.rules)
 * 1:20062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel File Importing Code Execution (file-office.rules)
 * 1:20073 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules)
 * 1:20121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid AxisParent record (file-office.rules)
 * 1:20122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid AxisParent record (file-office.rules)
 * 1:20123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid ShrFmla record (file-office.rules)
 * 1:20124 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record attempt (file-office.rules)
 * 1:20125 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules)
 * 1:20126 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules)
 * 1:20127 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Conditional Formatting record vulnerability (file-office.rules)
 * 1:20128 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules)
 * 1:20129 <-> ENABLED <-> FILE-OFFICE Microsoft Office BpscBulletProof uninitialized pointer dereference attempt (file-office.rules)
 * 1:20131 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:20133 <-> DISABLED <-> FILE-OTHER Microsoft MHTML XSS attempt (file-other.rules)
 * 1:20139 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (file-office.rules)
 * 1:20140 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (file-office.rules)
 * 1:20141 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (file-office.rules)
 * 1:20142 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader app.openDoc path vulnerability (file-pdf.rules)
 * 1:20144 <-> DISABLED <-> FILE-PDF Adobe Acrobat embedded TIFF DotRange structure memory corruption attempt (file-pdf.rules)
 * 1:20145 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules)
 * 1:20146 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded PICT image (file-pdf.rules)
 * 1:20147 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules)
 * 1:20148 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules)
 * 1:20149 <-> DISABLED <-> FILE-PDF Adobe Acrobat embedded IFF file RGBA chunk memory corruption attempt (file-pdf.rules)
 * 1:20150 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PCX parsing corruption attempt (file-pdf.rules)
 * 1:20151 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded PCX image (file-pdf.rules)
 * 1:20152 <-> DISABLED <-> FILE-PDF Adobe Acrobat GDI object leak memory corruption attempt (file-pdf.rules)
 * 1:20153 <-> DISABLED <-> FILE-PDF Adobe Acrobat embedded JPEG file APP0 chunk memory corruption attempt (file-pdf.rules)
 * 1:20154 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader glyf directory table vulnerability (file-pdf.rules)
 * 1:20155 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader glyf composite vulnerability (file-pdf.rules)
 * 1:20156 <-> DISABLED <-> FILE-PDF Adobe Acrobat getCosObj file overwrite attempt (file-pdf.rules)
 * 1:20162 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader sandbox disable attempt (file-pdf.rules)
 * 1:20169 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules)
 * 1:20170 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules)
 * 1:20171 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules)
 * 1:20172 <-> DISABLED <-> FILE-IDENTIFY Metastock mwl file magic detected (file-identify.rules)
 * 1:20181 <-> ENABLED <-> FILE-FLASH Adobe Flash Speex-encoded audio buffer underflow attempt (file-flash.rules)
 * 1:20183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setInterval use attempt (file-flash.rules)
 * 1:20206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pcre ActionScript under allocation (file-flash.rules)
 * 1:20211 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursive stack overflow attempt (file-flash.rules)
 * 1:20224 <-> DISABLED <-> FILE-MULTIMEDIA MPlayer SMI file buffer overflow attempt (file-multimedia.rules)
 * 1:20227 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC webm memory corruption attempt (file-multimedia.rules)
 * 1:20237 <-> DISABLED <-> FILE-MULTIMEDIA MultiMedia Jukebox playlist file handling heap overflow attempt (file-multimedia.rules)
 * 1:20259 <-> DISABLED <-> FILE-OTHER Microsoft Agent Helper Malicious JAR download attempt (file-other.rules)
 * 1:20261 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows win32k.sys kernel mode null pointer dereference attempt (file-executable.rules)
 * 1:20264 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer form selection reset attempt (browser-ie.rules)
 * 1:20270 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows afd.sys kernel-mode memory corruption attempt (file-executable.rules)
 * 1:20283 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC ModPlug ReadS3M overflow attempt (file-multimedia.rules)
 * 1:20284 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC ModPlug ReadS3M overflow attempt (file-multimedia.rules)
 * 1:20288 <-> ENABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer QCP parsing buffer overflow attempt (file-multimedia.rules)
 * 1:20294 <-> DISABLED <-> FILE-IMAGE Adobe Reader and Acrobat Libtiff TIFFFetchShortPair stack buffer overflow attempt (file-image.rules)
 * 1:20295 <-> DISABLED <-> FILE-IMAGE Public LibTiff Exploit (file-image.rules)
 * 1:20429 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (file-pdf.rules)
 * 1:20445 <-> DISABLED <-> FILE-PDF Foxit Reader title overflow attempt (file-pdf.rules)
 * 1:20450 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:20451 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:20452 <-> DISABLED <-> FILE-IDENTIFY GZip file magic detected (file-identify.rules)
 * 1:20453 <-> DISABLED <-> FILE-IDENTIFY Script encoder file magic detected (file-identify.rules)
 * 1:20454 <-> DISABLED <-> FILE-IDENTIFY Postscript file magic detected (file-identify.rules)
 * 1:20455 <-> DISABLED <-> FILE-IDENTIFY BinHex file magic detected (file-identify.rules)
 * 1:20456 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:20458 <-> DISABLED <-> FILE-IDENTIFY bzip file magic detected (file-identify.rules)
 * 1:20459 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:20460 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20461 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows CAB file magic detected (file-identify.rules)
 * 1:20462 <-> ENABLED <-> FILE-IDENTIFY Ogg Stream file magic detected (file-identify.rules)
 * 1:20463 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20464 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20465 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20466 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20467 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20468 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20469 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20471 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:20472 <-> DISABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:20474 <-> DISABLED <-> FILE-IDENTIFY Symantec file magic detected (file-identify.rules)
 * 1:20475 <-> DISABLED <-> FILE-IDENTIFY ARJ file magic detected (file-identify.rules)
 * 1:20476 <-> DISABLED <-> FILE-IDENTIFY TNEF file magic detected (file-identify.rules)
 * 1:20477 <-> ENABLED <-> FILE-IDENTIFY ELF file magic detected (file-identify.rules)
 * 1:20478 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:20479 <-> DISABLED <-> FILE-IDENTIFY CryptFF file magic detected (file-identify.rules)
 * 1:20481 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20483 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:20484 <-> DISABLED <-> FILE-IDENTIFY SIS file magic detected (file-identify.rules)
 * 1:20485 <-> DISABLED <-> FILE-IDENTIFY SIP log file magic detected (file-identify.rules)
 * 1:20486 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:20487 <-> DISABLED <-> FILE-IDENTIFY 7zip file magic detected (file-identify.rules)
 * 1:20488 <-> DISABLED <-> FILE-IDENTIFY MachO Little Endian file magic detected (file-identify.rules)
 * 1:20489 <-> DISABLED <-> FILE-IDENTIFY MachO x64 Little Endian file magic detected (file-identify.rules)
 * 1:20490 <-> DISABLED <-> FILE-IDENTIFY MachO Big Endian file magic detected (file-identify.rules)
 * 1:20491 <-> DISABLED <-> FILE-IDENTIFY MachO x64 Big Endian file magic detected (file-identify.rules)
 * 1:20492 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:20493 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:20494 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:20495 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20496 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20497 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20500 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20501 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20502 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20503 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20507 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20511 <-> DISABLED <-> FILE-IDENTIFY bcproj file magic detected (file-identify.rules)
 * 1:20512 <-> DISABLED <-> FILE-IDENTIFY mx4 file magic detected (file-identify.rules)
 * 1:20513 <-> DISABLED <-> FILE-IDENTIFY ffmpeg file magic detected (file-identify.rules)
 * 1:20514 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:20515 <-> DISABLED <-> FILE-IDENTIFY ivr file magic detected (file-identify.rules)
 * 1:20516 <-> DISABLED <-> FILE-IDENTIFY caff file magic detected (file-identify.rules)
 * 1:20520 <-> DISABLED <-> FILE-IDENTIFY vmd file magic detected (file-identify.rules)
 * 1:20521 <-> DISABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:20522 <-> DISABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:20529 <-> DISABLED <-> FILE-JAVA Oracle Java trusted method chaining attempt (file-java.rules)
 * 1:20534 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel IPMT record buffer overflow attempt (file-office.rules)
 * 1:20540 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document with embedded TrueType font (file-office.rules)
 * 1:20545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF embedded font null pointer attempt (file-flash.rules)
 * 1:20547 <-> DISABLED <-> FILE-FLASH Adobe Flash Player overlapping record overflow attempt (file-flash.rules)
 * 1:20548 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursive doaction stack exhaustion (file-flash.rules)
 * 1:20549 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion attempt (file-flash.rules)
 * 1:20550 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Mover3D clipping exploit (file-flash.rules)
 * 1:20551 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Stage 3D texture format overflow attempt (file-flash.rules)
 * 1:20553 <-> DISABLED <-> FILE-MULTIMEDIA Un4seen Developments XMPlay crafted ASX file buffer overflow attempt (file-multimedia.rules)
 * 1:20555 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:20556 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PlaceObjectX null pointer dereference attempt (file-flash.rules)
 * 1:20557 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionDefineFunction2 length overflow attempt (file-flash.rules)
 * 1:20559 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI file buffer overflow attempt (file-multimedia.rules)
 * 1:20560 <-> DISABLED <-> FILE-FLASH Adobe Flash Player salign null javascript access attempt (file-flash.rules)
 * 1:20564 <-> DISABLED <-> FILE-IDENTIFY amf file magic detected (file-identify.rules)
 * 1:20565 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (file-other.rules)
 * 1:20566 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (file-other.rules)
 * 1:20567 <-> DISABLED <-> FILE-FLASH Adobe Flash SWF AVM2 namespace lookup deref exploit (file-flash.rules)
 * 1:20568 <-> DISABLED <-> FILE-FLASH Adobe Flash SWF ActionScript 3 ByteArray class vulnerability (file-flash.rules)
 * 1:20572 <-> DISABLED <-> FILE-OTHER Microsoft Windows Font Library file buffer overflow attempt (file-other.rules)
 * 1:20575 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:20577 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious TIFF remote code execution attempt (file-pdf.rules)
 * 1:20581 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules)
 * 1:20582 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules)
 * 1:20589 <-> ENABLED <-> FILE-IDENTIFY CDR file magic detected (file-identify.rules)
 * 1:20590 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:20594 <-> DISABLED <-> SERVER-ORACLE Outside In CorelDRAW file parser integer overflow attempt (server-oracle.rules)
 * 1:20622 <-> ENABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules)
 * 1:20636 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20637 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20659 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:20717 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE versioned stream missing data stream (file-office.rules)
 * 1:20718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (file-office.rules)
 * 1:20719 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules)
 * 1:20720 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules)
 * 1:20721 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher PLC object memory corruption attempt (file-office.rules)
 * 1:20722 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtBlipDIB record exploit attempt (file-office.rules)
 * 1:20724 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules)
 * 1:20734 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player digital video recording buffer overflow attempt (file-multimedia.rules)
 * 1:20735 <-> DISABLED <-> FILE-OTHER Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation of privileges attempt (file-other.rules)
 * 1:20750 <-> DISABLED <-> FILE-IDENTIFY webm file magic detected (file-identify.rules)
 * 1:20767 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:20770 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20771 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20772 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20777 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption attempt (file-flash.rules)
 * 1:20778 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - economy.rar (file-flash.rules)
 * 1:20779 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - dear chu.rar (file-flash.rules)
 * 1:20780 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - namelist.xls (file-flash.rules)
 * 1:20781 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:20788 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20802 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PRC file MarkupLinkedItem arbitrary code execution attempt (file-pdf.rules)
 * 1:20808 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20809 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20810 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20811 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20820 <-> DISABLED <-> FILE-JAVA Oracle Java JNLP parameter argument injection attempt (file-java.rules)
 * 1:20822 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt malicious string (browser-ie.rules)
 * 1:20831 <-> DISABLED <-> FILE-JAVA Oracle Java Applet Rhino script engine remote code execution attempt (file-java.rules)
 * 1:20842 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:20843 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:20853 <-> DISABLED <-> FILE-OTHER DAZ Studio dangerous scripting method attempt (file-other.rules)
 * 1:20858 <-> DISABLED <-> FILE-JAVA Oracle Java getSoundBank overflow Attempt malicious jar file (file-java.rules)
 * 1:20860 <-> DISABLED <-> FILE-IDENTIFY Autodesk Maya file magic detected (file-identify.rules)
 * 1:20861 <-> DISABLED <-> FILE-OTHER Autodesk Maya dangerous scripting method attempt (file-other.rules)
 * 1:20870 <-> DISABLED <-> FILE-OTHER Autodesk 3D Studio Maxscript dangerous scripting method attempt (file-other.rules)
 * 1:20880 <-> DISABLED <-> FILE-OFFICE Microsoft DirectShow Line 21 decoder exploit attempt (file-office.rules)
 * 1:20882 <-> DISABLED <-> FILE-OFFICE Microsoft Windows embedded packager object identifier (file-office.rules)
 * 1:20883 <-> DISABLED <-> FILE-OFFICE Microsoft Windows embedded packager object with .application extension bypass attempt (file-office.rules)
 * 1:20885 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel use after free attempt (file-office.rules)
 * 1:20886 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel use after free attempt (file-office.rules)
 * 1:20887 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel use after free attempt (file-office.rules)
 * 1:20889 <-> ENABLED <-> FILE-OTHER Video Spirit visprj buffer overflow (file-other.rules)
 * 1:20897 <-> DISABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:20900 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:20902 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules)
 * 1:20903 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules)
 * 1:20904 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules)
 * 1:20919 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader BMP color unused corruption (file-pdf.rules)
 * 1:20920 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader DCT dequantizer memory corruption attempt (file-pdf.rules)
 * 1:20921 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP colors used integer overflow attempt (file-pdf.rules)
 * 1:20922 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP bit count integer overflow attempt (file-pdf.rules)
 * 1:20923 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP bit count integer overflow attempt (file-pdf.rules)
 * 1:20924 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:20928 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:20950 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20951 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20952 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20953 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20954 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20955 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20956 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20957 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20958 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20959 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:20992 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:20997 <-> DISABLED <-> BROWSER-WEBKIT Apple Webkit Display box rendering corruption attempt (browser-webkit.rules)
 * 1:20998 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript submitform memory corruption attempt (file-pdf.rules)
 * 1:21002 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word border use-after-free attempt (file-office.rules)
 * 1:21007 <-> DISABLED <-> FILE-IDENTIFY Microsoft Money file magic detected (file-identify.rules)
 * 1:21011 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file magic detected (file-identify.rules)
 * 1:21015 <-> DISABLED <-> FILE-IDENTIFY cy3 Cytel Studio file magic detected (file-identify.rules)
 * 1:21019 <-> DISABLED <-> FILE-OTHER Cytel Studio string stack overflow attempt (file-other.rules)
 * 1:21020 <-> DISABLED <-> FILE-OTHER Cytel Studio row overflow attempt (file-other.rules)
 * 1:21021 <-> DISABLED <-> FILE-OTHER Cytel Studio USE command overflow attempt (file-other.rules)
 * 1:21024 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21025 <-> DISABLED <-> BROWSER-PLUGINS McAfee Security as a Service ActiveX function call attempt (browser-plugins.rules)
 * 1:21041 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - main.php?page= (exploit-kit.rules)
 * 1:21042 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?f= (exploit-kit.rules)
 * 1:21043 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?e= (exploit-kit.rules)
 * 1:21044 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:21045 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:21056 <-> ENABLED <-> FILE-JAVA Oracle Java attempt to write in system32 (file-java.rules)
 * 1:21057 <-> ENABLED <-> FILE-OTHER Java Applet Rhino script engine remote code execution attempt (file-other.rules)
 * 1:21059 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:21063 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:21064 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call access (browser-plugins.rules)
 * 1:21076 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:21077 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call (browser-plugins.rules)
 * 1:21078 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectShow GraphEdt closed captioning memory corruption (file-multimedia.rules)
 * 1:21082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21090 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp player mp4 memory corruption attempt (file-multimedia.rules)
 * 1:21091 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp player mp4 memory corruption attempt (file-multimedia.rules)
 * 1:21093 <-> DISABLED <-> FILE-MULTIMEDIA A-PDF Wav to mp3 converter buffer overfow (file-multimedia.rules)
 * 1:21094 <-> DISABLED <-> BROWSER-PLUGINS McAfee Remediation Agent ActiveX function call access (browser-plugins.rules)
 * 1:21095 <-> DISABLED <-> FILE-PDF Foxit Reader malicious pdf file write access (file-pdf.rules)
 * 1:21107 <-> DISABLED <-> FILE-MULTIMEDIA MJM Quickplayer s3m buffer overflow (file-multimedia.rules)
 * 1:21112 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (file-multimedia.rules)
 * 1:21113 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:21116 <-> DISABLED <-> FILE-OTHER Cisco Webex selector and size2 subrecords corruption attempt (file-other.rules)
 * 1:21156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21158 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:21159 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:21160 <-> ENABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:21162 <-> DISABLED <-> FILE-PDF Adobe Acrobat file extension overflow attempt (file-pdf.rules)
 * 1:21163 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook VEVENT overflow attempt (file-office.rules)
 * 1:21167 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:21168 <-> ENABLED <-> FILE-MULTIMEDIA AVI file chunk length integer overflow attempt (file-multimedia.rules)
 * 1:21170 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules)
 * 1:21173 <-> DISABLED <-> FILE-EXECUTABLE APP-CONTROL Thunder p2p application download detection (file-executable.rules)
 * 1:21243 <-> ENABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules)
 * 1:21244 <-> DISABLED <-> FILE-IDENTIFY New Executable binary file magic detected (file-identify.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:21254 <-> ENABLED <-> FILE-PDF Foxit Reader createDataObject file write attempt (file-pdf.rules)
 * 1:21258 <-> DISABLED <-> INDICATOR-SHELLCODE Feng-Shui heap grooming using Oleaut32 (indicator-shellcode.rules)
 * 1:21264 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Internet Security 2004 ActiveX function call (browser-plugins.rules)
 * 1:21265 <-> DISABLED <-> INDICATOR-SHELLCODE Piecemeal exploit and shellcode construction (indicator-shellcode.rules)
 * 1:21292 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules)
 * 1:21293 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio corrupted compressed data memory corruption attempt (file-office.rules)
 * 1:21299 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Silverlight privilege escalation attempt (browser-plugins.rules)
 * 1:21305 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules)
 * 1:21307 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSheet code execution attempt (file-office.rules)
 * 1:21308 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules)
 * 1:21316 <-> DISABLED <-> FILE-OTHER Adobe shockwave director tSAC string termination memory corruption attempt (file-other.rules)
 * 1:21317 <-> DISABLED <-> FILE-OTHER BACnet OPC client csv file buffer overflow attempt (file-other.rules)
 * 1:21325 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross site request forgery attempt (file-flash.rules)
 * 1:21326 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActiveX URL import attempt (file-flash.rules)
 * 1:21335 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion null dereference attempt (file-flash.rules)
 * 1:21336 <-> DISABLED <-> FILE-FLASH Adobe Flash ASConstructor insecure calling attempt (file-flash.rules)
 * 1:21338 <-> ENABLED <-> FILE-FLASH Adobe Flash Player MP4 zero length atom attempt (file-flash.rules)
 * 1:21339 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom auth field attempt (file-multimedia.rules)
 * 1:21340 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'titl' field attempt (file-multimedia.rules)
 * 1:21341 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'dscp' field attempt (file-multimedia.rules)
 * 1:21342 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom cprt field attempt (file-multimedia.rules)
 * 1:21345 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit malicious jar request (exploit-kit.rules)
 * 1:21346 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit malicious jar download (exploit-kit.rules)
 * 1:21347 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - .php?page= (exploit-kit.rules)
 * 1:21348 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit URL - search.php?page= (exploit-kit.rules)
 * 1:21363 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules)
 * 1:21371 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director KEY chunk buffer overflow attempt (file-other.rules)
 * 1:21387 <-> DISABLED <-> FILE-JAVA Oracle Java runtime RMIConnectionImpl deserialization execution attempt (file-java.rules)
 * 1:21393 <-> DISABLED <-> FILE-MULTIMEDIA Magix Musik Maker 16 buffer overflow attempt (file-multimedia.rules)
 * 1:21394 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox null byte file remote code execution attempt (browser-firefox.rules)
 * 1:21397 <-> DISABLED <-> FILE-MULTIMEDIA MicroP mppl stack buffer overflow (file-multimedia.rules)
 * 1:21413 <-> DISABLED <-> FILE-OTHER PeaZip command injection attempt (file-other.rules)
 * 1:21414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules)
 * 1:21415 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules)
 * 1:21417 <-> ENABLED <-> FILE-PDF hostile PDF associated with Laik exploit kit (file-pdf.rules)
 * 1:21420 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer compressed skin overflow attempt (file-other.rules)
 * 1:21422 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (file-office.rules)
 * 1:21423 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules)
 * 1:21429 <-> ENABLED <-> FILE-PDF Possible unknown malicious PDF (file-pdf.rules)
 * 1:21431 <-> ENABLED <-> FILE-PDF Possible malicious pdf - new pdf exploit (file-pdf.rules)
 * 1:21437 <-> DISABLED <-> FILE-OTHER WordPerfect WP3TablesGroup heap overflow attempt (file-other.rules)
 * 1:21438 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit JavaScript carat string splitting with hostile applet (exploit-kit.rules)
 * 1:21453 <-> DISABLED <-> FILE-PDF Possible unknown malicious PDF (file-pdf.rules)
 * 1:21457 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:21480 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21481 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start arbitrary command execution attempt (file-java.rules)
 * 1:21484 <-> DISABLED <-> FILE-OTHER ZIP file name overflow attempt (file-other.rules)
 * 1:21489 <-> ENABLED <-> FILE-OTHER Microsoft Windows chm file malware related exploit (file-other.rules)
 * 1:21492 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21498 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21501 <-> DISABLED <-> FILE-JAVA Oracle JavaScript file upload keystroke hijack attempt (file-java.rules)
 * 1:21503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXDB memory corruption (file-office.rules)
 * 1:21504 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21505 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21506 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21507 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21508 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21510 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit kit logo transfer (exploit-kit.rules)
 * 1:21519 <-> ENABLED <-> INDICATOR-OBFUSCATION Dadongs obfuscated javascript (indicator-obfuscation.rules)
 * 1:21524 <-> DISABLED <-> FILE-OFFICE Microsoft Windows object packager dialogue code execution attempt (file-office.rules)
 * 1:21530 <-> DISABLED <-> FILE-FLASH Adobe Flash Player action script 3 bitmap malicious rectangle attempt (file-flash.rules)
 * 1:21531 <-> DISABLED <-> FILE-FLASH Adobe Flash Player action script 3 bitmap malicious rectangle attempt (file-flash.rules)
 * 1:21532 <-> DISABLED <-> FILE-FLASH Adobe Flash Player action script 3 bitmap malicious rectangle attempt (file-flash.rules)
 * 1:21533 <-> ENABLED <-> FILE-FLASH Adobe Actionscript Stage3D null dereference attempt (file-flash.rules)
 * 1:21534 <-> ENABLED <-> FILE-FLASH Adobe Actionscript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules)
 * 1:21535 <-> ENABLED <-> FILE-FLASH Adobe Actionscript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules)
 * 1:21536 <-> DISABLED <-> FILE-FLASH Adobe Actionscript Stage3D null dereference attempt (file-flash.rules)
 * 1:21539 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific header (exploit-kit.rules)
 * 1:21548 <-> ENABLED <-> MALWARE-CNC Cutwail landing page connection (malware-cnc.rules)
 * 1:21549 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific header (exploit-kit.rules)
 * 1:21557 <-> DISABLED <-> FILE-OTHER Apple OSX ZIP archive shell script execution attempt (file-other.rules)
 * 1:21558 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (browser-plugins.rules)
 * 1:21559 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (browser-plugins.rules)
 * 1:21560 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (browser-plugins.rules)
 * 1:21561 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Antivirus ActiveX function call access (browser-plugins.rules)
 * 1:21576 <-> DISABLED <-> FILE-OTHER Microsoft Windows Visual Studio .addin file access (file-other.rules)
 * 1:21577 <-> ENABLED <-> INDICATOR-OBFUSCATION JavaScript obfuscation - charcode (indicator-obfuscation.rules)
 * 1:21578 <-> ENABLED <-> INDICATOR-OBFUSCATION JavaScript obfuscation - eval (indicator-obfuscation.rules)
 * 1:21579 <-> ENABLED <-> INDICATOR-OBFUSCATION JavaScript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:21580 <-> ENABLED <-> INDICATOR-OBFUSCATION JavaScript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:21581 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - BBB (exploit-kit.rules)
 * 1:21582 <-> DISABLED <-> FILE-PDF PDF obfuscation attempt (file-pdf.rules)
 * 1:21583 <-> ENABLED <-> FILE-PDF Possible malicious pdf detection - qwe123 (file-pdf.rules)
 * 1:21587 <-> DISABLED <-> FILE-OTHER VisiWave VWR file parsing code execution attempt (file-other.rules)
 * 1:21607 <-> DISABLED <-> FILE-OTHER IBM Installation Manager iim uri code execution attempt (file-other.rules)
 * 1:21620 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:21621 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:21629 <-> ENABLED <-> FILE-OTHER ELF file parsing in different antivirus evasion attempt (file-other.rules)
 * 1:21630 <-> ENABLED <-> FILE-OTHER ELF file parsing in different antivirus evasion attempt (file-other.rules)
 * 1:21640 <-> DISABLED <-> EXPLOIT-KIT Phoenix exploit kit landing page (exploit-kit.rules)
 * 1:21646 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21647 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:21654 <-> ENABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules)
 * 1:21655 <-> ENABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules)
 * 1:21657 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:21658 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:21659 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Home/index.php (exploit-kit.rules)
 * 1:21660 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Index/index.php (exploit-kit.rules)
 * 1:21661 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - catch (exploit-kit.rules)
 * 1:21664 <-> ENABLED <-> FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (file-java.rules)
 * 1:21665 <-> ENABLED <-> FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (file-java.rules)
 * 1:21666 <-> ENABLED <-> FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (file-java.rules)
 * 1:21667 <-> DISABLED <-> FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (file-java.rules)
 * 1:21671 <-> DISABLED <-> SERVER-WEBAPP PECL zip URL wrapper buffer overflow attempt (server-webapp.rules)
 * 1:21674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Smart Tags code execution attempt (file-office.rules)
 * 1:21675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Smart Tags code execution attempt (file-office.rules)
 * 1:21676 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Smart Tags code execution attempt (file-office.rules)
 * 1:21677 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Smart Tags code execution attempt (file-office.rules)
 * 1:21678 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:21679 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call attempt (exploit-kit.rules)
 * 1:21680 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:21681 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:21682 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:21683 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:21684 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:21685 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:21686 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit kit module call (exploit-kit.rules)
 * 1:21712 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:21727 <-> ENABLED <-> FILE-IDENTIFY ANI file magic detection (file-identify.rules)
 * 1:21751 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:21764 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unicode parsing buffer overflow attempt (file-office.rules)
 * 1:21765 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader PDF subroutine pointer attempt (file-pdf.rules)
 * 1:21770 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21771 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21772 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21773 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21774 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21775 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:18541 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 3 (file-office.rules)
 * 1:21791 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21792 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (file-executable.rules)
 * 1:21793 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (browser-ie.rules)
 * 1:21794 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:21795 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules)
 * 1:21797 <-> ENABLED <-> FILE-OFFICE MSCOMCTL ActiveX control deserialization arbitrary code execution attempt (file-office.rules)
 * 1:21798 <-> ENABLED <-> FILE-OFFICE MSCOMCTL ActiveX control deserialization arbitrary code execution attempt (file-office.rules)
 * 1:21799 <-> ENABLED <-> FILE-OFFICE MSCOMCTL ActiveX control deserialization arbitrary code execution attempt (file-office.rules)
 * 1:21800 <-> ENABLED <-> FILE-OFFICE MSCOMCTL ActiveX control deserialization arbitrary code execution attempt (file-office.rules)
 * 1:21801 <-> ENABLED <-> FILE-OFFICE MSCOMCTL ActiveX control deserialization arbitrary code execution attempt (file-office.rules)
 * 1:21805 <-> DISABLED <-> FILE-MULTIMEDIA HT-MP3Player file parsing boundary buffer overflow attempt (file-multimedia.rules)
 * 1:21810 <-> DISABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:21814 <-> DISABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:21858 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules)
 * 1:21859 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules)
 * 1:21869 <-> ENABLED <-> FILE-OTHER Java JRE sandbox breach attempt (file-other.rules)
 * 1:21876 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit landing page with specific structure - Loading (exploit-kit.rules)
 * 1:21878 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF interger overflow attempt (file-pdf.rules)
 * 1:21881 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:21882 <-> DISABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21883 <-> DISABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21896 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21897 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21898 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21899 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21900 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21901 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21902 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21903 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21904 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21905 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21906 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21907 <-> ENABLED <-> FILE-OFFICE Microsoft Office rtf document generic exploit indicator (file-office.rules)
 * 1:21918 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21919 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX function call access attempt (browser-plugins.rules)
 * 1:21920 <-> ENABLED <-> SERVER-ORACLE Oracle Outside In CorelDRAW file parser buffer overflow attempt (server-oracle.rules)
 * 1:21921 <-> ENABLED <-> SERVER-ORACLE Oracle Outside In CorelDRAW file parser buffer overflow attempt (server-oracle.rules)
 * 1:21922 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules)
 * 1:21927 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style handling overflow attempt (file-office.rules)
 * 1:21928 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed FBI record (file-office.rules)
 * 1:21929 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules)
 * 1:21930 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules)
 * 1:21931 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:21932 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (file-office.rules)
 * 1:21933 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (file-office.rules)
 * 1:21935 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (file-office.rules)
 * 1:21937 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:21940 <-> DISABLED <-> FILE-IDENTIFY EMF file magic detected (file-identify.rules)
 * 1:21942 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:21943 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:21948 <-> ENABLED <-> FILE-IMAGE Adobe Photoshop TIFF malicious SGILOG-compressed data attempt (file-image.rules)
 * 1:21950 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MSWebDVD ActiveX clsid access attempt (browser-plugins.rules)
 * 1:21951 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MSWebDVD ActiveX function call attempt (browser-plugins.rules)
 * 1:21953 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products HTML href shell attempt (browser-firefox.rules)
 * 1:21955 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows hlp file magic detected (file-identify.rules)
 * 1:21967 <-> DISABLED <-> MALWARE-BACKDOOR Rebhip.A runtime detection (malware-backdoor.rules)
 * 1:21973 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.ZZSlash runtime detection (malware-backdoor.rules)
 * 1:21974 <-> DISABLED <-> MALWARE-CNC Worm.Expichu variant inbound connection (malware-cnc.rules)
 * 1:21975 <-> DISABLED <-> MALWARE-CNC Worm.Expichu variant inbound connection (malware-cnc.rules)
 * 1:21999 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file magic detection (file-identify.rules)
 * 1:22002 <-> DISABLED <-> FILE-IDENTIFY Microsoft Visual Basic v6.0 - additional file magic detected (file-identify.rules)
 * 1:22016 <-> DISABLED <-> FILE-IDENTIFY Microsoft Visual Studio DBP file magic detected (file-identify.rules)
 * 1:22020 <-> DISABLED <-> FILE-IDENTIFY Microsoft Visual Studio PKP file magic detected (file-identify.rules)
 * 1:22024 <-> DISABLED <-> FILE-IDENTIFY Microsoft Visual Studio SLN file magic detected (file-identify.rules)
 * 1:22028 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file magic detected (file-identify.rules)
 * 1:22029 <-> DISABLED <-> FILE-OTHER Visual Studio DBP file handling buffer overflow attempt (file-other.rules)
 * 1:22030 <-> DISABLED <-> FILE-OTHER Visual Studio PKP file handling buffer overflow attempt (file-other.rules)
 * 1:22031 <-> DISABLED <-> FILE-OTHER Visual Studio SLN file handling buffer overflow attempt (file-other.rules)
 * 1:22032 <-> ENABLED <-> FILE-OTHER Visual Studio VAP file handling buffer overflow attempt (file-other.rules)
 * 1:22038 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:22042 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (file-executable.rules)
 * 1:22046 <-> DISABLED <-> FILE-IDENTIFY XM file magic detected (file-identify.rules)
 * 1:22052 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel style record overflow attempt (file-office.rules)
 * 1:22066 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ScriptBridge OCX controller attempt (file-office.rules)
 * 1:22069 <-> ENABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules)
 * 1:22070 <-> ENABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules)
 * 1:22071 <-> ENABLED <-> INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - eval (indicator-obfuscation.rules)
 * 1:22072 <-> ENABLED <-> INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:22073 <-> ENABLED <-> INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - unescape (indicator-obfuscation.rules)
 * 1:22074 <-> ENABLED <-> INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - charCode (indicator-obfuscation.rules)
 * 1:22075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio IndexDirectorySize greater than ChildrenSize memory access attempt (file-office.rules)
 * 1:22076 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:22077 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules)
 * 1:22078 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:22079 <-> DISABLED <-> OS-WINDOWS Microsoft .NET framework EvidenceBase class remote code execution attempt (os-windows.rules)
 * 1:22085 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (file-office.rules)
 * 1:22086 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (file-office.rules)
 * 1:22087 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font maxComponentPoints overflow attempt (file-other.rules)
 * 1:22090 <-> ENABLED <-> OS-WINDOWS Microsoft .NET framework malicious XBAP attempt (os-windows.rules)
 * 1:22091 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:22092 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules)
 * 1:22093 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules)
 * 1:22094 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules)
 * 1:22101 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed pfragments field (file-office.rules)
 * 1:22104 <-> ENABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:22105 <-> ENABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:22106 <-> ENABLED <-> FILE-IMAGE libpng chunk decompression integer overflow attempt (file-image.rules)
 * 1:22915 <-> ENABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules)
 * 1:22916 <-> ENABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules)
 * 1:22938 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF interger overflow attempt (file-pdf.rules)
 * 1:22941 <-> ENABLED <-> FILE-PDF Possible malicious PDF detection - qweqwe= (file-pdf.rules)
 * 1:22942 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules)
 * 1:22946 <-> DISABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:22947 <-> DISABLED <-> FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (file-other.rules)
 * 1:22954 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed SELECTION Record Code Execution attempt (file-office.rules)
 * 1:22999 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:23008 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:23009 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules)
 * 1:23010 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules)
 * 1:23014 <-> DISABLED <-> FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (file-other.rules)
 * 1:23015 <-> DISABLED <-> BROWSER-CHROME Google Chrome and Apple Safari runin handling use after free attempt (browser-chrome.rules)
 * 1:23016 <-> ENABLED <-> INDICATOR-COMPROMISE base64-encoded c99shell download (indicator-compromise.rules)
 * 1:23017 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell comment (indicator-compromise.rules)
 * 1:23018 <-> DISABLED <-> INDICATOR-OBFUSCATION eval of base64-encoded data (indicator-obfuscation.rules)
 * 1:23041 <-> DISABLED <-> FILE-PDF EmbeddedFile contained within a PDF (file-pdf.rules)
 * 1:23043 <-> ENABLED <-> FILE-PDF Unknown malicious PDF - CreationDate (file-pdf.rules)
 * 1:23044 <-> ENABLED <-> FILE-PDF Unknown malicious PDF - CreationDate (file-pdf.rules)
 * 1:23045 <-> ENABLED <-> FILE-PDF Unknown malicious PDF - Title (file-pdf.rules)
 * 1:23046 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23047 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23048 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid attempt (browser-plugins.rules)
 * 1:23049 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules)
 * 1:23050 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules)
 * 1:23060 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules)
 * 1:23085 <-> ENABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript string - join (indicator-obfuscation.rules)
 * 1:23086 <-> ENABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript string - push (indicator-obfuscation.rules)
 * 1:23087 <-> ENABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript string - xval (indicator-obfuscation.rules)
 * 1:23088 <-> ENABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript string - qweqwe (indicator-obfuscation.rules)
 * 1:23089 <-> ENABLED <-> INDICATOR-OBFUSCATION Obfuscated javascript strings - obfuscation pattern (indicator-obfuscation.rules)
 * 1:23091 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23092 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23093 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23094 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23095 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23098 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules)
 * 1:23100 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:23101 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:23105 <-> DISABLED <-> FILE-OFFICE EMF corruption attempt (file-office.rules)
 * 1:23110 <-> DISABLED <-> FILE-IMAGE Microsoft Windows graphics rendering engine buffer overflow attempt (file-image.rules)
 * 1:23113 <-> ENABLED <-> INDICATOR-OBFUSCATION eval gzinflate base64_decode call - likely malicious (indicator-obfuscation.rules)
 * 1:23114 <-> ENABLED <-> INDICATOR-OBFUSCATION GIF header with PHP tags - likely malicious (indicator-obfuscation.rules)
 * 1:23121 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (browser-ie.rules)
 * 1:23125 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules)
 * 1:23127 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET xbap STGMEDIUM.unionmember arbitrary number overwrite attempt (file-executable.rules)
 * 1:23129 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SecureSocket use without Connect attempt (file-flash.rules)
 * 1:23130 <-> ENABLED <-> FILE-FLASH Adobe Flash Player X509 direct instantiation property access attempt (file-flash.rules)
 * 1:23131 <-> ENABLED <-> FILE-FLASH Adobe Flash Player X500 DistinguishedName property access attempt (file-flash.rules)
 * 1:23132 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineSound tag long recordheader length field attempt (file-flash.rules)
 * 1:23133 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash.display.BitmapData constuctor overflow attempt (file-flash.rules)
 * 1:23135 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash.DisplayObject memory corruption attempt (file-flash.rules)
 * 1:23136 <-> DISABLED <-> BROWSER-IE Microsoft multiple product toStaticHTML XSS attempt (browser-ie.rules)
 * 1:23140 <-> ENABLED <-> FILE-PDF Unknown Malicious PDF - CreationDate (file-pdf.rules)
 * 1:23142 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23143 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23144 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23145 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23146 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23150 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed graphic record code execution attempt (file-office.rules)
 * 1:23151 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel zero-width worksheet code execution attempt (file-office.rules)
 * 1:23152 <-> ENABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23153 <-> ENABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23154 <-> ENABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23155 <-> ENABLED <-> FILE-OTHER OpenType Font file integer overflow attempt (file-other.rules)
 * 1:23156 <-> ENABLED <-> EXPLOIT-KIT Nuclear Pack exploit kit landing page (exploit-kit.rules)
 * 1:23157 <-> ENABLED <-> EXPLOIT-KIT Nuclear Pack exploit kit binary download (exploit-kit.rules)
 * 1:23158 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:23159 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:23160 <-> ENABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:23161 <-> ENABLED <-> INDICATOR-OBFUSCATION Javascript obfuscation - eval (indicator-obfuscation.rules)
 * 1:23166 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XDP encoded download attempt (file-pdf.rules)
 * 1:23170 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23181 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework xbap DataObject object pointer attempt (file-executable.rules)
 * 1:23211 <-> ENABLED <-> FILE-OFFICE Microsoft Office Outlook arbitrary command line attempt (file-office.rules)
 * 1:23212 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules)
 * 1:23217 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic avoid_utf8_tolower javascript encoder (indicator-shellcode.rules)
 * 1:23218 <-> ENABLED <-> EXPLOIT-KIT Redkit Repeated Exploit Request Pattern (exploit-kit.rules)
 * 1:23219 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit Java Exploit request to .class file (exploit-kit.rules)
 * 1:23220 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit Java Exploit Requested - 5 digit jar (exploit-kit.rules)
 * 1:23221 <-> DISABLED <-> EXPLOIT-KIT Redkit Jar File Naming Algorithm (exploit-kit.rules)
 * 1:23222 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page Received - applet and 5 digit jar attempt (exploit-kit.rules)
 * 1:23223 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit landing page Received - applet and code (exploit-kit.rules)
 * 1:23224 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page Requested - 8Digit.html (exploit-kit.rules)
 * 1:23225 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page Received - applet and flowbit (exploit-kit.rules)
 * 1:23226 <-> ENABLED <-> INDICATOR-OBFUSCATION JavaScript error suppression routine (indicator-obfuscation.rules)
 * 1:23241 <-> DISABLED <-> SERVER-OTHER HP DPNECentral RequestCopy type SQL injection attempt (server-other.rules)
 * 1:23243 <-> ENABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23253 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care XMLSimpleAccessor ActiveX function call access attempt (browser-plugins.rules)
 * 1:23255 <-> DISABLED <-> MALWARE-CNC Trojan.Duojeen outbound connection (malware-cnc.rules)
 * 1:23256 <-> DISABLED <-> FILE-EXECUTABLE Armadillo v1.71 packer file magic detected (file-executable.rules)
 * 1:23263 <-> ENABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules)
 * 1:23264 <-> ENABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:23266 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23267 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23268 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word crafted sprm structure memory corruption attempt (file-office.rules)
 * 1:23269 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:23270 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules)
 * 1:23271 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23272 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23273 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23274 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23275 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23276 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23277 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23283 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX clsid attempt (browser-plugins.rules)
 * 1:23284 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX function call attempt (browser-plugins.rules)
 * 1:23285 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnReadyStateChange use after free attempt (browser-ie.rules)
 * 1:23286 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23287 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23288 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23289 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23290 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23291 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23292 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23293 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23294 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23295 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23296 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23297 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23298 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23299 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23300 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23301 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23302 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23303 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23304 <-> ENABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23305 <-> ENABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:23309 <-> ENABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23310 <-> DISABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23311 <-> DISABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23312 <-> ENABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23313 <-> DISABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23318 <-> ENABLED <-> FILE-OTHER ELF multiple antivirus evasion attempts (file-other.rules)
 * 1:23322 <-> ENABLED <-> FILE-IDENTIFY TAR file download request (file-identify.rules)
 * 1:23323 <-> ENABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23324 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23325 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23326 <-> ENABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23327 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23328 <-> ENABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23329 <-> ENABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23346 <-> DISABLED <-> FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (file-other.rules)
 * 1:23351 <-> ENABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23352 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23353 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX function call access attempt (browser-plugins.rules)
 * 1:23356 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office text converters integer underflow attempt (file-office.rules)
 * 1:23357 <-> ENABLED <-> FILE-OTHER ELF multiple antivirus evasion attempts (file-other.rules)
 * 1:23358 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23370 <-> DISABLED <-> FILE-OFFICE Microsoft Office Drawing object code execution attempt (file-office.rules)
 * 1:23371 <-> ENABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:23372 <-> ENABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23373 <-> ENABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23374 <-> ENABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23375 <-> ENABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23376 <-> ENABLED <-> BROWSER-PLUGINS Teechart Professional ActiveX clsid access (browser-plugins.rules)
 * 1:23378 <-> DISABLED <-> MALWARE-CNC Trojan.Sasfis outbound connection (malware-cnc.rules)
 * 1:23386 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:23400 <-> DISABLED <-> FILE-OTHER Apple Quicktime JPEG2000 length integer underflow attempt (file-other.rules)
 * 1:23408 <-> DISABLED <-> OS-WINDOWS Microsoft Windows large image resize denial of service attempt (os-windows.rules)
 * 1:23446 <-> DISABLED <-> MALWARE-CNC Trojan.Sojax.A outbound connection (malware-cnc.rules)
 * 1:23457 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:23458 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:23459 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (file-office.rules)
 * 1:23461 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules)
 * 1:23462 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23463 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules)
 * 1:23464 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:23465 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:23477 <-> DISABLED <-> FILE-IDENTIFY PLP file magic detected (file-identify.rules)
 * 1:23478 <-> DISABLED <-> FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (file-other.rules)
 * 1:23479 <-> DISABLED <-> FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (file-other.rules)
 * 1:23481 <-> DISABLED <-> INDICATOR-OBFUSCATION hex escaped characters in setTimeout call (indicator-obfuscation.rules)
 * 1:23482 <-> DISABLED <-> INDICATOR-OBFUSCATION hex escaped characters in addEventListener call (indicator-obfuscation.rules)
 * 1:23483 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Georbot file download (malware-backdoor.rules)
 * 1:23489 <-> DISABLED <-> FILE-OTHER Microsoft Windows Task Scheduler buffer overflow attempt (file-other.rules)
 * 1:23499 <-> DISABLED <-> FILE-OTHER Microsoft Windows CUR file parsing overflow attempt (file-other.rules)
 * 1:23500 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt (file-pdf.rules)
 * 1:23501 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:23504 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnots exploit attempt (file-pdf.rules)
 * 1:23505 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compressed media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23506 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:23509 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules)
 * 1:23510 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules)
 * 1:23511 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules)
 * 1:23517 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (file-pdf.rules)
 * 1:23518 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (file-pdf.rules)
 * 1:23522 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious TIFF remote code execution attempt (file-pdf.rules)
 * 1:23523 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (file-pdf.rules)
 * 1:23524 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (file-pdf.rules)
 * 1:23530 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:23605 <-> DISABLED <-> FILE-IDENTIFY Armadillo v1.xx - v2.xx file magic detected (file-identify.rules)
 * 1:23612 <-> ENABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules)
 * 1:23614 <-> ENABLED <-> FILE-JAVA Oracle JavaScript heap exploitation library usage attempt (file-java.rules)
 * 1:23618 <-> ENABLED <-> MALWARE-OTHER Malvertising redirection attempt (malware-other.rules)
 * 1:23619 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch broken (exploit-kit.rules)
 * 1:23620 <-> ENABLED <-> MALWARE-OTHER Malvertising network attempted redirect (malware-other.rules)
 * 1:23621 <-> ENABLED <-> INDICATOR-OBFUSCATION known packer routine with secondary obfuscation (indicator-obfuscation.rules)
 * 1:23622 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page request - tkr (exploit-kit.rules)
 * 1:23624 <-> ENABLED <-> SERVER-OTHER Ubisoft Uplay browser plugin backdoor attempt (server-other.rules)
 * 1:23636 <-> ENABLED <-> INDICATOR-OBFUSCATION JavaScript built-in function parseInt appears obfuscated - likely packer or encoder (indicator-obfuscation.rules)
 * 1:23781 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:23785 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.floor catch (exploit-kit.rules)
 * 1:23786 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.round catch (exploit-kit.rules)
 * 1:23789 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (browser-firefox.rules)
 * 1:23790 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (browser-firefox.rules)
 * 1:23791 <-> DISABLED <-> SERVER-WEBAPP PHP use-after-free in substr_replace attempt (server-webapp.rules)
 * 1:23797 <-> ENABLED <-> EXPLOIT-KIT Blackhole redirection page (exploit-kit.rules)
 * 1:23798 <-> ENABLED <-> MALWARE-OTHER Malvertising redirection page (malware-other.rules)
 * 1:23806 <-> DISABLED <-> FILE-OTHER Oracle Outside-In JPEG2000 QCD segment processing heap buffer overflow attempt (file-other.rules)
 * 1:23822 <-> DISABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23834 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (browser-ie.rules)
 * 1:23836 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules)
 * 1:23840 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules)
 * 1:23842 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23844 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:23850 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - hwehes (exploit-kit.rules)
 * 1:23851 <-> ENABLED <-> FILE-PDF Blackhole exploit kit related malicious file detection (file-pdf.rules)
 * 1:23853 <-> ENABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules)
 * 1:23855 <-> ENABLED <-> FILE-FLASH string heapspray flash file - likely attack (file-flash.rules)
 * 1:23860 <-> DISABLED <-> INDICATOR-SHELLCODE heapspray characters detected - ASCII (indicator-shellcode.rules)
 * 1:23861 <-> DISABLED <-> FILE-IMAGE heapspray characters detected - binary (file-image.rules)
 * 1:23862 <-> DISABLED <-> INDICATOR-SHELLCODE heapspray characters detected - hexadecimal encoding (indicator-shellcode.rules)
 * 1:23864 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (file-pdf.rules)
 * 1:23865 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (file-pdf.rules)
 * 1:23866 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23867 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23868 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23869 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23870 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23871 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules)
 * 1:23874 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (file-pdf.rules)
 * 1:23875 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (file-pdf.rules)
 * 1:23878 <-> DISABLED <-> BROWSER-PLUGINS Oracle JRE Deployment Toolkit ActiveX clsid access attempt (browser-plugins.rules)
 * 1:23879 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:23880 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:23881 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23882 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23883 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (file-pdf.rules)
 * 1:23884 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (file-pdf.rules)
 * 1:23889 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23890 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23891 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23892 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules)
 * 1:23895 <-> DISABLED <-> SERVER-WEBAPP PHP truncated crypt function attempt (server-webapp.rules)
 * 1:23898 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader collab.collectEmailInfo exploit attempt (file-pdf.rules)
 * 1:23899 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (file-pdf.rules)
 * 1:23900 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (file-pdf.rules)
 * 1:23901 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (file-pdf.rules)
 * 1:23902 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (file-pdf.rules)
 * 1:23937 <-> ENABLED <-> SERVER-WEBAPP Invalid global flag attachment attempt (server-webapp.rules)
 * 1:23954 <-> ENABLED <-> OS-MOBILE Android SMSZombie APK file download attempt (os-mobile.rules)
 * 1:23957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23962 <-> DISABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - fewbgazr catch (exploit-kit.rules)
 * 1:23967 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt - compressed (file-flash.rules)
 * 1:23969 <-> ENABLED <-> OS-MOBILE Android SMSZombie APK file download (os-mobile.rules)
 * 1:23974 <-> DISABLED <-> SERVER-WEBAPP calendar conversion remote integer overflow attempt (server-webapp.rules)
 * 1:23975 <-> DISABLED <-> SERVER-WEBAPP calendar conversion remote integer overflow attempt (server-webapp.rules)
 * 1:23985 <-> DISABLED <-> BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (browser-plugins.rules)
 * 1:23988 <-> DISABLED <-> SERVER-WEBAPP ocPortal cms cross site request forgery attempt (server-webapp.rules)
 * 1:23989 <-> ENABLED <-> FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (file-office.rules)
 * 1:23996 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption attempt (file-flash.rules)
 * 1:23999 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules)
 * 1:24004 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (file-office.rules)
 * 1:24020 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24022 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24024 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24026 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24028 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24037 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24041 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:24043 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules)
 * 1:24051 <-> DISABLED <-> FILE-OTHER Winamp skin file arbitrary code execution attempt (file-other.rules)
 * 1:24053 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (exploit-kit.rules)
 * 1:24054 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (exploit-kit.rules)
 * 1:24055 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24057 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24060 <-> DISABLED <-> SERVER-WEBAPP PHP 5.3.3 mt_rand integer overflow attempt (server-webapp.rules)
 * 1:24063 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24065 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24067 <-> DISABLED <-> FILE-OTHER Expat xml UTF-8 buffer over-read attempt (file-other.rules)
 * 1:24069 <-> DISABLED <-> FILE-OTHER Expat xml UTF-8 buffer over-read attempt (file-other.rules)
 * 1:24084 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24095 <-> DISABLED <-> APP-DETECT Teamviewer installer download attempt (app-detect.rules)
 * 1:24124 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:24125 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel catLabel pointer manipulation attempt (file-office.rules)
 * 1:24131 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24132 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24133 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24134 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24135 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24136 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24137 <-> ENABLED <-> OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (os-windows.rules)
 * 1:24142 <-> ENABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules)
 * 1:24144 <-> ENABLED <-> MALWARE-OTHER Dorifel/Quervar/XDocCrypt download (malware-other.rules)
 * 1:24148 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malicious charstring stream attempt (file-pdf.rules)
 * 1:24150 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TrueType font corrupt header attempt (file-pdf.rules)
 * 1:24152 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (file-pdf.rules)
 * 1:24153 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (file-pdf.rules)
 * 1:24159 <-> DISABLED <-> FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (file-other.rules)
 * 1:24161 <-> DISABLED <-> FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (file-other.rules)
 * 1:24163 <-> DISABLED <-> FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (file-other.rules)
 * 1:24165 <-> DISABLED <-> FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (file-other.rules)
 * 1:24167 <-> ENABLED <-> INDICATOR-OBFUSCATION document write of unescaped value with remote script (indicator-obfuscation.rules)
 * 1:24176 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24177 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24178 <-> DISABLED <-> FILE-OTHER eZip Wizard stack overflow attempt (file-other.rules)
 * 1:24190 <-> ENABLED <-> FILE-IDENTIFY X PixMap file magic detected (file-identify.rules)
 * 1:24192 <-> DISABLED <-> SERVER-WEBAPP socket_connect buffer overflow attempt (server-webapp.rules)
 * 1:24194 <-> DISABLED <-> SERVER-WEBAPP socket_connect buffer overflow attempt (server-webapp.rules)
 * 1:24199 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules)
 * 1:24201 <-> ENABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:24204 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:24206 <-> DISABLED <-> FILE-IDENTIFY LZH archive file magic detected (file-identify.rules)
 * 1:24209 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24213 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24218 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:24226 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page received (exploit-kit.rules)
 * 1:24228 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page Received (exploit-kit.rules)
 * 1:24229 <-> DISABLED <-> FILE-OTHER RealNetworks Netzip Classic zip archive long filename buffer overflow attempt (file-other.rules)
 * 1:24238 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (file-executable.rules)
 * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24244 <-> ENABLED <-> FILE-FLASH Adobe Flash Player Matrix3D integer overflow attempt (file-flash.rules)
 * 1:24246 <-> DISABLED <-> BROWSER-PLUGINS AdminStudio and InstallShield ActiveX clsid access attempt (browser-plugins.rules)
 * 1:24248 <-> DISABLED <-> BROWSER-PLUGINS AdminStudio and InstallShield ActiveX function call access attempt (browser-plugins.rules)
 * 1:24257 <-> ENABLED <-> MALWARE-OTHER mygeeksmail.dll download (malware-other.rules)
 * 1:24259 <-> ENABLED <-> MALWARE-OTHER PwDump7.exe download (malware-other.rules)
 * 1:24261 <-> ENABLED <-> MALWARE-OTHER Lanman2.dll download (malware-other.rules)
 * 1:24263 <-> ENABLED <-> FILE-PDF Overly large CreationDate within a pdf - likely malicious (file-pdf.rules)
 * 1:24277 <-> ENABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:24284 <-> DISABLED <-> FILE-OFFICE Microsoft Office Drawing object code execution attempt (file-office.rules)
 * 1:24311 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Downloader download (malware-other.rules)
 * 1:24322 <-> DISABLED <-> BROWSER-PLUGINS EMC ApplicationXtender Desktop ActiveX function call attempt (browser-plugins.rules)
 * 1:24338 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules)
 * 1:24344 <-> ENABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24351 <-> ENABLED <-> FILE-OFFICE Microsoft Works 9 use-after-free attempt (file-office.rules)
 * 1:24353 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word RTF malformed listid attempt (file-office.rules)
 * 1:24357 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word rgfc value overflow attempt (file-office.rules)
 * 1:24362 <-> ENABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules)
 * 1:24363 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules)
 * 1:24366 <-> ENABLED <-> FILE-FLASH Adobe Flash malformed record stack exhaustion attempt (file-flash.rules)
 * 1:24370 <-> DISABLED <-> OS-LINUX Linux kernel IA32 out-of-bounds system call attempt (os-linux.rules)
 * 1:2438 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer playlist file URL overflow attempt (file-multimedia.rules)
 * 1:24386 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products xdomain object information disclosure attempt (browser-firefox.rules)
 * 1:2439 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer playlist http URL overflow attempt (file-multimedia.rules)
 * 1:24397 <-> DISABLED <-> APP-DETECT Steam game URI handler (app-detect.rules)
 * 1:2440 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer playlist rtsp URL overflow attempt (file-multimedia.rules)
 * 1:24408 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Miniflame download attempt (malware-other.rules)
 * 1:24410 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Gauss download attempt (malware-other.rules)
 * 1:24412 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DRM encrypted file detected (file-flash.rules)
 * 1:24414 <-> DISABLED <-> FILE-FLASH Adobe Flash Player stsz box heap overflow attempt (file-flash.rules)
 * 1:24426 <-> DISABLED <-> MALWARE-OTHER Java.Trojan.Jacksbot class download (malware-other.rules)
 * 1:24427 <-> DISABLED <-> MALWARE-OTHER Java.Trojan.Jacksbot jar download (malware-other.rules)
 * 1:24428 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24430 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24432 <-> ENABLED <-> BROWSER-OTHER HTML5 canvas element heap spray attempt (browser-other.rules)
 * 1:24433 <-> ENABLED <-> BROWSER-OTHER HTML5 canvas element heap spray attempt (browser-other.rules)
 * 1:24455 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24456 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24462 <-> DISABLED <-> FILE-IDENTIFY PSD file magic detection (file-identify.rules)
 * 1:24470 <-> DISABLED <-> FILE-IDENTIFY XCF file magic detection (file-identify.rules)
 * 1:24483 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24485 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24501 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit fallback executable download (exploit-kit.rules)
 * 1:24506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader null pointer dereference attempt (file-pdf.rules)
 * 1:24507 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24509 <-> ENABLED <-> FILE-IDENTIFY rmf file download request (file-identify.rules)
 * 1:24510 <-> ENABLED <-> FILE-JAVA Oracle Java XGetSamplePtrFromSnd memory corruption attempt (file-java.rules)
 * 1:24515 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Lucuis malware file download (malware-other.rules)
 * 1:24546 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24547 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24548 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24549 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (file-multimedia.rules)
 * 1:24551 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules)
 * 1:24554 <-> DISABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24556 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules)
 * 1:24571 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules)
 * 1:24572 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules)
 * 1:24580 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules)
 * 1:24583 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules)
 * 1:24587 <-> ENABLED <-> FILE-OFFICE Microsoft Works Word document use after free attempt (file-office.rules)
 * 1:24589 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24591 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24593 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page received - specific structure (exploit-kit.rules)
 * 1:24594 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24600 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24602 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24604 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24606 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24608 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (exploit-kit.rules)
 * 1:24609 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24611 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24613 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24615 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24617 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24619 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24621 <-> ENABLED <-> MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (malware-other.rules)
 * 1:24625 <-> ENABLED <-> FILE-PDF Sophos Antivirus PDF parsing stack overflow attempt (file-pdf.rules)
 * 1:24636 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (exploit-kit.rules)
 * 1:24637 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (exploit-kit.rules)
 * 1:24638 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit redirection successful (exploit-kit.rules)
 * 1:24640 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime movie buffer overflow attempt (file-multimedia.rules)
 * 1:24643 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX function call access (browser-plugins.rules)
 * 1:24644 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules)
 * 1:24645 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules)
 * 1:24646 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET exetension ActiveX clsid access (browser-plugins.rules)
 * 1:24648 <-> ENABLED <-> MALWARE-OTHER HTML.Exploit.C99 suspicious file download (malware-other.rules)
 * 1:24649 <-> ENABLED <-> FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (file-other.rules)
 * 1:24653 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 table th element use after free attempt (browser-ie.rules)
 * 1:24658 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules)
 * 1:24661 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 style properties use after free attempt (browser-ie.rules)
 * 1:24662 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer button object use after free memory corruption attempt (browser-ie.rules)
 * 1:24665 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (file-executable.rules)
 * 1:24667 <-> ENABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24668 <-> ENABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24669 <-> ENABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24670 <-> ENABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SST record invalid length memory corruption attempt (file-office.rules)
 * 1:24678 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24679 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24680 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24681 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24687 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:24694 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules)
 * 1:24700 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24701 <-> ENABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24702 <-> ENABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules)
 * 1:24706 <-> DISABLED <-> SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (server-webapp.rules)
 * 1:24711 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COD parameter buffer overflow attempt (file-image.rules)
 * 1:24712 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COC parameter buffer overflow attempt (file-image.rules)
 * 1:24713 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COD parameter buffer overflow attempt (file-image.rules)
 * 1:24714 <-> DISABLED <-> FILE-IMAGE Oracle Outside In JPEG COC parameter buffer overflow attempt (file-image.rules)
 * 1:24721 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader empty object page tree node reference attempt (file-pdf.rules)
 * 1:24722 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader empty object page tree node reference attempt (file-pdf.rules)
 * 1:24723 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX clsid access (browser-plugins.rules)
 * 1:24724 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX function call access (browser-plugins.rules)
 * 1:24727 <-> ENABLED <-> MALWARE-OTHER HTML.Exploit.C99 suspicious file download (malware-other.rules)
 * 1:24761 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules)
 * 1:24763 <-> ENABLED <-> FILE-PDF Sophos Antivirus PDF parsing stack overflow attempt (file-pdf.rules)
 * 1:24769 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24774 <-> DISABLED <-> BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX clsid access (browser-plugins.rules)
 * 1:24775 <-> DISABLED <-> BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX function call access (browser-plugins.rules)
 * 1:24776 <-> DISABLED <-> BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX clsid access (browser-plugins.rules)
 * 1:24777 <-> DISABLED <-> BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX function call access (browser-plugins.rules)
 * 1:24778 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit landing page - Title (exploit-kit.rules)
 * 1:24779 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit - PDF Exploit (exploit-kit.rules)
 * 1:24780 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit - PDF Exploit (exploit-kit.rules)
 * 1:24781 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit outbound request (exploit-kit.rules)
 * 1:24782 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit outbound request (exploit-kit.rules)
 * 1:24783 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit 32-bit font file download (exploit-kit.rules)
 * 1:24784 <-> DISABLED <-> EXPLOIT-KIT Cool exploit kit 64-bit font file download (exploit-kit.rules)
 * 1:24785 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit possible redirection attempt (exploit-kit.rules)
 * 1:24786 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit request structure (exploit-kit.rules)
 * 1:24787 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24788 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit request structure (exploit-kit.rules)
 * 1:24789 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24790 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable request (exploit-kit.rules)
 * 1:24791 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24793 <-> ENABLED <-> EXPLOIT-KIT KaiXin exploit kit Java Class download (exploit-kit.rules)
 * 1:24794 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Class download attempt (exploit-kit.rules)
 * 1:24795 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Class download attempt (exploit-kit.rules)
 * 1:24796 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Class download attempt (exploit-kit.rules)
 * 1:24797 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Class download attempt (exploit-kit.rules)
 * 1:24799 <-> ENABLED <-> MALWARE-OTHER OSX.Trojan.Imuler suspicious download (malware-other.rules)
 * 1:24808 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer premature unload of Flash plugin use after free attempt (file-flash.rules)
 * 1:24810 <-> ENABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules)
 * 1:24812 <-> ENABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules)
 * 1:24816 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24818 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24839 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:24840 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - JAR redirection (exploit-kit.rules)
 * 1:24841 <-> ENABLED <-> EXPLOIT-KIT Sibhost exploit kit outbound JAR download attempt (exploit-kit.rules)
 * 1:2485 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Internet Security 2004 ActiveX clsid access (browser-plugins.rules)
 * 1:24860 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page - specific-structure (exploit-kit.rules)
 * 1:24861 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page in an email (exploit-kit.rules)
 * 1:24862 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page - specific-structure (exploit-kit.rules)
 * 1:24863 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page in an email (exploit-kit.rules)
 * 1:24864 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page - specific-structure (exploit-kit.rules)
 * 1:24865 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit landing page in an email (exploit-kit.rules)
 * 1:24874 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24876 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules)
 * 1:24879 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid JPEG index attempt (file-flash.rules)
 * 1:24888 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit landing page detected (exploit-kit.rules)
 * 1:24889 <-> DISABLED <-> FILE-FLASH Action InitArray stack overflow attempt (file-flash.rules)
 * 1:24890 <-> ENABLED <-> FILE-FLASH Action InitArray stack overflow attempt (file-flash.rules)
 * 1:24891 <-> DISABLED <-> FILE-FLASH Action InitArray stack overflow attempt (file-flash.rules)
 * 1:24895 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt (file-flash.rules)
 * 1:24900 <-> ENABLED <-> MALWARE-OTHER HTML.Exploit.C99 suspicious file download (malware-other.rules)
 * 1:24904 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:24907 <-> ENABLED <-> SERVER-ORACLE Oracle Secure Backup exec_qr command injection attempt (server-oracle.rules)
 * 1:24911 <-> DISABLED <-> SERVER-ORACLE Oracle Outside In Excel file parsing integer overflow attempt (server-oracle.rules)
 * 1:24956 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property use after free memory corruption attempt (browser-ie.rules)
 * 1:24964 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24965 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24966 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24967 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24968 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24969 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24970 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules)
 * 1:24974 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word rtf invalid listoverridecount value attempt (file-office.rules)
 * 1:24977 <-> ENABLED <-> EXPLOIT-KIT ProPack exploit kit outbound connection attempt (exploit-kit.rules)
 * 1:24978 <-> ENABLED <-> EXPLOIT-KIT ProPack exploit kit outbound payload request (exploit-kit.rules)
 * 1:24979 <-> ENABLED <-> EXPLOIT-KIT ProPack exploit kit outbound connection (exploit-kit.rules)
 * 1:24980 <-> ENABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules)
 * 1:24982 <-> ENABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules)
 * 1:24984 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadPCMFromByteArray bad sample count attempt (file-flash.rules)
 * 1:24985 <-> ENABLED <-> FILE-FLASH Adobe Flash Player index overflow attempt (file-flash.rules)
 * 1:24989 <-> ENABLED <-> FILE-FLASH Adobe Flash Player specially invalid traits structure attempt (file-flash.rules)
 * 1:24991 <-> ENABLED <-> FILE-FLASH Adobe Flash Player DoInitAction invalid action overflow attempt (file-flash.rules)
 * 1:24997 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:24998 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules)
 * 1:25001 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Narilam variant outbound connection (malware-other.rules)
 * 1:25004 <-> DISABLED <-> BROWSER-PLUGINS ClearQuest session stack corruption attempt (browser-plugins.rules)
 * 1:25005 <-> DISABLED <-> BROWSER-PLUGINS ClearQuest session stack corruption attempt (browser-plugins.rules)
 * 1:25012 <-> DISABLED <-> FILE-OTHER Sophos CAB CFDATA cbData overflow attempt (file-other.rules)
 * 1:25037 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit css title memory corruption attempt (browser-webkit.rules)
 * 1:25038 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit css title memory corruption attempt (browser-webkit.rules)
 * 1:25042 <-> ENABLED <-> EXPLOIT-KIT Java User-Agent downloading Portable Executable - Possible exploit kit (exploit-kit.rules)
 * 1:25043 <-> ENABLED <-> EXPLOIT-KIT Blackholev2 exploit kit url structure detected (exploit-kit.rules)
 * 1:25044 <-> ENABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:25045 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit requesting payload (exploit-kit.rules)
 * 1:25046 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit Java V6 exploit download (exploit-kit.rules)
 * 1:25047 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit Java V7 exploit download (exploit-kit.rules)
 * 1:25048 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit PDF Library exploit download (exploit-kit.rules)
 * 1:25051 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit landing page redirection (exploit-kit.rules)
 * 1:25052 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit Java Exploit requested - 3 digit (exploit-kit.rules)