Talos has added and modified multiple rules in the app-detect, browser-chrome, browser-firefox, browser-ie, browser-other, browser-plugins, browser-webkit, exploit-kit, file-executable, file-flash, file-image, file-java, file-multimedia, file-office, file-other, file-pdf, malware-cnc, netbios, os-other, os-windows, policy-other, policy-social, protocol-dns, protocol-ftp, protocol-icmp, protocol-rpc, protocol-scada, protocol-services, protocol-snmp, protocol-telnet, protocol-tftp, server-apache, server-iis, server-mail, server-oracle, server-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.
For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2962.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:37034 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37036 <-> ENABLED <-> MALWARE-CNC Win.Trojan.ModPOS outbound communication attempt (malware-cnc.rules) * 1:37019 <-> DISABLED <-> SERVER-WEBAPP wordpress kses bypass cross site scripting attempt (server-webapp.rules) * 1:37035 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37032 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37015 <-> DISABLED <-> PROTOCOL-DNS DNS DNAME query detected - possible attack attempt (protocol-dns.rules) * 1:37029 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37022 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:37031 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37023 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:37026 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 ciphersuite use attempt (policy-other.rules) * 1:37020 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gh0st variant outbound connection (malware-cnc.rules) * 1:37033 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37016 <-> ENABLED <-> EXPLOIT-KIT DoloMalo exploit kit packer detected (exploit-kit.rules) * 1:37025 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 ciphersuite use attempt (policy-other.rules) * 1:37021 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:37014 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit landing page detected (exploit-kit.rules) * 1:37027 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Alina variant outbound connection (malware-cnc.rules) * 1:37018 <-> DISABLED <-> SERVER-WEBAPP wordpress kses bypass cross site scripting attempt (server-webapp.rules) * 1:37024 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sofacy outbound connection (malware-cnc.rules) * 1:37017 <-> DISABLED <-> SERVER-OTHER Redis SSH authorized keys file overwrite attempt (server-other.rules) * 1:37030 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
* 1:34574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:32872 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff exploit attempt (file-office.rules) * 1:35488 <-> DISABLED <-> OS-WINDOWS Windows Notepad remote printer file access attempt (os-windows.rules) * 1:32838 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ANTrustPropgateAll privilege propagation attempt (file-pdf.rules) * 1:34482 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:32262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Active X installer broker privilege elevation attempt (browser-ie.rules) * 1:36478 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:33344 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 x64 linked cursor double free attempt (os-windows.rules) * 1:36416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows kernel ALPC synchronous requests memory corruption attempt (os-windows.rules) * 1:35843 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server MoveFile method directory traversal attempt (server-webapp.rules) * 1:32634 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX clsid access (browser-plugins.rules) * 1:32702 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32635 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX function call access (browser-plugins.rules) * 1:33364 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:34080 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:34365 <-> DISABLED <-> SERVER-WEBAPP Magento remote code execution attempt (server-webapp.rules) * 1:32484 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer immutable application settings sandbox escape attempt (browser-ie.rules) * 1:34081 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:35445 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:32358 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JpxDecode invalid crgn memory corruption attempt (file-pdf.rules) * 1:35615 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:34485 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:36279 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:35628 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime tkhd atom matrix integer overflow attempt (file-multimedia.rules) * 1:31611 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:35817 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server RenameFile method directory traversal attempt (server-webapp.rules) * 1:32382 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules) * 1:33824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:34577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:36458 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:35447 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:33436 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font integer overflow attempt (file-other.rules) * 1:35441 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:34435 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET XML recursive call denial of service attempt (os-windows.rules) * 1:36415 <-> DISABLED <-> OS-WINDOWS Microsoft Windows kernel ALPC synchronous requests memory corruption attempt (os-windows.rules) * 1:35771 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:35446 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:34408 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox bypass attempt (browser-ie.rules) * 1:33651 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules) * 1:31572 <-> DISABLED <-> FILE-IMAGE GIMP XWD GreenMask file-handling stack buffer overflow attempt (file-image.rules) * 1:35847 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca server directory traversal attempt (server-webapp.rules) * 1:32745 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer information disclosure attempt (server-webapp.rules) * 1:33732 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font atlmfd.dll uninitialized memory read attempt (file-other.rules) * 1:35780 <-> DISABLED <-> FILE-PDF Adobe Reader out of bounds memory read attempt (file-pdf.rules) * 1:35617 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:33778 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:32277 <-> DISABLED <-> SERVER-OTHER Novell ZENworks PreBoot directory traversal attempt (server-other.rules) * 1:35988 <-> DISABLED <-> FILE-EXECUTABLE NtGdiStretchBlt buffer overflow privilege escalation attempt (file-executable.rules) * 1:34587 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34985 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:33307 <-> DISABLED <-> FILE-OTHER Microsoft Visio packed object parsing memory corruption attempt (file-other.rules) * 1:34078 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:34776 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserMessageCall information disclosure attempt (os-windows.rules) * 1:35978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CreateObjectTask privilege escalation attempt (os-windows.rules) * 1:31729 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Password Manager MetadataServlet SQL injection attempt (server-webapp.rules) * 1:34566 <-> DISABLED <-> FILE-OTHER Microsoft Windows Font Library file buffer overflow attempt (file-other.rules) * 1:33765 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetClipboardAccessToken privilege escalation attempt (os-windows.rules) * 1:33214 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader newfunction memory corruption attempt (file-pdf.rules) * 1:33791 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:32489 <-> DISABLED <-> OS-WINDOWS Microsoft Windows tcpip.sys null pointer dereference attempt (os-windows.rules) * 1:33974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed file cross domain policy bypass attempt (file-flash.rules) * 1:33811 <-> DISABLED <-> SERVER-MAIL Microsoft Exchange UM Management user stored XSS attempt (server-mail.rules) * 1:32532 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules) * 1:31573 <-> DISABLED <-> FILE-IMAGE GIMP XWD RedMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31809 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer integer overflow exploit attempt (browser-ie.rules) * 1:35038 <-> DISABLED <-> SERVER-OTHER Trustwave ModSecurity chunked transfer encoding policy bypass attempt (server-other.rules) * 1:32347 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:32514 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:34068 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 invalid array element read attempt (browser-ie.rules) * 1:32839 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ANTrustPropgateAll privilege propagation attempt (file-pdf.rules) * 1:32519 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer registry symbolic link attack attempt (file-other.rules) * 1:35977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CreateObjectTask privilege escalation attempt (os-windows.rules) * 1:35568 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid mvhd atom size out of bounds read attempt (file-multimedia.rules) * 1:32184 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CFunctionPointer use after free exploit attempt (browser-ie.rules) * 1:32681 <-> DISABLED <-> SERVER-WEBAPP Microsoft Outlook Web Access parameter cross site scripting attempt (server-webapp.rules) * 1:32062 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:31584 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSS .ipsum layout use-after-free attempt (browser-ie.rules) * 1:32694 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS out-of-bounds buffer access attempt (browser-ie.rules) * 1:35117 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer svg elements use after free attempt (browser-ie.rules) * 1:35739 <-> DISABLED <-> FILE-PDF Adobe Reader GoToE javascript execution attempt (file-pdf.rules) * 1:33005 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:34233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:34442 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NTUserGetTitleBarInfo information disclosure attempt (os-windows.rules) * 1:32141 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:35442 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:32744 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer DisplayChartPDF directory traversal attempt (server-webapp.rules) * 1:35422 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:36447 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSharedStyle object out-of-bounds read attempt (browser-ie.rules) * 1:32589 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules) * 1:34377 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetComboBoxInfo information disclosure attempt (os-windows.rules) * 1:35638 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (file-flash.rules) * 1:34495 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:32460 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPtsTextParaclient out of bounds error remote code execution attempt (browser-ie.rules) * 1:32482 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer pasteHTML use after free attempt (browser-ie.rules) * 1:34980 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (server-webapp.rules) * 1:35740 <-> DISABLED <-> FILE-PDF Adobe Reader GoToE javascript execution attempt (file-pdf.rules) * 1:33155 <-> DISABLED <-> OS-WINDOWS CryptProtectMemory Impersonation Check Bypass attempt (os-windows.rules) * 1:34235 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:34481 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34486 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:35379 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:34349 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:33762 <-> DISABLED <-> SERVER-WEBAPP Microsoft Outlook WebAccess msgParam cross site scripting attempt (server-webapp.rules) * 1:35564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime esds atom buffer overread attempt (file-multimedia.rules) * 1:32698 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:33788 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33659 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules) * 1:34782 <-> DISABLED <-> OS-WINDOWS Microsoft Windows BrushAttributes use-after-free attempt (os-windows.rules) * 1:33322 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:31504 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:36411 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:34770 <-> DISABLED <-> OS-WINDOWS Microsoft Windows bitmap menu item use after free attempt (os-windows.rules) * 1:33897 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript iframe injection attempt (browser-ie.rules) * 1:33653 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules) * 1:33766 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetClipboardAccessToken privilege escalation attempt (os-windows.rules) * 1:32885 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules) * 1:32587 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Series record exploit attempt (file-office.rules) * 1:34961 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (server-webapp.rules) * 1:32805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:32633 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX function call access (browser-plugins.rules) * 1:33729 <-> DISABLED <-> OS-WINDOWS ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt (os-windows.rules) * 1:34532 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader customDictionaryExport information disclosure attempt (file-pdf.rules) * 1:32491 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer information disclosure attempt (browser-ie.rules) * 1:36405 <-> DISABLED <-> OS-WINDOWS Microsoft Windows sandbox policy bypass attempt (os-windows.rules) * 1:33830 <-> DISABLED <-> SERVER-OTHER ElasticSearch script remote code execution attempt (server-other.rules) * 1:34536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules) * 1:31575 <-> DISABLED <-> FILE-IMAGE GIMP XWD GreenMask file-handling stack buffer overflow attempt (file-image.rules) * 1:33684 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:34488 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:32809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32700 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:34439 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Explorer .msc file stack overflow attempt (os-windows.rules) * 1:33793 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:32969 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules) * 1:35149 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop reference use after free attempt (os-windows.rules) * 1:34772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MOTW.dll sandbox escape attempt (browser-ie.rules) * 1:35614 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:35708 <-> DISABLED <-> SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (server-webapp.rules) * 1:36404 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SepReferenceLowBoxObjects privilege escalation attempt (os-windows.rules) * 1:32697 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:35310 <-> DISABLED <-> SERVER-WEBAPP Centreon getStats.php command injection attempt (server-webapp.rules) * 1:34479 <-> DISABLED <-> FILE-EXECUTABLE Adobe Flash Player Internet Explorer broker process directory traversal attempt (file-executable.rules) * 1:36029 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Win32k.sys use after free attempt (os-windows.rules) * 1:31608 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:35116 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer svg elements use after free attempt (browser-ie.rules) * 1:32430 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CHeaderElement object use-after-free remote code execution attempt (browser-ie.rules) * 1:32701 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:34534 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PRC invalid index attempt (file-pdf.rules) * 1:34079 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:32064 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:34124 <-> DISABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:32490 <-> DISABLED <-> OS-WINDOWS Microsoft Windows tcpip.sys null pointer dereference attempt (os-windows.rules) * 1:36409 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:34588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34150 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:35779 <-> DISABLED <-> FILE-PDF Adobe Reader out of bounds memory read attempt (file-pdf.rules) * 1:35968 <-> DISABLED <-> BROWSER-IE Microsoft Windows Edge sandbox CreateFileW arbitrary file delete attempt (browser-ie.rules) * 1:33179 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:33972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross domain policy bypass attempt (file-flash.rules) * 1:34378 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetComboBoxInfo information disclosure attempt (os-windows.rules) * 1:34426 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:36410 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:35128 <-> DISABLED <-> BROWSER-IE Microsoft Windows Internet Explorer local file information disclosure attempt (browser-ie.rules) * 1:34487 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:31685 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-origin security policy bypass attempt (file-flash.rules) * 1:35188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:34492 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:33728 <-> DISABLED <-> OS-WINDOWS ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt (os-windows.rules) * 1:36016 <-> DISABLED <-> OS-WINDOWS Microsoft Windows use after free kernel privilege escalation attempt (os-windows.rules) * 1:32319 <-> DISABLED <-> BROWSER-CHROME Google Chrome Blink locationAttributeSetter use after free attempt (browser-chrome.rules) * 1:35106 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:34149 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:32581 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules) * 1:36452 <-> DISABLED <-> BROWSER-IE Microsoft Edge cross site scripting filter bypass attempt (browser-ie.rules) * 1:34537 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules) * 1:33781 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:35378 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:35844 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server MoveFile method directory traversal attempt (server-webapp.rules) * 1:33008 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:31843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules) * 1:32840 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:36012 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kernel SettingsSyncDiagnostics privilege escalation attempt (os-windows.rules) * 1:31582 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:32632 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX clsid access (browser-plugins.rules) * 1:33808 <-> DISABLED <-> SERVER-OTHER Microsoft Sharepoint Server Newsfeed XSS attempt (server-other.rules) * 1:31750 <-> DISABLED <-> FILE-FLASH Adobe Flash Player marshallException through JavaScript XSS attempt (file-flash.rules) * 1:36331 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Alina variant outbound connection (malware-cnc.rules) * 1:34792 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:35560 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules) * 1:31728 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central LinkViewFetchServlet SQL injection attempt (server-webapp.rules) * 1:35967 <-> DISABLED <-> BROWSER-IE Microsoft Windows Edge sandbox CreateFileW arbitrary file delete attempt (browser-ie.rules) * 1:36412 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:34781 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context visible region memory corruption attempt (file-other.rules) * 1:34484 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:35487 <-> DISABLED <-> OS-WINDOWS Windows Notepad remote printer file access attempt (os-windows.rules) * 1:33774 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CmpGetVirtualizationID race condition user impersonation attempt (os-windows.rules) * 1:31671 <-> DISABLED <-> FILE-OTHER Symantec Endpoint Protection Sysplant kernel pool overflow exploit attempt (file-other.rules) * 1:32588 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules) * 1:35999 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer msGetRegionContent memory corruption attempt (browser-ie.rules) * 1:32940 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed Label record exploit attempt (file-office.rules) * 1:33178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:32627 <-> DISABLED <-> BROWSER-PLUGINS Adobe Flash broker privilege escalation file creation attempt (browser-plugins.rules) * 1:35784 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm null pointer dereference attempt (file-pdf.rules) * 1:34414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetScrollBarInfo information disclosure attempt (os-windows.rules) * 1:33159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVM2 opcode type confusion denial of service attempt (file-flash.rules) * 1:32746 <-> DISABLED <-> SERVER-WEBAPP Wordpress OptimizePress plugin theme upload attempt (server-webapp.rules) * 1:32500 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer EPM sandbox escape attempt (file-other.rules) * 1:32821 <-> DISABLED <-> FILE-PDF Cross Domain potentially malicious redirection attempt (file-pdf.rules) * 1:33971 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross domain policy bypass attempt (file-flash.rules) * 1:34815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:35639 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (file-flash.rules) * 1:32626 <-> DISABLED <-> BROWSER-PLUGINS Adobe Flash broker privilege escalation file creation attempt (browser-plugins.rules) * 1:34483 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:31945 <-> DISABLED <-> SERVER-WEBAPP PhpWiki Ploticus plugin command injection attempt (server-webapp.rules) * 1:35105 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:31609 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:35986 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserSetWindowsHook memory disclosure attempt (os-windows.rules) * 1:35136 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DeferWindowPos access after release code injection attempt (os-windows.rules) * 1:33197 <-> DISABLED <-> SERVER-OTHER BMC Track-It FileStorageService directory traversal attempt (server-other.rules) * 1:32894 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX clsid access attempt (browser-plugins.rules) * 1:31629 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CMarkup insertMarquee use after free attempt (browser-ie.rules) * 1:35808 <-> DISABLED <-> FILE-PDF Adobe Reader validation bypass privilege escalation attempt (file-pdf.rules) * 1:36013 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kernel SettingsSyncDiagnostics privilege escalation attempt (os-windows.rules) * 1:36057 <-> DISABLED <-> SERVER-WEBAPP Apache ActiveMQ directory traversal attempt (server-webapp.rules) * 1:35594 <-> DISABLED <-> SERVER-WEBAPP Websense Triton Content Manager handle_debug_network stack buffer overflow attempt (server-webapp.rules) * 1:36431 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:32798 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:31580 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:32264 <-> DISABLED <-> BROWSER-IE ActiveX installer broker object sandbox escape attempt (browser-ie.rules) * 1:33578 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:31561 <-> DISABLED <-> SERVER-WEBAPP Wordpress MailPoet plugin successful theme file upload detected (server-webapp.rules) * 1:31579 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record attempt (file-office.rules) * 1:31684 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-origin security policy bypass attempt (file-flash.rules) * 1:35285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:33721 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 sandbox bypass attempt (browser-ie.rules) * 1:36403 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SepReferenceLowBoxObjects privilege escalation attempt (os-windows.rules) * 1:32145 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:31560 <-> DISABLED <-> SERVER-WEBAPP Wordpress MailPoet plugin theme file upload attempt (server-webapp.rules) * 1:35174 <-> DISABLED <-> OS-WINDOWS DCOM DCE/RPC NTLM reflection elevation of privilege attempt (os-windows.rules) * 1:31838 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules) * 1:32499 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer EPM sandbox escape attempt (file-other.rules) * 1:34110 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:31571 <-> DISABLED <-> FILE-IMAGE GIMP XWD BlueMask file-handling stack buffer overflow attempt (file-image.rules) * 1:32808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:33799 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:34142 <-> DISABLED <-> SERVER-OTHER Oracle CorelDRAW file parser heap buffer overflow attempt (server-other.rules) * 1:35186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:32267 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 out of bounds array access attempt (browser-ie.rules) * 1:31651 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (server-webapp.rules) * 1:33807 <-> DISABLED <-> SERVER-MAIL Microsoft Exchange OWA X-OWA-CANARY command injection attempt (server-mail.rules) * 1:33798 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:32637 <-> DISABLED <-> PROTOCOL-TFTP UDP UFO large packet denial of service attempt (protocol-tftp.rules) * 1:34603 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34379 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox privilege escalation attempt (browser-ie.rules) * 1:32105 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX function call access (browser-plugins.rules) * 1:32844 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:33794 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33352 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 error handler XSS exploit attempt (browser-ie.rules) * 1:32789 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:33904 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:35616 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:33287 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer same origin policy bypass attempt (browser-ie.rules) * 1:32901 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules) * 1:34095 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtCreateTransactionManager type confusion attempt (os-windows.rules) * 1:33363 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:31583 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:33801 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:32351 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules) * 1:34353 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:32349 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:35130 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid table information disclosure attempt (file-office.rules) * 1:33814 <-> DISABLED <-> SERVER-OTHER ElasticSearch script remote code execution attempt (server-other.rules) * 1:35989 <-> DISABLED <-> FILE-EXECUTABLE NtGdiStretchBlt buffer overflow privilege escalation attempt (file-executable.rules) * 1:34789 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 CreateWindowEx privilege escalation attempt (os-windows.rules) * 1:35127 <-> DISABLED <-> BROWSER-IE Microsoft Windows Internet Explorer local file information disclosure attempt (browser-ie.rules) * 1:35282 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:33783 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33423 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CHeaderElement object use after free attempt (browser-ie.rules) * 1:35421 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:33006 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:35860 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime traf atom out of bounds read attempt (file-multimedia.rules) * 1:35189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:34777 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserMessageCall information disclosure attempt (os-windows.rules) * 1:35162 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:33784 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:35994 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop window privilege escalation attempt (os-windows.rules) * 1:34535 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PRC invalid index attempt (file-pdf.rules) * 1:33181 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:35175 <-> DISABLED <-> OS-WINDOWS DCOM DCE/RPC NTLM reflection elevation of privilege attempt (os-windows.rules) * 1:32699 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:35023 <-> DISABLED <-> FILE-MULTIMEDIA Apple Quicktime corrupt stbl atom out of bounds read attempt (file-multimedia.rules) * 1:34839 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:34099 <-> DISABLED <-> SERVER-OTHER Microsoft SharePoint projectdetails.aspx ret parameter XSS attempt (server-other.rules) * 1:34860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:32458 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer clipboardData unauthorized JavaScript read and write attempt (browser-ie.rules) * 1:33437 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font integer overflow attempt (file-other.rules) * 1:35772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:33733 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font atlmfd.dll uninitialized memory read attempt (file-other.rules) * 1:34962 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (server-webapp.rules) * 1:33973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed file cross domain policy bypass attempt (file-flash.rules) * 1:36010 <-> DISABLED <-> OS-WINDOWS Microsoft Windows task scheduler race condition attempt (os-windows.rules) * 1:33777 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:32263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Active X installer broker privilege elevation attempt (browser-ie.rules) * 1:34413 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetScrollBarInfo information disclosure attempt (os-windows.rules) * 1:33773 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CmpGetVirtualizationID race condition user impersonation attempt (os-windows.rules) * 1:34407 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox bypass attempt (browser-ie.rules) * 1:31652 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (server-webapp.rules) * 1:35995 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop window privilege escalation attempt (os-windows.rules) * 1:33770 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserfnINSTRINGNULL memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:34787 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context memory corruption attempt (file-other.rules) * 1:32146 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:34813 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:32811 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:33288 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer same origin policy bypass attempt (browser-ie.rules) * 1:34578 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:32144 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:34793 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:35376 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:34351 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:35419 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:32515 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:32799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:31956 <-> DISABLED <-> SERVER-WEBAPP Rejetto HttpFileServer command injection attempt (server-webapp.rules) * 1:32485 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer immutable application settings sandbox escape attempt (browser-ie.rules) * 1:33903 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:36432 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:34859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:36406 <-> DISABLED <-> OS-WINDOWS Microsoft Windows sandbox policy bypass attempt (os-windows.rules) * 1:32896 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX clsid access attempt (browser-plugins.rules) * 1:36277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:33156 <-> DISABLED <-> OS-WINDOWS CryptProtectMemory Impersonation Check Bypass attempt (os-windows.rules) * 1:33787 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:35707 <-> DISABLED <-> SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (server-webapp.rules) * 1:34088 <-> DISABLED <-> SERVER-IIS Web.config information disclosure attempt (server-iis.rules) * 1:32103 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX clsid access (browser-plugins.rules) * 1:32965 <-> DISABLED <-> OS-WINDOWS Microsoft Windows identity token authorization bypass attempt (os-windows.rules) * 1:36408 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:34123 <-> DISABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:34434 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET XML recursive call denial of service attempt (os-windows.rules) * 1:32437 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer document.URL override information disclosure attempt (browser-ie.rules) * 1:32777 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CheaderElement use after free attempt (browser-ie.rules) * 1:35354 <-> DISABLED <-> SERVER-WEBAPP Cacti graphs local_graph_id SQL injection attempt (server-webapp.rules) * 1:34838 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:32806 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:35377 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:34788 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 CreateWindowEx privilege escalation attempt (os-windows.rules) * 1:34837 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:32812 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:34814 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:33413 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer unitialized memory access attempt (browser-ie.rules) * 1:35107 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:32943 <-> DISABLED <-> FILE-OTHER Microsoft SYmbolic LinK stack overflow attempt (file-other.rules) * 1:34783 <-> DISABLED <-> OS-WINDOWS Microsoft Windows BrushAttributes use-after-free attempt (os-windows.rules) * 1:36020 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM SetValue sandbox bypass attempt (browser-ie.rules) * 1:36011 <-> DISABLED <-> OS-WINDOWS Microsoft Windows task scheduler race condition attempt (os-windows.rules) * 1:35022 <-> DISABLED <-> FILE-MULTIMEDIA Apple Quicktime corrupt stbl atom out of bounds read attempt (file-multimedia.rules) * 1:32076 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules) * 1:35129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid table information disclosure attempt (file-office.rules) * 1:35443 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:32790 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:34769 <-> DISABLED <-> SERVER-IIS Microsoft Active Directory Federation Services wct parameter cross site scripting attempt (server-iis.rules) * 1:35284 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:33320 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:32841 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (browser-plugins.rules) * 1:33805 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:34380 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox privilege escalation attempt (browser-ie.rules) * 1:35166 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF object remote code execution attempt (file-office.rules) * 1:32941 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:35135 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DeferWindowPos access after release code injection attempt (os-windows.rules) * 1:33898 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript iframe injection attempt (browser-ie.rules) * 1:31576 <-> DISABLED <-> FILE-IMAGE GIMP XWD RedMask file-handling stack buffer overflow attempt (file-image.rules) * 1:33720 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 sandbox bypass attempt (browser-ie.rules) * 1:32582 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules) * 1:33802 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:34752 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ieframe.dll privilege escalation attempt (browser-ie.rules) * 1:32895 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX function call access attempt (browser-plugins.rules) * 1:34069 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 invalid array element read attempt (browser-ie.rules) * 1:34858 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:32773 <-> DISABLED <-> SERVER-WEBAPP Symantec messaging gateway management console cross-site scripting attempt (server-webapp.rules) * 1:32842 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:36021 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM SetValue sandbox bypass attempt (browser-ie.rules) * 1:33180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:36414 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:34438 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Explorer .msc file stack overflow attempt (os-windows.rules) * 1:31670 <-> DISABLED <-> FILE-OTHER Symantec Endpoint Protection Sysplant kernel pool overflow exploit attempt (file-other.rules) * 1:34771 <-> DISABLED <-> OS-WINDOWS Microsoft Windows bitmap menu item use after free attempt (os-windows.rules) * 1:34147 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:32199 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 directory traversal attempt (server-other.rules) * 1:33577 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:36017 <-> DISABLED <-> OS-WINDOWS Microsoft Windows use after free kernel privilege escalation attempt (os-windows.rules) * 1:35567 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid mvhd atom size out of bounds read attempt (file-multimedia.rules) * 1:33652 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules) * 1:34836 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:32348 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:33321 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:34352 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:35562 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (file-multimedia.rules) * 1:31574 <-> DISABLED <-> FILE-IMAGE GIMP XWD BlueMask file-handling stack buffer overflow attempt (file-image.rules) * 1:34427 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:36278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:32104 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX function call access (browser-plugins.rules) * 1:32970 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules) * 1:33760 <-> DISABLED <-> FILE-IMAGE Microsoft Internet Explorer PNG tRNS chuck size 1 information disclosure attempt (file-image.rules) * 1:33414 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer unitialized memory access attempt (browser-ie.rules) * 1:35133 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox read permission bypass attempt (browser-ie.rules) * 1:32968 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules) * 1:34987 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:31943 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope EmailServlet directory traversal attempt (server-webapp.rules) * 1:34109 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:32886 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules) * 1:34786 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context memory corruption attempt (file-other.rules) * 1:36407 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:31844 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules) * 1:35150 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop reference use after free attempt (os-windows.rules) * 1:35629 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime tkhd atom matrix integer overflow attempt (file-multimedia.rules) * 1:33796 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33809 <-> DISABLED <-> SERVER-OTHER Microsoft Sharepoint user display name XSS attempt (server-other.rules) * 1:32483 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer pasteHTML use after free attempt (browser-ie.rules) * 1:32942 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:34644 <-> DISABLED <-> BROWSER-PLUGINS Schneider Electric Pelco Rvctl.RVControl.1 ActiveX clsid access attempt ActiveX function call (browser-plugins.rules) * 1:35161 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:31581 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:34443 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NTUserGetTitleBarInfo information disclosure attempt (os-windows.rules) * 1:32787 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:34306 <-> DISABLED <-> SERVER-WEBAPP Subversion HTTP excessive REPORT requests denial of service attempt (server-webapp.rules) * 1:33048 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebdavRedirector privilege escalation attempt (os-windows.rules) * 1:34585 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:36067 <-> DISABLED <-> SERVER-OTHER ElasticSearch script remote code execution attempt (server-other.rules) * 1:33806 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:35859 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime traf atom out of bounds read attempt (file-multimedia.rules) * 1:34480 <-> DISABLED <-> FILE-EXECUTABLE Adobe Flash Player Internet Explorer broker process directory traversal attempt (file-executable.rules) * 1:33343 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 x64 linked cursor double free attempt (os-windows.rules) * 1:32377 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules) * 1:35131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserDisableProcessWindowFiltering information disclosure attempt (os-windows.rules) * 1:35748 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:35805 <-> DISABLED <-> FILE-EXECUTABLE Adobe Reader NtSetInformationFile privilege escalation attempt (file-executable.rules) * 1:33009 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules) * 1:35807 <-> DISABLED <-> FILE-PDF Adobe Reader validation bypass privilege escalation attempt (file-pdf.rules) * 1:34573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:32157 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 CMarkup GetMarkupTitle use-after-free attempt (browser-ie.rules) * 1:31799 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTableCell Use After Free exploit attempt (browser-ie.rules) * 1:33769 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserfnINSTRINGNULL memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:32516 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:31942 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Admin Service FileUploadServlet directory traversal attempt (server-webapp.rules) * 1:32682 <-> DISABLED <-> SERVER-WEBAPP Microsoft Outlook Web Access parameter cross site scripting attempt (server-webapp.rules) * 1:32056 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:33797 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:35513 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtGdiGetTextMetricsW TEXTMETRICW kernel mode ASLR bypass attempt (os-windows.rules) * 1:35108 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:31845 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules) * 1:32350 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules) * 1:36446 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (os-windows.rules) * 1:32266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 out of bounds array access attempt (browser-ie.rules) * 1:33768 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserFnINOUTNCCALCSIZE kernel memory leak attempt (os-windows.rules) * 1:33657 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules) * 1:35444 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:35640 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object after free attempt (file-flash.rules) * 1:32897 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX function call access attempt (browser-plugins.rules) * 1:32797 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:31747 <-> DISABLED <-> SERVER-WEBAPP Gitlab ssh key upload command injection attempt (server-webapp.rules) * 1:34494 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:34785 <-> DISABLED <-> OS-WINDOWS Microsoft Windows window placement invalid memory write attempt (os-windows.rules) * 1:31610 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:35818 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server RenameFile method directory traversal attempt (server-webapp.rules) * 1:33782 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:35187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:33011 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules) * 1:32459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer clipboardData unauthorized JavaScript read and write attempt (browser-ie.rules) * 1:35440 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:31674 <-> DISABLED <-> FILE-FLASH Adobe Flash Broker write to junction exploit attempt (file-flash.rules) * 1:32320 <-> DISABLED <-> BROWSER-CHROME Google Chrome Blink locationAttributeSetter use after free attempt (browser-chrome.rules) * 1:35747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:34575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34861 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:36413 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:34141 <-> DISABLED <-> SERVER-OTHER Oracle CorelDRAW file parser heap buffer overflow attempt (server-other.rules) * 1:32142 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:35167 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF object remote code execution attempt (file-office.rules) * 1:34960 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (server-webapp.rules) * 1:33779 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33785 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33441 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules) * 1:36445 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (os-windows.rules) * 1:33676 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway restore.php command injection attempt (server-webapp.rules) * 1:34643 <-> DISABLED <-> BROWSER-PLUGINS Schneider Electric Pelco Rvctl.RVControl.1 ActiveX clsid access attempt ActiveX clsid access (browser-plugins.rules) * 1:33442 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules) * 1:35311 <-> DISABLED <-> SERVER-WEBAPP Centreon getStats.php command injection attempt (server-webapp.rules) * 1:34784 <-> DISABLED <-> OS-WINDOWS Microsoft Windows window placement invalid memory write attempt (os-windows.rules) * 1:33308 <-> DISABLED <-> FILE-OTHER Microsoft Visio packed object parsing memory corruption attempt (file-other.rules) * 1:34493 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:33780 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:34586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:35132 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserDisableProcessWindowFiltering information disclosure attempt (os-windows.rules) * 1:33789 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:34576 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:35420 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:31860 <-> DISABLED <-> SERVER-OTHER Apple CUPS web interface cross site scripting attempt (server-other.rules) * 1:34775 <-> DISABLED <-> OS-WINDOWS Microsoft Windows multiple linked fonts memory corruption attempt (os-windows.rules) * 1:33683 <-> DISABLED <-> SERVER-OTHER PHP unserialize use after free attempt (server-other.rules) * 1:32143 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:34981 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (server-webapp.rules) * 1:33767 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserFnINOUTNCCALCSIZE kernel memory leak attempt (os-windows.rules) * 1:32822 <-> DISABLED <-> FILE-PDF Cross Domain potentially malicious redirection attempt (file-pdf.rules) * 1:32518 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer registry symbolic link attack attempt (file-other.rules) * 1:32381 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules) * 1:32810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:33771 <-> DISABLED <-> FILE-OTHER Microsoft Windows jxr information disclosure attempt (file-other.rules) * 1:33804 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:34234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:35687 <-> DISABLED <-> SERVER-WEBAPP Semantec Endpoint Protection Manager server elevated privilege code execution attempt (server-webapp.rules) * 1:36448 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSharedStyle object out-of-bounds read attempt (browser-ie.rules) * 1:34979 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (server-webapp.rules) * 1:33424 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CHeaderElement object use after free attempt (browser-ie.rules) * 1:35561 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (file-multimedia.rules) * 1:32966 <-> DISABLED <-> OS-WINDOWS Microsoft Windows identity token authorization bypass attempt (os-windows.rules) * 1:32057 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules) * 1:34529 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader AVDoc use-after-free attempt (file-pdf.rules) * 1:32265 <-> DISABLED <-> BROWSER-IE ActiveX installer broker object sandbox escape attempt (browser-ie.rules) * 1:34773 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MOTW.dll sandbox escape attempt (browser-ie.rules) * 1:33319 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:34472 <-> DISABLED <-> SERVER-WEBAPP Symantec Critical System Protection SQL injection attempt (server-webapp.rules) * 1:33810 <-> DISABLED <-> SERVER-OTHER Microsoft Exchange Server custom DLP policy name cross-site scripting attempt (server-other.rules) * 1:35806 <-> DISABLED <-> FILE-EXECUTABLE Adobe Reader NtSetInformationFile privilege escalation attempt (file-executable.rules) * 1:34812 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:32800 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:33761 <-> DISABLED <-> FILE-IMAGE Microsoft Internet Explorer PNG tRNS chuck size 1 information disclosure attempt (file-image.rules) * 1:32276 <-> DISABLED <-> SERVER-WEBAPP WordPress Infusionsoft Gravity Forms Plugin arbitrary code execution attempt (server-webapp.rules) * 1:35134 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox read permission bypass attempt (browser-ie.rules) * 1:34780 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context visible region memory corruption attempt (file-other.rules) * 1:33786 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:34350 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:32843 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:35163 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:34096 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtCreateTransactionManager type confusion attempt (os-windows.rules) * 1:34774 <-> DISABLED <-> OS-WINDOWS Microsoft Windows multiple linked fonts memory corruption attempt (os-windows.rules) * 1:35563 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime esds atom buffer overread attempt (file-multimedia.rules) * 1:34393 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:35160 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:35283 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:32102 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX clsid access (browser-plugins.rules) * 1:34392 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer TextData out of bounds read attempt (browser-ie.rules) * 1:33803 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:32346 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules) * 1:31624 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EventListener use after free attempt (browser-ie.rules) * 1:35998 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer msGetRegionContent memory corruption attempt (browser-ie.rules) * 1:35641 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (file-flash.rules) * 1:36562 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:36559 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:36479 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:36560 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:34889 <-> DISABLED <-> SERVER-OTHER OpenSSL denial-of-service via crafted x.509 certificate attempt (server-other.rules) * 1:36459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:36477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:36476 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:36463 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack Server opcode 1332 buffer overflow attempt (server-other.rules) * 1:31749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player marshallException through JavaScript XSS attempt (file-flash.rules) * 1:33205 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC 2.1.5 Media Player libavcodex memory corruption attempt (file-multimedia.rules) * 1:33160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVM2 opcode type confusion denial of service attempt (file-flash.rules) * 1:34579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:33772 <-> DISABLED <-> FILE-OTHER Microsoft Windows jxr information disclosure attempt (file-other.rules) * 1:35987 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserSetWindowsHook memory disclosure attempt (os-windows.rules) * 1:34580 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:33792 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:31677 <-> DISABLED <-> FILE-FLASH Adobe Flash Broker write to junction exploit attempt (file-flash.rules) * 1:33012 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules) * 1:32492 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer information disclosure attempt (browser-ie.rules) * 1:31623 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EventListener use after free attempt (browser-ie.rules) * 1:34391 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer TextData out of bounds read attempt (browser-ie.rules) * 1:32044 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules) * 1:33213 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader newfunction memory corruption attempt (file-pdf.rules) * 1:32436 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer document.URL override information disclosure attempt (browser-ie.rules) * 1:33049 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebdavRedirector privilege escalation attempt (os-windows.rules) * 1:35731 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV invalid character argument injection attempt (os-windows.rules) * 1:32807 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32778 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CheaderElement use after free attempt (browser-ie.rules) * 1:32730 <-> DISABLED <-> FILE-OTHER Microsoft Windows XP .theme file remote code execution attempt (file-other.rules) * 1:34528 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader AVDoc use-after-free attempt (file-pdf.rules) * 1:33717 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Task Scheduler access control bypass attempt (os-windows.rules) * 1:33682 <-> DISABLED <-> SERVER-OTHER PHP unserialize use after free attempt (server-other.rules) * 1:35709 <-> DISABLED <-> SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (server-webapp.rules) * 1:35785 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm null pointer dereference attempt (file-pdf.rules) * 1:34533 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader customDictionaryExport information disclosure attempt (file-pdf.rules) * 1:36280 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:34394 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:34984 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:33355 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys use-after-free attempt (os-windows.rules) * 1:32063 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:33658 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules) * 1:33800 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:34148 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:33615 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules) * 1:32902 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules) * 1:33790 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:34098 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML3 external entity injection attempt (browser-ie.rules) * 1:36028 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Win32k.sys use after free attempt (os-windows.rules) * 1:33007 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:32720 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer element type confusion use after free attempt (browser-ie.rules) * 1:34097 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML3 external entity injection attempt (browser-ie.rules) * 1:31818 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral statusUpdate servlet directory traversal attempt (server-webapp.rules) * 1:32693 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS out-of-bounds buffer access attempt (browser-ie.rules) * 1:35514 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtGdiGetTextMetricsW TEXTMETRICW kernel mode ASLR bypass attempt (os-windows.rules) * 1:33206 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC 2.1.5 Media Player libavcodex memory corruption attempt (file-multimedia.rules) * 1:34986 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:32960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:34751 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ieframe.dll privilege escalation attempt (browser-ie.rules) * 1:33795 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:32788 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:32517 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:34232 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:10192 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX clsid access (browser-plugins.rules) * 1:36563 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:36606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36607 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36608 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36615 <-> DISABLED <-> SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (server-webapp.rules) * 1:36616 <-> DISABLED <-> SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (server-webapp.rules) * 1:36617 <-> DISABLED <-> SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (server-webapp.rules) * 1:36693 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer style object stylesheet use after free attempt (browser-ie.rules) * 1:36694 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer style object stylesheet use after free attempt (browser-ie.rules) * 1:4155 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer htmlfile ActiveX object access attempt (browser-plugins.rules) * 1:7002 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel url unicode overflow attempt (file-office.rules) * 1:10193 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX function call access (browser-plugins.rules) * 1:10194 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX function call access (browser-plugins.rules) * 1:1118 <-> DISABLED <-> SERVER-WEBAPP ls 20-l (server-webapp.rules) * 1:11259 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX clsid access (browser-plugins.rules) * 1:11261 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX function call access (browser-plugins.rules) * 1:12746 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules) * 1:12766 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX clsid access (browser-plugins.rules) * 1:12767 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules) * 1:13287 <-> DISABLED <-> OS-WINDOWS Windows remote kernel tcp/ip igmp vulnerability exploit attempt (os-windows.rules) * 1:13471 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher invalid pathname overwrite attempt (file-office.rules) * 1:13523 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules) * 1:13525 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules) * 1:13975 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Event System ActiveX clsid access (browser-plugins.rules) * 1:13977 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Event System ActiveX function call access (browser-plugins.rules) * 1:13979 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Event System Subscription VBScript access (os-windows.rules) * 1:14037 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules) * 1:14038 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules) * 1:14769 <-> DISABLED <-> SERVER-OTHER DATAC RealWin SCADA System buffer overflow attempt (server-other.rules) * 1:15266 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:15456 <-> DISABLED <-> SERVER-OTHER WinHTTP SSL/TLS impersonation attempt (server-other.rules) * 1:15470 <-> DISABLED <-> FILE-EXECUTABLE IIS ASP/ASP.NET potentially malicious file upload attempt (file-executable.rules) * 1:15522 <-> DISABLED <-> SERVER-OTHER Active Directory invalid OID denial of service attempt (server-other.rules) * 1:15683 <-> DISABLED <-> SERVER-OTHER ISA Server OTP-based Forms-authorization fallback policy bypass attempt (server-other.rules) * 1:15727 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules) * 1:15851 <-> DISABLED <-> SERVER-IIS Microsoft ASP.NET bad request denial of service attempt (server-iis.rules) * 1:15974 <-> DISABLED <-> SERVER-IIS Microsoft IIS ASP handling buffer overflow attempt (server-iis.rules) * 1:16150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer variant argument validation remote code execution attempt (browser-ie.rules) * 1:16158 <-> DISABLED <-> OS-WINDOWS malformed ASF codec memory corruption attempt (os-windows.rules) * 1:16179 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET MSIL CLR interface multiple instantiation attempt (file-executable.rules) * 1:16182 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET MSIL stack corruption attempt (file-executable.rules) * 1:16188 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint bad text header txttype attempt (file-office.rules) * 1:16228 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed StartObject record arbitrary code execution attempt (file-office.rules) * 1:16237 <-> DISABLED <-> SERVER-OTHER Microsoft Active Directory NTDSA stack space exhaustion attempt (server-other.rules) * 1:16326 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 DOM memory corruption attempt (browser-ie.rules) * 1:16329 <-> DISABLED <-> SERVER-OTHER Microsoft Internet Authentication Service EAP-MSCHAPv2 authentication bypass attempt (server-other.rules) * 1:16337 <-> DISABLED <-> FILE-FLASH Adobe Flash Player directory traversal attempt (file-flash.rules) * 1:16353 <-> DISABLED <-> FILE-MULTIMEDIA FFmpeg OGV file format memory corruption attempt (file-multimedia.rules) * 1:16366 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules) * 1:16367 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules) * 1:16369 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt - public exploit (browser-ie.rules) * 1:16371 <-> DISABLED <-> BROWSER-PLUGINS NOS Microsystems Adobe atl_getcom ActiveX clsid access (browser-plugins.rules) * 1:16377 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:16378 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object cells reference memory corruption vulnerability (browser-ie.rules) * 1:16405 <-> DISABLED <-> PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Prefix Information stack buffer overflow attempt (protocol-icmp.rules) * 1:16409 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules) * 1:16410 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint file LinkedSlide10Atom record parsing heap corruption attempt (file-office.rules) * 1:16411 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:16412 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid TextByteAtom remote code execution attempt (file-office.rules) * 1:16414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Shell Handler remote code execution attempt (os-windows.rules) * 1:16416 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules) * 1:16419 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Data Analyzer 3.5 ActiveX clsid access (browser-plugins.rules) * 1:16421 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:16422 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Paint JPEG with malformed SOFx field integer overflow attempt (file-image.rules) * 1:16438 <-> DISABLED <-> SERVER-ORACLE WebLogic Server Node Manager arbitrary command execution attempt (server-oracle.rules) * 1:16461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules) * 1:16462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 formulas from records parsing code execution attempt (file-office.rules) * 1:16463 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 formulas from records parsing code execution attempt (file-office.rules) * 1:16464 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ContinueFRT12 heap overflow attempt (file-office.rules) * 1:16465 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ContinueFRT12 and MDXSet heap overflow attempt (file-office.rules) * 1:16466 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel uninitialized stack variable code execution attempt (file-office.rules) * 1:16467 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 1 (file-office.rules) * 1:16468 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 2 (file-office.rules) * 1:16469 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (file-office.rules) * 1:16470 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:16471 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:16492 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari inline text box use after free attempt (browser-webkit.rules) * 1:16501 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - TrueType (browser-firefox.rules) * 1:16502 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - CFF-based (browser-firefox.rules) * 1:16503 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (browser-ie.rules) * 1:16504 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 7 encoded content handling exploit attempt (browser-ie.rules) * 1:16505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML parsing memory corruption attempt (browser-ie.rules) * 1:16506 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:16507 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onreadystatechange memory corruption attempt (browser-ie.rules) * 1:16508 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 non-IE8 compatibility mode htmltime remote code execution attempt (browser-ie.rules) * 1:16509 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer designMode-enabled information disclosure attempt (browser-ie.rules) * 1:16510 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by CLSID (browser-plugins.rules) * 1:16511 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by ProgID (browser-plugins.rules) * 1:16512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed span/div html document heap corruption attempt (browser-ie.rules) * 1:16534 <-> DISABLED <-> SERVER-OTHER Windows Server2000/2003/2008 SMTP service DNS MX lookup denial of service attempt (server-other.rules) * 1:16537 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (browser-plugins.rules) * 1:16541 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Service stack overflow attempt (os-windows.rules) * 1:16542 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules) * 1:16543 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player codec code execution attempt (file-multimedia.rules) * 1:16545 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules) * 1:16546 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader/Acrobat Pro CFF font parsing heap overflow attempt (file-pdf.rules) * 1:16549 <-> DISABLED <-> FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - npruntime-scriptable-plugin (file-other.rules) * 1:16550 <-> DISABLED <-> FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - java-deployment-toolkit (file-other.rules) * 1:16561 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 1 (file-image.rules) * 1:16562 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 2 (file-image.rules) * 1:16563 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 3 (file-image.rules) * 1:16564 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 4 (file-image.rules) * 1:16576 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix AgentX receive_agentx stack buffer overflow attempt (server-other.rules) * 1:16577 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMBv2 compound request DoS attempt (os-windows.rules) * 1:16584 <-> DISABLED <-> BROWSER-IE Oracle Java Web Start arbitrary command execution attempt - Internet Explorer (browser-ie.rules) * 1:16593 <-> DISABLED <-> FILE-OFFICE Microsoft VBE6.dll stack corruption attempt (file-office.rules) * 1:16595 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail remote code execution attempt (server-mail.rules) * 1:16603 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Linux malformed U3D mesh deceleration block exploit attempt (file-pdf.rules) * 1:16631 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after remove attempt (browser-webkit.rules) * 1:16632 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after reparent attempt (browser-webkit.rules) * 1:16633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules) * 1:16634 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules) * 1:16635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:16638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules) * 1:16639 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules) * 1:16640 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules) * 1:16641 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules) * 1:16643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (file-office.rules) * 1:16644 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules) * 1:16645 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:16646 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules) * 1:16647 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 2 (file-office.rules) * 1:16648 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 1 (file-office.rules) * 1:16650 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 1 (file-office.rules) * 1:16651 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 2 (file-office.rules) * 1:16652 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 3 (file-office.rules) * 1:16653 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 4 (file-office.rules) * 1:16654 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules) * 1:16655 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lbl record stack overflow attempt (file-office.rules) * 1:16656 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 ExternSheet record stack overflow attempt (file-office.rules) * 1:16657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DBQueryExt record memory corruption attempt (file-office.rules) * 1:16658 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 cross-site scripting attempt (browser-ie.rules) * 1:16659 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules) * 1:16661 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules) * 1:16664 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules) * 1:16665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Help Centre escape sequence XSS attempt (os-windows.rules) * 1:16667 <-> DISABLED <-> BROWSER-CHROME Google Chrome GURL cross origin bypass attempt (browser-chrome.rules) * 1:16668 <-> DISABLED <-> BROWSER-CHROME Google Chrome GURL cross origin bypass attempt (browser-chrome.rules) * 1:16673 <-> DISABLED <-> FILE-OTHER Adobe Shockwave DIR file PAMI chunk code execution attempt (file-other.rules) * 1:16674 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:16680 <-> DISABLED <-> APP-DETECT Tandberg VCS SSH default key (app-detect.rules) * 1:16721 <-> DISABLED <-> FILE-OTHER Orbital Viewer .orb stack buffer overflow attempt (file-other.rules) * 1:16767 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player SceneURL ActiveX clsid access (browser-plugins.rules) * 1:16769 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player ActiveX function call access (browser-plugins.rules) * 1:16771 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player WindsPlayerIE.View.1 ActiveX SceneURL method overflow attempt (browser-plugins.rules) * 1:16772 <-> DISABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX clsid access (browser-plugins.rules) * 1:16774 <-> DISABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX function call access (browser-plugins.rules) * 1:16776 <-> DISABLED <-> BROWSER-PLUGINS KeyWorks KeyHelp ActiveX control JumpURL method access attempt (browser-plugins.rules) * 1:16785 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Winds3D Player SceneURL method command execution attempt (browser-plugins.rules) * 1:16801 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll remote memory corruption denial of service attempt (file-pdf.rules) * 1:17034 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt (file-office.rules) * 1:17035 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt (file-office.rules) * 1:17036 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt (file-office.rules) * 1:17038 <-> DISABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 1 (file-office.rules) * 1:17039 <-> DISABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 2 (file-office.rules) * 1:17041 <-> DISABLED <-> SERVER-OTHER ISA Server OTP-based Forms-authorization fallback policy bypass attempt (server-other.rules) * 1:17110 <-> DISABLED <-> APP-DETECT VxWorks remote debugging agent login attempt (app-detect.rules) * 1:17114 <-> DISABLED <-> OS-WINDOWS Microsoft SilverLight ImageSource remote code execution attempt (os-windows.rules) * 1:17117 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-multimedia.rules) * 1:17118 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET CreateDelegate method arbitrary code execution attempt (file-executable.rules) * 1:17119 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority SPRM overflow attempt (file-office.rules) * 1:17120 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules) * 1:17121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules) * 1:17122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules) * 1:17123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format invalid field size memory corruption attempt (file-office.rules) * 1:17124 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word malformed table record memory corruption attempt (file-office.rules) * 1:17126 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB large session length with small packet (os-windows.rules) * 1:17128 <-> DISABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules) * 1:17130 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution (browser-ie.rules) * 1:17131 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 parent style rendering arbitrary code execution (browser-ie.rules) * 1:17132 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access attempt (browser-ie.rules) * 1:17133 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:17134 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:17135 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules) * 1:17136 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6 race condition exploit attempt (browser-ie.rules) * 1:17140 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:17141 <-> DISABLED <-> FILE-FLASH Adobe Flash invalid data precision arbitrary code execution exploit attempt (file-flash.rules) * 1:17142 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules) * 1:17143 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 1 (file-image.rules) * 1:17144 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 2 (file-image.rules) * 1:17145 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ASL file processing buffer overflow attempt (file-image.rules) * 1:17146 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 GRD file processing buffer overflow attempt (file-image.rules) * 1:17147 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt (file-image.rules) * 1:17153 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 1 (browser-firefox.rules) * 1:17154 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 2 (browser-firefox.rules) * 1:17155 <-> DISABLED <-> SERVER-OTHER Multiple vendors OPIE off-by-one stack buffer overflow attempt (server-other.rules) * 1:17165 <-> DISABLED <-> BROWSER-OTHER Opera browser document writing uninitialized memory access attempt (browser-other.rules) * 1:17167 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 1 ActiveX clsid access (browser-plugins.rules) * 1:17169 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 2 ActiveX clsid access (browser-plugins.rules) * 1:17171 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 3 ActiveX clsid access (browser-plugins.rules) * 1:17173 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 4 ActiveX clsid access (browser-plugins.rules) * 1:17175 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 5 ActiveX clsid access (browser-plugins.rules) * 1:17177 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 6 ActiveX clsid access (browser-plugins.rules) * 1:17179 <-> DISABLED <-> FILE-OTHER Adobe Director file pamm record exploit attempt (file-other.rules) * 1:17180 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules) * 1:17181 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules) * 1:17182 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules) * 1:17183 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules) * 1:17184 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules) * 1:17185 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17186 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17187 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17188 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17189 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17190 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17191 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17192 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17193 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17194 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC tag exploit attempt (file-other.rules) * 1:17196 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules) * 1:17197 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules) * 1:17198 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules) * 1:17200 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM overflow attempt (file-other.rules) * 1:17202 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:17203 <-> DISABLED <-> FILE-OTHER Adobe Director file file rcsL overflow attempt (file-other.rules) * 1:17204 <-> DISABLED <-> FILE-OTHER Adobe Director file mmap overflow attempt (file-other.rules) * 1:17205 <-> DISABLED <-> PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - udp (protocol-rpc.rules) * 1:17206 <-> DISABLED <-> PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - tcp (protocol-rpc.rules) * 1:17211 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime marshaled punk remote code execution (file-multimedia.rules) * 1:17239 <-> DISABLED <-> SERVER-MAIL Multiple IMAP server CREATE command buffer overflow attempt (server-mail.rules) * 1:17240 <-> DISABLED <-> SERVER-MAIL Multiple IMAP server literal CREATE command buffer overflow attempt (server-mail.rules) * 1:17252 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Print Spooler arbitrary file write attempt (os-windows.rules) * 1:17256 <-> DISABLED <-> OS-WINDOWS Microsoft Windows uniscribe fonts parsing memory corruption attempt (os-windows.rules) * 1:17257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and Reader remote code execution attempt (file-flash.rules) * 1:17609 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:17660 <-> DISABLED <-> SERVER-OTHER Oracle Java Web Start arbitrary command execution attempt (server-other.rules) * 1:17674 <-> DISABLED <-> BROWSER-PLUGINS Skype Extras Manager ActiveX clsid access (browser-plugins.rules) * 1:17676 <-> DISABLED <-> BROWSER-PLUGINS Skype Extras Manager ActiveX function call access (browser-plugins.rules) * 1:17696 <-> DISABLED <-> PROTOCOL-DNS Microsoft Windows DNS Server ANY query cache weakness (protocol-dns.rules) * 1:17723 <-> DISABLED <-> OS-WINDOWS possible SMB replay attempt - overlapping encryption keys detected (os-windows.rules) * 1:17742 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules) * 1:17747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer compressed HDMX font processing integer overflow attempt (browser-ie.rules) * 1:17754 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word bookmark bound check remote code execution attempt (file-office.rules) * 1:17755 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (file-office.rules) * 1:17756 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XP PLFLSInTableStream heap overflow attempt (file-office.rules) * 1:17757 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel CrErr record integer overflow attempt (file-office.rules) * 1:17758 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules) * 1:17759 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid SerAr object exploit attempt (file-office.rules) * 1:17760 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules) * 1:17763 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel GhostRw record exploit attempt (file-office.rules) * 1:17764 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:17768 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 object event handler use after free exploit attempt (browser-ie.rules) * 1:17769 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CSS invalid mapping exploit attempt (browser-ie.rules) * 1:17770 <-> DISABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules) * 1:17773 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player Firefox plugin memory corruption attempt (file-multimedia.rules) * 1:17803 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:17804 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules) * 1:17806 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:17807 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:17808 <-> DISABLED <-> FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (file-flash.rules) * 1:18064 <-> DISABLED <-> BROWSER-PLUGINS Microsoft .NET framework EntityObject execution attempt (browser-plugins.rules) * 1:18065 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules) * 1:18066 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules) * 1:18068 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (file-office.rules) * 1:18069 <-> DISABLED <-> FILE-OFFICE Microsoft Office Art drawing invalid shape identifier attempt (file-office.rules) * 1:18070 <-> DISABLED <-> FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt (file-office.rules) * 1:18071 <-> DISABLED <-> FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt (file-office.rules) * 1:18097 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:18102 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules) * 1:18180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript remote code execution attempt (file-flash.rules) * 1:18196 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (browser-ie.rules) * 1:18197 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:18198 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:18199 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:18200 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:18202 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book smmscrpt.dll malicious DLL load (os-windows.rules) * 1:18203 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book smmscrpt.dll malicious DLL load (os-windows.rules) * 1:18204 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (os-windows.rules) * 1:18205 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (os-windows.rules) * 1:18206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (os-windows.rules) * 1:18207 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (os-windows.rules) * 1:18208 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wininet peerdist.dll dll-load exploit attempt (os-windows.rules) * 1:18212 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher tyo.oty field heap overflow attempt (file-office.rules) * 1:18213 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher column and row remote code execution attempt (file-office.rules) * 1:18214 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 97 conversion remote code execution attempt (file-office.rules) * 1:18216 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6 #default#anim attempt (browser-ie.rules) * 1:18217 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer select element memory corruption attempt (browser-ie.rules) * 1:18218 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer time element memory corruption attempt (browser-ie.rules) * 1:18220 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malformed character glyph remote code execution attempt (os-windows.rules) * 1:18221 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table remote code execution attempt (browser-ie.rules) * 1:18222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules) * 1:18224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules) * 1:18227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18229 <-> DISABLED <-> FILE-IMAGE Microsoft FlashPix tile length overflow attempt (file-image.rules) * 1:18230 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher memory corruption attempt (file-office.rules) * 1:18231 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher oversized oti length attempt (file-office.rules) * 1:18233 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Adobe Font Driver code execution attempt (file-office.rules) * 1:18235 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules) * 1:18236 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFFIM32.FLT filter memory corruption attempt (file-office.rules) * 1:18237 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Flashpix graphics filter fpx32.flt remote code execution attempt (file-image.rules) * 1:18240 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (browser-ie.rules) * 1:18241 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:18242 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules) * 1:18243 <-> DISABLED <-> SERVER-IIS Microsoft Windows 7 IIS7.5 FTPSVC buffer overflow attempt (server-iis.rules) * 1:18244 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules) * 1:18245 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java browser plugin docbase overflow attempt (browser-plugins.rules) * 1:18249 <-> DISABLED <-> PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Route Information stack buffer overflow attempt (protocol-icmp.rules) * 1:18265 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:18276 <-> DISABLED <-> FILE-OTHER Microsoft Data Access Components library attempt (file-other.rules) * 1:18277 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (os-windows.rules) * 1:18278 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (os-windows.rules) * 1:18280 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer oversize recordset object cache size exploit attempt (browser-ie.rules) * 1:18308 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (file-pdf.rules) * 1:18323 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX clsid access (browser-plugins.rules) * 1:18324 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX function call access (browser-plugins.rules) * 1:18327 <-> DISABLED <-> PROTOCOL-SCADA Kingview HMI heap overflow attempt (protocol-scada.rules) * 1:18329 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules) * 1:18398 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:18400 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CRSS local process allowed to persist through logon or logoff attempt (os-windows.rules) * 1:18401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Base64 encoded script overflow attempt (browser-ie.rules) * 1:18402 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD Adobe font driver remote code execution attempt (file-other.rules) * 1:18404 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer document.insertBefore memory corruption attempt (browser-ie.rules) * 1:18409 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys write message to dead thread code execution attempt (os-windows.rules) * 1:18410 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys write message to dead thread code execution attempt (os-windows.rules) * 1:18411 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k!xxxTrackPopupMenuEx privilege escalation attempt (os-windows.rules) * 1:18412 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k!xxxTrackPopupMenuEx privilege escalation attempt (os-windows.rules) * 1:18414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos auth downgrade to DES MITM attempt (os-windows.rules) * 1:18415 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio deserialization double free attempt (file-office.rules) * 1:18416 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (file-office.rules) * 1:18417 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (file-office.rules) * 1:18418 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript apply function memory corruption attempt (file-flash.rules) * 1:18419 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader field flags exploit attempt (file-pdf.rules) * 1:18420 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript ASnative function remote code execution attempt (file-flash.rules) * 1:18421 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript beginGradientFill memory corruption attempt (file-flash.rules) * 1:18448 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules) * 1:18449 <-> DISABLED <-> FILE-OTHER Adobe Acrobat font definition memory corruption attempt (file-other.rules) * 1:18450 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed BMP RGBQUAD attempt (file-pdf.rules) * 1:18451 <-> DISABLED <-> FILE-PDF Adobe Acrobat ICC color integer overflow attempt (file-pdf.rules) * 1:18453 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:18454 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:18455 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed jpeg2000 superbox attempt (file-pdf.rules) * 1:18457 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules) * 1:18460 <-> DISABLED <-> SERVER-WEBAPP Symantec Alert Management System pin number buffer overflow attempt (server-webapp.rules) * 1:18461 <-> DISABLED <-> SERVER-MAIL IBM Lotus Domino nrouter.exe iCalendar MAILTO stack buffer overflow attempt (server-mail.rules) * 1:18462 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules) * 1:18463 <-> DISABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules) * 1:18488 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules) * 1:18489 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules) * 1:18496 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension ehtrace.dll dll-load exploit attempt (os-windows.rules) * 1:18497 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension ehtrace.dll dll-load exploit attempt (os-windows.rules) * 1:18498 <-> DISABLED <-> FILE-OTHER Microsoft Media Player dvr-ms file parsing remote code execution attempt (file-other.rules) * 1:18499 <-> DISABLED <-> OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (os-windows.rules) * 1:18500 <-> DISABLED <-> OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (os-windows.rules) * 1:18501 <-> DISABLED <-> OS-WINDOWS Microsoft Malware Protection Engine elevation of privilege attempt (os-windows.rules) * 1:18502 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Actionlf out of range negative offset attempt (file-flash.rules) * 1:18503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript flash.geom.Point constructor memory corruption attempt (file-flash.rules) * 1:18504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionConstantPool overflow attempt (file-flash.rules) * 1:18505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionPush overflow attempt (file-flash.rules) * 1:18506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules) * 1:18507 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules) * 1:18525 <-> DISABLED <-> SERVER-OTHER Lotus Domino LDAP Heap Buffer Overflow Attempt (server-other.rules) * 1:18529 <-> DISABLED <-> FILE-OTHER Adobe Premiere Pro ibfs32.dll dll-load exploit attempt (file-other.rules) * 1:18530 <-> DISABLED <-> FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt (file-other.rules) * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules) * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules) * 1:18536 <-> DISABLED <-> FILE-OFFICE OpenOffice.org Microsoft Office Word file processing integer underflow attempt (file-office.rules) * 1:18537 <-> DISABLED <-> FILE-OTHER OpenOffice.org XPM file processing integer overflow attempt (file-other.rules) * 1:18538 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:18539 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (browser-ie.rules) * 1:18541 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 3 (file-office.rules) * 1:18542 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (browser-plugins.rules) * 1:18543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:18544 <-> DISABLED <-> FILE-FLASH embedded Shockwave dropper in email attachment (file-flash.rules) * 1:18557 <-> DISABLED <-> PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (protocol-rpc.rules) * 1:18558 <-> DISABLED <-> PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (protocol-rpc.rules) * 1:18559 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules) * 1:18560 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules) * 1:18578 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL cdda URI overflow attempt (browser-plugins.rules) * 1:18611 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:18612 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:18613 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:18624 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET framework optimizer escalation attempt (os-windows.rules) * 1:18630 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (file-office.rules) * 1:18631 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (file-office.rules) * 1:18632 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed Label record exploit attempt (file-office.rules) * 1:18634 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (file-office.rules) * 1:18635 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:18636 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint SlideAtom record exploit attempt (file-office.rules) * 1:18637 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint OfficeArt atom memory corruption attempt (file-office.rules) * 1:18638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:18642 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules) * 1:18643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules) * 1:18644 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType Fonts CompactFontFormat FontMatrix tranform memory corruption attempt (file-other.rules) * 1:18645 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (file-image.rules) * 1:18648 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file upload/download attempt (protocol-scada.rules) * 1:18649 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file operation overflow attempt (protocol-scada.rules) * 1:18651 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe report template overflow attempt (protocol-scada.rules) * 1:18654 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe format string attempt (protocol-scada.rules) * 1:18656 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe strep overflow attempt (protocol-scada.rules) * 1:18657 <-> DISABLED <-> PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (protocol-scada.rules) * 1:18659 <-> DISABLED <-> PROTOCOL-SCADA RealWin 2.1 SCPC_INITIALIZE overflow attempt (protocol-scada.rules) * 1:18668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (browser-plugins.rules) * 1:18670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:18671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:18672 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-ie.rules) * 1:18679 <-> DISABLED <-> SERVER-OTHER Oracle Java Applet2ClassLoader Remote Code Execution (server-other.rules) * 1:18740 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules) * 1:18745 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs buffer overflow attempt (server-webapp.rules) * 1:18754 <-> DISABLED <-> SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (server-other.rules) * 1:18755 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Data Type Memory Corruption (file-office.rules) * 1:18759 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - POST (server-webapp.rules) * 1:18760 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - GET (server-webapp.rules) * 1:18764 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules) * 1:18768 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent RRULE parsing buffer overflow attempt (server-mail.rules) * 1:18771 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules) * 1:18772 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules) * 1:18776 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director pamm chunk memory corruption attempt (file-other.rules) * 1:18790 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe overflow attempt (server-other.rules) * 1:18795 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovet_demandpoll.exe format string execution attempt (server-webapp.rules) * 1:18796 <-> DISABLED <-> SERVER-WEBAPP Novell iManager ClassName handling overflow attempt (server-webapp.rules) * 1:18797 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration property_box.php other variable command execution attempt (server-webapp.rules) * 1:18801 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JpxDecode invalid crgn memory corruption attempt (file-pdf.rules) * 1:18802 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs directory traversal attempt (server-webapp.rules) * 1:18805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player undefined tag exploit attempt (file-flash.rules) * 1:18806 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules) * 1:1881 <-> DISABLED <-> SERVER-WEBAPP bad HTTP 1.1 request - potential worm attack (server-webapp.rules) * 1:18903 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit Rendering Counter Code Execution (browser-webkit.rules) * 1:18905 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18906 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18907 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18908 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18909 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18910 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18911 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18912 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18913 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18914 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18915 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18916 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18917 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18918 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18919 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18920 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18921 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18922 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18923 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18924 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18925 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18926 <-> DISABLED <-> PROTOCOL-SNMP Multiple vendors AgentX receive_agentx integer overflow attempt (protocol-snmp.rules) * 1:18928 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules) * 1:18929 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration objectname variable command injection attempt (server-oracle.rules) * 1:18930 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe Template format string code execution attempt (server-webapp.rules) * 1:18948 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules) * 1:18950 <-> DISABLED <-> OS-WINDOWS Microsoft WINS service oversize payload exploit attempt (os-windows.rules) * 1:18952 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules) * 1:18953 <-> DISABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules) * 1:18954 <-> DISABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules) * 1:18957 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (browser-webkit.rules) * 1:18958 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (browser-webkit.rules) * 1:18960 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise agents HTTP request remote code execution attempt (server-webapp.rules) * 1:18961 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:18962 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:18963 <-> DISABLED <-> FILE-FLASH Adobe ActionScript 3 addEventListener exploit attempt (file-flash.rules) * 1:18964 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules) * 1:18965 <-> DISABLED <-> FILE-FLASH Adobe Flash file ActionScript 2 ActionJump remote code execution attempt (file-flash.rules) * 1:18966 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules) * 1:18967 <-> DISABLED <-> FILE-FLASH Adobe ActionScript argumentCount download attempt (file-flash.rules) * 1:18968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript3 stack integer overflow attempt (file-flash.rules) * 1:18969 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript ActionIf integer overflow attempt (file-flash.rules) * 1:18970 <-> DISABLED <-> FILE-FLASH Adobe Flash Player null pointer dereference attempt (file-flash.rules) * 1:18971 <-> DISABLED <-> FILE-FLASH Adobe Flash beginGradientfill improper color validation attempt (file-flash.rules) * 1:18972 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration selector variable command injection attempt (server-oracle.rules) * 1:18973 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit button first-letter style rendering code execution attempt (browser-webkit.rules) * 1:18974 <-> DISABLED <-> BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX function call attempt (browser-plugins.rules) * 1:18975 <-> DISABLED <-> BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX function call access (browser-plugins.rules) * 1:18985 <-> DISABLED <-> POLICY-OTHER CA ARCserve Axis2 default credential login attempt (policy-other.rules) * 1:18992 <-> DISABLED <-> FILE-FLASH Adobe Flash Player content parsing execution attempt (file-flash.rules) * 1:18993 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager server name exploit attempt (server-webapp.rules) * 1:18994 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules) * 1:18998 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules) * 1:18999 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (server-webapp.rules) * 1:19002 <-> DISABLED <-> FILE-FLASH RealNetworks RealPlayer FLV parsing two integer overflow vulnerabilities (file-flash.rules) * 1:19003 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules) * 1:19004 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules) * 1:19008 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point conversion memory corruption attempt (browser-webkit.rules) * 1:19011 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules) * 1:19012 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules) * 1:19013 <-> DISABLED <-> PROTOCOL-TFTP HP Intelligent Management Center TFTP server MODE remote code execution attempt - WRQ (protocol-tftp.rules) * 1:19014 <-> DISABLED <-> PROTOCOL-TFTP HP Intelligent Management Center TFTP server MODE remote code execution attempt - RRQ (protocol-tftp.rules) * 1:19063 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules) * 1:19064 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font index remote code execution attempt (file-other.rules) * 1:19071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19076 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:19077 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:19078 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules) * 1:19080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19082 <-> DISABLED <-> FILE-PDF Adobe Flash Player memory corruption attempt (file-pdf.rules) * 1:19083 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19084 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules) * 1:19095 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (browser-webkit.rules) * 1:19096 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (browser-webkit.rules) * 1:19097 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit ContentEditable code execution attempt (browser-webkit.rules) * 1:19098 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit ContentEditable code exeuction attempt (browser-webkit.rules) * 1:19099 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari CSS font format corruption attempt (browser-webkit.rules) * 1:19102 <-> DISABLED <-> BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX clsid access (browser-plugins.rules) * 1:19103 <-> DISABLED <-> BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX function call access (browser-plugins.rules) * 1:19112 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D stucture heap overflow (file-other.rules) * 1:19113 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 81 overflow attempt (file-other.rules) * 1:19114 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 45 overflow attempt (file-other.rules) * 1:19115 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 89 overflow attempt (file-other.rules) * 1:19117 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D integer overflow (file-pdf.rules) * 1:19118 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader script injection vulnerability (file-pdf.rules) * 1:19120 <-> DISABLED <-> SERVER-OTHER IBM Informix DBINFO stack buffer overflow (server-other.rules) * 1:19121 <-> DISABLED <-> SERVER-OTHER IBM Informix EXPLAIN stack buffer overflow attempt (server-other.rules) * 1:19126 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules) * 1:19127 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules) * 1:19130 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Paint jpeg with malformed SOFx field integer overflow attempt (file-image.rules) * 1:19131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:19132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:19133 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules) * 1:19134 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules) * 1:19136 <-> DISABLED <-> SERVER-WEBAPP CA XOsoft Multiple Products entry_point.aspx buffer overflow attempt (server-webapp.rules) * 1:19137 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI ICount parameter buffer overflow attempt (server-webapp.rules) * 1:19138 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (server-webapp.rules) * 1:19139 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI MaxAge parameter buffer overflow attempt (server-webapp.rules) * 1:19140 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM snmpviewer.exe CGI parameter buffer overflow attempt (server-webapp.rules) * 1:19141 <-> DISABLED <-> FILE-OFFICE Microsoft Access Wizard control memory corruption ActiveX clsid access (file-office.rules) * 1:19143 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player JPG header record mismatch memory corruption attempt (file-multimedia.rules) * 1:19144 <-> DISABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules) * 1:19145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:19146 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules) * 1:19147 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:19148 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player SWF file MP4 data parsing memory corruption attempt (file-multimedia.rules) * 1:19149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules) * 1:19150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules) * 1:19151 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX clsid access (browser-plugins.rules) * 1:19152 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX function call access (browser-plugins.rules) * 1:19153 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word malformed index code execution attempt (file-office.rules) * 1:19154 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray parsing attempt (file-office.rules) * 1:19156 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:19169 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer vidplin.dll avi header parsing execution attempt (file-multimedia.rules) * 1:19170 <-> DISABLED <-> FILE-OTHER Microsoft Windows .NET Framework XAML browser applications stack corruption (file-other.rules) * 1:19173 <-> DISABLED <-> PROTOCOL-RPC CDE Calendar Manager service memory corruption attempt (protocol-rpc.rules) * 1:19180 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:19181 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe uninitialized memory corruption attempt (browser-ie.rules) * 1:19183 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules) * 1:19184 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (os-windows.rules) * 1:19185 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET ArraySegment escape exploit attempt (os-windows.rules) * 1:19188 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules) * 1:19189 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules) * 1:19193 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX clsid access (browser-plugins.rules) * 1:19194 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules) * 1:19195 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules) * 1:19196 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD Adobe font driver remote code execution attempt (os-windows.rules) * 1:19197 <-> DISABLED <-> BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX clsid access (browser-plugins.rules) * 1:19198 <-> DISABLED <-> BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX function call access (browser-plugins.rules) * 1:19199 <-> DISABLED <-> OS-WINDOWS Smb2Create_Finalize malformed EndOfFile field exploit attempt (os-windows.rules) * 1:19200 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff exploit attempt (file-office.rules) * 1:19209 <-> DISABLED <-> SERVER-WEBAPP Symantec Alert Management System modem string buffer overflow attempt (server-webapp.rules) * 1:19210 <-> DISABLED <-> SERVER-OTHER IBM Informix Dynamic Server set environment buffer overflow attempt (server-other.rules) * 1:19216 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules) * 1:19217 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules) * 1:19219 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules) * 1:19220 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules) * 1:19221 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules) * 1:19222 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:19225 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules) * 1:19226 <-> DISABLED <-> FILE-OTHER Cisco Webex Player .wrf stack buffer overflow (file-other.rules) * 1:19227 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Scenario heap memory overflow (file-office.rules) * 1:19228 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration preauth variable command injection attempt (server-webapp.rules) * 1:19229 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:19230 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules) * 1:19231 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Series record exploit attempt (file-office.rules) * 1:19232 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel XF record exploit attempt (file-office.rules) * 1:19235 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer copy/paste memory corruption attempt (browser-ie.rules) * 1:19236 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer drag event memory corruption attempt (browser-ie.rules) * 1:19237 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:19238 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 self remove from markup vulnerability (browser-ie.rules) * 1:19240 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7/8 reload stylesheet attempt (browser-ie.rules) * 1:19243 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:19245 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (browser-ie.rules) * 1:19246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS expression defined to empty selection attempt (browser-ie.rules) * 1:19247 <-> DISABLED <-> FILE-IMAGE Adobe jpeg 2000 image exploit attempt (file-image.rules) * 1:19248 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D texture continuation integer overflow attempt (file-pdf.rules) * 1:19249 <-> DISABLED <-> FILE-FLASH Adobe Universal3D meshes.removeItem exploit attempt (file-flash.rules) * 1:19250 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D file include overflow attempt (file-pdf.rules) * 1:19251 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CIDFont dictionary glyph width corruption attempt (file-pdf.rules) * 1:19253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious language.engtesselate.ln file download attempt (file-pdf.rules) * 1:19254 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript in PDF go-to actions exploit attempt (file-pdf.rules) * 1:19255 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC ProfileDescriptionTag overflow attempt (file-pdf.rules) * 1:19257 <-> DISABLED <-> FILE-FLASH Adobe ActionScript float index memory corruption attempt (file-flash.rules) * 1:19258 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:19260 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (file-office.rules) * 1:19261 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 invalid Selection.cref exploit attempt (file-office.rules) * 1:19262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:19263 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:19264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:19265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:19266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:19268 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules) * 1:19269 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules) * 1:19292 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:19293 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19294 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (file-office.rules) * 1:19295 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules) * 1:19296 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules) * 1:19303 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:19306 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher pubconv.dll corruption attempt (file-office.rules) * 1:19308 <-> DISABLED <-> FILE-OTHER Microsoft Windows embedded OpenType EOT font integer overflow attempt (file-other.rules) * 1:19313 <-> DISABLED <-> SERVER-OTHER Symantec Antivirus Intel Service DoS Attempt (server-other.rules) * 1:19314 <-> DISABLED <-> OS-WINDOWS Groove GroovePerfmon.dll dll-load exploit attempt (os-windows.rules) * 1:19315 <-> DISABLED <-> OS-WINDOWS Microsoft Groove GroovePerfmon.dll dll-load exploit attempt (os-windows.rules) * 1:19317 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmTDiagLine80 record parsing stack buffer overflow attempt (file-office.rules) * 1:19321 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products nsCSSValue Array Index Integer Overflow (browser-firefox.rules) * 1:19403 <-> DISABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules) * 1:19405 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:19406 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:19407 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:19408 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules) * 1:19412 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record parsing memory corruption (file-office.rules) * 1:19413 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules) * 1:19414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules) * 1:19436 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CStyleSheetRule array memory corruption attempt (browser-ie.rules) * 1:19441 <-> DISABLED <-> SERVER-WEBAPP Oracle Virtual Server Agent command injection attempt (server-webapp.rules) * 1:19442 <-> DISABLED <-> FILE-OFFICE Microsoft Office embedded Office Art drawings execution attempt (file-office.rules) * 1:19451 <-> DISABLED <-> SERVER-OTHER Oracle VM server agent command injection (server-other.rules) * 1:19452 <-> DISABLED <-> SERVER-OTHER Oracle VM server agent command injection (server-other.rules) * 1:19466 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio mfc71 dll-load exploit attempt (file-office.rules) * 1:19646 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:19647 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:19648 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:19649 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center dbman buffer overflow attempt (server-other.rules) * 1:19670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer telnet.exe file load exploit attempt (browser-ie.rules) * 1:19671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules) * 1:19672 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer stylesheet dynamic access memory corruption attempt (browser-ie.rules) * 1:19674 <-> DISABLED <-> OS-WINDOWS Microsoft Data Access Components bidlab.dll dll-load exploit attempt (os-windows.rules) * 1:19675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid UMLString data length exploit attempt (file-office.rules) * 1:19676 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid UMLDTOptions object exploit attempt (file-office.rules) * 1:19677 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules) * 1:19682 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (file-flash.rules) * 1:19683 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 buffer overflow attempt (file-flash.rules) * 1:19684 <-> DISABLED <-> FILE-OTHER Adobe CFF font storage memory corruption attempt (file-other.rules) * 1:19685 <-> DISABLED <-> FILE-FLASH Adobe Flash regular expression grouping depth buffer overflow attempt (file-flash.rules) * 1:19686 <-> DISABLED <-> FILE-FLASH Adobe Flash uninitialized bitmap structure memory corruption attempt (file-flash.rules) * 1:19687 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionStoreRegister instruction length invalidation attempt (file-flash.rules) * 1:19688 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript BitmapData buffer overflow attempt (file-flash.rules) * 1:19689 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript dynamic calculation double-free attempt (file-flash.rules) * 1:19690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript duplicateDoorInputArguments stack overwrite (file-flash.rules) * 1:19691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript File reference buffer overflow attempt (file-flash.rules) * 1:19693 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules) * 1:19707 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules) * 1:19713 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:19714 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:1975 <-> DISABLED <-> PROTOCOL-FTP DELE overflow attempt (protocol-ftp.rules) * 1:19806 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (browser-webkit.rules) * 1:19807 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (browser-webkit.rules) * 1:19808 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules) * 1:19811 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:19812 <-> DISABLED <-> SERVER-OTHER CA Total Defense Suite UNCWS getDBConfigSettings credential information disclosure attempt (server-other.rules) * 1:19813 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter Agent XMLK parsing stack bugger overflow attempt (server-webapp.rules) * 1:19817 <-> DISABLED <-> NETBIOS Juniper Odyssey Access Client DSSETUPSERVICE_CMD_UNINSTALL overflow attempt (netbios.rules) * 1:19873 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules) * 1:19883 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player libdirectx_plugin.dll AMV parsing buffer overflow attempt (file-multimedia.rules) * 1:19892 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System modem string buffer overflow attempt (server-other.rules) * 1:19893 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Tabular Control ActiveX overflow by CLSID / param tag (browser-plugins.rules) * 1:19894 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint unbound memcpy and remote code execution attempt (file-office.rules) * 1:19910 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules) * 1:19911 <-> DISABLED <-> FILE-OTHER Microsoft SYmbolic LinK stack overflow attempt (file-other.rules) * 1:19925 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX client browser plugin call-back-url buffer overflow attempt (browser-plugins.rules) * 1:19937 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules) * 1:19938 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Directory Server ibmslapd.exe stack buffer overflow attempt (server-other.rules) * 1:19956 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker project file heap buffer overflow attempt (file-multimedia.rules) * 1:20029 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules) * 1:20030 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file operation directory traversal attempt (protocol-scada.rules) * 1:20031 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:20049 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:20050 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory consumption vulnerability (file-flash.rules) * 1:20051 <-> DISABLED <-> SERVER-OTHER SAP MaxDB malformed handshake request buffer overflow attempt (server-other.rules) * 1:20072 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules) * 1:20073 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules) * 1:20118 <-> DISABLED <-> OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (os-windows.rules) * 1:20119 <-> DISABLED <-> OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (os-windows.rules) * 1:20123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules) * 1:20124 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record attempt (file-office.rules) * 1:20125 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:20126 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:20127 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Conditional Formatting record vulnerability (file-office.rules) * 1:20128 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules) * 1:20129 <-> DISABLED <-> FILE-OFFICE Microsoft Office BpscBulletProof uninitialized pointer dereference attempt (file-office.rules) * 1:20134 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector buffer overflow attempt (server-webapp.rules) * 1:20142 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader app.openDoc path vulnerability (file-pdf.rules) * 1:20144 <-> DISABLED <-> FILE-PDF Adobe Acrobat embedded TIFF DotRange structure memory corruption attempt (file-pdf.rules) * 1:20145 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules) * 1:20147 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules) * 1:20148 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules) * 1:20149 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded IFF file RGBA chunk memory corruption attempt (file-pdf.rules) * 1:20150 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PCX parsing corruption attempt (file-pdf.rules) * 1:20152 <-> DISABLED <-> FILE-PDF Adobe Acrobat GDI object leak memory corruption attempt (file-pdf.rules) * 1:20153 <-> DISABLED <-> FILE-PDF Adobe Acrobat embedded JPEG file APP0 chunk memory corruption attempt (file-pdf.rules) * 1:20154 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:20155 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (file-pdf.rules) * 1:20156 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getCosObj file overwrite attempt (file-pdf.rules) * 1:20157 <-> DISABLED <-> SERVER-ORACLE Oracle GlassFish Server war file upload attempt (server-oracle.rules) * 1:20158 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Server default credentials login attempt (server-webapp.rules) * 1:20159 <-> ENABLED <-> SERVER-WEBAPP Oracle GlassFish Server authentication bypass attempt (server-webapp.rules) * 1:20160 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Server successful authentication bypass attempt (server-webapp.rules) * 1:20168 <-> DISABLED <-> BROWSER-PLUGINS ChemView SaveAsMolFile vulnerability ActiveX clsid access (browser-plugins.rules) * 1:20169 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules) * 1:20170 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules) * 1:20171 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules) * 1:20176 <-> DISABLED <-> PROTOCOL-SCADA DAQFactory NETB protcol stack overflow attempt (protocol-scada.rules) * 1:20181 <-> DISABLED <-> FILE-FLASH Adobe Flash Speex-encoded audio buffer underflow attempt (file-flash.rules) * 1:20206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pcre ActionScript under allocation (file-flash.rules) * 1:20207 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20208 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20209 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20210 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20211 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursive stack overflow attempt (file-flash.rules) * 1:20214 <-> DISABLED <-> PROTOCOL-SCADA Measuresoft ScadaPro msvcrt.dll local command execution attempt (protocol-scada.rules) * 1:20215 <-> DISABLED <-> PROTOCOL-SCADA Measuresoft ScadaPro directory traversal file operation attempt (protocol-scada.rules) * 1:20227 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC webm memory corruption attempt (file-multimedia.rules) * 1:20246 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:20247 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:20255 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight inheritance restriction bypass (browser-plugins.rules) * 1:20259 <-> DISABLED <-> FILE-OTHER Microsoft Agent Helper Malicious JAR download attempt (file-other.rules) * 1:20263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer htmlfile null attribute access attempt (browser-ie.rules) * 1:20264 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer form selection reset attempt (browser-ie.rules) * 1:20265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer null attribute DoS attempt (browser-ie.rules) * 1:20266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Javascript negative option index attack attempt (browser-ie.rules) * 1:20267 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer circular reference exploit attempt (browser-ie.rules) * 1:20268 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules) * 1:20273 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer jscript9 parsing corruption attempt (browser-ie.rules) * 1:20288 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer QCP parsing buffer overflow attempt (file-multimedia.rules) * 1:20430 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start BasicServiceImpl security policy bypass attempt (file-java.rules) * 1:20431 <-> DISABLED <-> FILE-OTHER Wireshark DECT packet dissector overflow attempt (file-other.rules) * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules) * 1:20530 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (server-webapp.rules) * 1:20531 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (server-webapp.rules) * 1:20532 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector get file buffer overflow attempt (server-webapp.rules) * 1:20545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF embedded font null pointer attempt (file-flash.rules) * 1:20547 <-> DISABLED <-> FILE-FLASH Adobe Flash Player overlapping record overflow attempt (file-flash.rules) * 1:20548 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursive doaction stack exhaustion (file-flash.rules) * 1:20549 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion attempt (file-flash.rules) * 1:20550 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Mover3D clipping exploit (file-flash.rules) * 1:20551 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Stage 3D texture format overflow attempt (file-flash.rules) * 1:20555 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules) * 1:20556 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PlaceObjectX null pointer dereference attempt (file-flash.rules) * 1:20557 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionDefineFunction2 length overflow attempt (file-flash.rules) * 1:2056 <-> DISABLED <-> SERVER-WEBAPP TRACE attempt (server-webapp.rules) * 1:20560 <-> DISABLED <-> FILE-FLASH Adobe Flash Player salign null javascript access attempt (file-flash.rules) * 1:20567 <-> DISABLED <-> FILE-FLASH Adobe Flash SWF AVM2 namespace lookup deref exploit (file-flash.rules) * 1:20568 <-> DISABLED <-> FILE-FLASH Adobe Flash SWF ActionScript 3 ByteArray class vulnerability (file-flash.rules) * 1:20572 <-> DISABLED <-> FILE-OTHER Microsoft Windows Font Library file buffer overflow attempt (file-other.rules) * 1:20581 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:20582 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:20590 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:20600 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products SVG text content element getCharNumAtPosition use after free attempt (browser-firefox.rules) * 1:20607 <-> DISABLED <-> SERVER-OTHER Novell Groupwise internet agent http uri buffer overflow attempt (server-other.rules) * 1:20608 <-> DISABLED <-> SERVER-OTHER Novell Groupwise internet agent http uri buffer overflow attempt (server-other.rules) * 1:20622 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules) * 1:20628 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector FinishedCopy SQL Injection attempt (server-webapp.rules) * 1:20634 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules) * 1:20635 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector GetPolicies SQL Injection attempt (server-webapp.rules) * 1:20636 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules) * 1:20637 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules) * 1:20638 <-> DISABLED <-> PROTOCOL-SCADA Progea Movicon/PowerHMI EIDP over HTTP memory corruption attempt (protocol-scada.rules) * 1:20691 <-> DISABLED <-> POLICY-OTHER Cisco Network Registrar default credentials authentication attempt (policy-other.rules) * 1:20692 <-> DISABLED <-> POLICY-OTHER Cisco network registrar default credentials authentication attempt (policy-other.rules) * 1:20704 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer defaulttime behavior attack attempt (browser-plugins.rules) * 1:20705 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (browser-plugins.rules) * 1:20706 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (browser-plugins.rules) * 1:20707 <-> DISABLED <-> BROWSER-PLUGINS Dell IT Assistant ActiveX clsid access (browser-plugins.rules) * 1:20708 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules) * 1:20709 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20710 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20711 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20712 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20713 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20714 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20715 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20716 <-> DISABLED <-> BROWSER-PLUGINS Yahoo! CD Player ActiveX clsid access (browser-plugins.rules) * 1:20717 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE versioned stream missing data stream (file-office.rules) * 1:20718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (file-office.rules) * 1:20719 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:20720 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:20721 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher PLC object memory corruption attempt (file-office.rules) * 1:20722 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:20734 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player digital video recording buffer overflow attempt (file-multimedia.rules) * 1:20735 <-> DISABLED <-> FILE-OTHER Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation of privileges attempt (file-other.rules) * 1:20758 <-> DISABLED <-> POLICY-OTHER Progrea Movicon TCPUploadServer.exe unauthenticated access attempt (policy-other.rules) * 1:20761 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector buffer overflow attempt (server-other.rules) * 1:20766 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20767 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:20768 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20769 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20770 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20771 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20772 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20773 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20774 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20775 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20776 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:20786 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20787 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20788 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20789 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20802 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PRC file MarkupLinkedItem arbitrary code execution attempt (file-pdf.rules) * 1:20804 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20805 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20806 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20807 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20808 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20809 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20810 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20811 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20812 <-> DISABLED <-> PROTOCOL-TELNET FreeBSD telnetd enc_keyid overflow attempt (protocol-telnet.rules) * 1:20813 <-> DISABLED <-> PROTOCOL-TELNET FreeBSD telnetd dec_keyid overflow attempt (protocol-telnet.rules) * 1:20822 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt malicious string (browser-ie.rules) * 1:20829 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules) * 1:20842 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:20843 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:20875 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (browser-plugins.rules) * 1:20878 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules) * 1:20880 <-> DISABLED <-> FILE-OFFICE Microsoft DirectShow Line 21 decoder exploit attempt (file-office.rules) * 1:20889 <-> DISABLED <-> FILE-OTHER Video Spirit visprj buffer overflow (file-other.rules) * 1:20900 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:20902 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules) * 1:20903 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules) * 1:20904 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules) * 1:20997 <-> DISABLED <-> BROWSER-WEBKIT Apple Webkit Display box rendering corruption attempt (browser-webkit.rules) * 1:20999 <-> DISABLED <-> BROWSER-WEBKIT Microsoft Windows 7 x64 Apple Safari abnormally long iframe exploit attempt (browser-webkit.rules) * 1:21029 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules) * 1:21030 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules) * 1:21031 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules) * 1:21032 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules) * 1:21033 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules) * 1:21034 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules) * 1:21050 <-> DISABLED <-> SERVER-OTHER HP Diagnostics Server magentservice.exe stack overflow attempt (server-other.rules) * 1:21057 <-> DISABLED <-> FILE-OTHER Java Applet Rhino script engine remote code execution attempt (file-other.rules) * 1:21076 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules) * 1:21077 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call (browser-plugins.rules) * 1:21078 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectShow GraphEdt closed captioning memory corruption (file-multimedia.rules) * 1:21079 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC HMI Administrator cookie detected (protocol-scada.rules) * 1:21116 <-> DISABLED <-> FILE-OTHER Cisco Webex selector and size2 subrecords corruption attempt (file-other.rules) * 1:21159 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:21167 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:21168 <-> DISABLED <-> FILE-MULTIMEDIA AVI file chunk length integer overflow attempt (file-multimedia.rules) * 1:21170 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules) * 1:21189 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari innerHTML use after free exploit attempt (browser-webkit.rules) * 1:21234 <-> DISABLED <-> SERVER-WEBAPP MKCOL Webdav Stack Buffer Overflow attempt (server-webapp.rules) * 1:21236 <-> DISABLED <-> SERVER-WEBAPP UNLOCK Webdav Stack Buffer Overflow attempt (server-webapp.rules) * 1:21243 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:21281 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules) * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules) * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules) * 1:21291 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid row option attempt (file-office.rules) * 1:21292 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules) * 1:21293 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio corrupted compressed data memory corruption attempt (file-office.rules) * 1:21299 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight privilege escalation attempt (browser-plugins.rules) * 1:21301 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules) * 1:21302 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_OLEChunk code execution attempt (file-office.rules) * 1:21305 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules) * 1:21307 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSheet code execution attempt (file-office.rules) * 1:21308 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules) * 1:21309 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules) * 1:21310 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules) * 1:21316 <-> DISABLED <-> FILE-OTHER Adobe shockwave director tSAC string termination memory corruption attempt (file-other.rules) * 1:21317 <-> DISABLED <-> FILE-OTHER BACnet OPC client csv file buffer overflow attempt (file-other.rules) * 1:21326 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActiveX URL import attempt (file-flash.rules) * 1:21335 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion null dereference attempt (file-flash.rules) * 1:21336 <-> DISABLED <-> FILE-FLASH Adobe Flash ASConstructor insecure calling attempt (file-flash.rules) * 1:21338 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP4 zero length atom attempt (file-flash.rules) * 1:21339 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom auth field attempt (file-multimedia.rules) * 1:21341 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'dscp' field attempt (file-multimedia.rules) * 1:21342 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom cprt field attempt (file-multimedia.rules) * 1:21357 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (os-windows.rules) * 1:21363 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:21371 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director KEY chunk buffer overflow attempt (file-other.rules) * 1:21414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules) * 1:21415 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules) * 1:21422 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (file-office.rules) * 1:21423 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:21439 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (file-image.rules) * 1:21457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:21458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:21483 <-> DISABLED <-> PROTOCOL-SCADA Moxa Device Manager buffer overflow attempt (protocol-scada.rules) * 1:21484 <-> DISABLED <-> FILE-OTHER ZIP file name overflow attempt (file-other.rules) * 1:21491 <-> DISABLED <-> PROTOCOL-SCADA Sielco Sistemi Winlog Pro stack buffer overflow attempt (protocol-scada.rules) * 1:21503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXDB memory corruption (file-office.rules) * 1:21504 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21505 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21506 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21507 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21508 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Stage3D null dereference attempt (file-flash.rules) * 1:21534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules) * 1:21535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules) * 1:21536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Stage3D null dereference attempt (file-flash.rules) * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules) * 1:21567 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules) * 1:21647 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:21653 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript getURL target null reference attempt (file-flash.rules) * 1:21654 <-> DISABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules) * 1:21655 <-> DISABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules) * 1:21752 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot request buffer overflow attempt (server-other.rules) * 1:21754 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:21790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:21791 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:21792 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (file-executable.rules) * 1:21793 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (browser-ie.rules) * 1:21795 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:21796 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:21806 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:21858 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules) * 1:21859 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules) * 1:21878 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:21881 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules) * 1:21882 <-> DISABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules) * 1:21883 <-> DISABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules) * 1:21914 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot opcode 6C request buffer overflow attempt (server-other.rules) * 1:21918 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX clsid access attempt (browser-plugins.rules) * 1:21919 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX function call access attempt (browser-plugins.rules) * 1:21929 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:21930 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:21942 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules) * 1:21943 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules) * 1:22004 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22005 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22006 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22007 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22008 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22009 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22010 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22011 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22012 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22038 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:22042 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (file-executable.rules) * 1:22063 <-> DISABLED <-> SERVER-WEBAPP PHP-CGI remote file include attempt (server-webapp.rules) * 1:22069 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22070 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio IndexDirectorySize greater than ChildrenSize memory access attempt (file-office.rules) * 1:22077 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules) * 1:22079 <-> DISABLED <-> OS-WINDOWS Microsoft .NET framework EvidenceBase class remote code execution attempt (os-windows.rules) * 1:22080 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer xbap custom ISeralizable object exception attempt (browser-ie.rules) * 1:22085 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (file-office.rules) * 1:22086 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (file-office.rules) * 1:22087 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font maxComponentPoints overflow attempt (file-other.rules) * 1:22090 <-> DISABLED <-> OS-WINDOWS Microsoft .NET framework malicious XBAP attempt (os-windows.rules) * 1:22091 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules) * 1:22092 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules) * 1:22093 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules) * 1:22094 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules) * 1:22915 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22916 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22938 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:22942 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:22952 <-> DISABLED <-> SERVER-OTHER Iron Mountain connected backup opcode 13 processing command injection attempt (server-other.rules) * 1:23004 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23005 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23006 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23007 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23008 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules) * 1:23009 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules) * 1:23010 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules) * 1:23048 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid attempt (browser-plugins.rules) * 1:23049 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules) * 1:23050 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules) * 1:23056 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules) * 1:23059 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules) * 1:23060 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules) * 1:23098 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules) * 1:23099 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceHex denial of service attempt (server-other.rules) * 1:23102 <-> DISABLED <-> POLICY-OTHER Seagate BlackArmor administrator password reset attempt (policy-other.rules) * 1:23111 <-> DISABLED <-> POLICY-OTHER PHP uri tag injection attempt (policy-other.rules) * 1:23116 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 CTreeNode use after free attempt (browser-ie.rules) * 1:23117 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 DOM element use after free attempt (browser-ie.rules) * 1:23118 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer console object use after free attempt (browser-ie.rules) * 1:23121 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (browser-ie.rules) * 1:23122 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules) * 1:23124 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:23125 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:23126 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer insertAdjacentText memory corruption attempt (browser-ie.rules) * 1:23127 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET xbap STGMEDIUM.unionmember arbitrary number overwrite attempt (file-executable.rules) * 1:23129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SecureSocket use without Connect attempt (file-flash.rules) * 1:23130 <-> DISABLED <-> FILE-FLASH Adobe Flash Player X509 direct instantiation property access attempt (file-flash.rules) * 1:23131 <-> DISABLED <-> FILE-FLASH Adobe Flash Player X500 DistinguishedName property access attempt (file-flash.rules) * 1:23132 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineSound tag long recordheader length field attempt (file-flash.rules) * 1:23133 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash.display.BitmapData constuctor overflow attempt (file-flash.rules) * 1:23134 <-> DISABLED <-> FILE-FLASH Adobe Flash Player broker destructor DoS attempt (file-flash.rules) * 1:23135 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash.DisplayObject memory corruption attempt (file-flash.rules) * 1:23142 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23143 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23144 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23145 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23146 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23174 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules) * 1:23175 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules) * 1:23178 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement flood attempt (protocol-icmp.rules) * 1:23181 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework xbap DataObject object pointer attempt (file-executable.rules) * 1:23212 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:23239 <-> DISABLED <-> SERVER-OTHER Wireshark console.lua file load exploit attempt (server-other.rules) * 1:23240 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:23241 <-> DISABLED <-> SERVER-OTHER HP DPNECentral RequestCopy type SQL injection attempt (server-other.rules) * 1:23263 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules) * 1:23264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:23265 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:23269 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules) * 1:23270 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules) * 1:23278 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested list memory corruption attempt (browser-ie.rules) * 1:23280 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer corrupted HROW instance write access violation attempt (browser-ie.rules) * 1:23285 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:23286 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23287 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23288 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23289 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23290 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23291 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23292 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23293 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23294 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23295 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23296 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23297 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23299 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23300 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23301 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23302 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23304 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23330 <-> DISABLED <-> PROTOCOL-SCADA ScadaTec Procyon Core server password overflow attempt (protocol-scada.rules) * 1:23352 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (browser-plugins.rules) * 1:23353 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX function call access attempt (browser-plugins.rules) * 1:23355 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager AddTask stack buffer overflow attempt (server-other.rules) * 1:23371 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:23400 <-> DISABLED <-> FILE-OTHER Apple Quicktime JPEG2000 length integer underflow attempt (file-other.rules) * 1:23445 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox use-after free remote code execution attempt (browser-firefox.rules) * 1:23461 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules) * 1:23462 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23463 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules) * 1:23464 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules) * 1:23465 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23478 <-> DISABLED <-> FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (file-other.rules) * 1:23479 <-> DISABLED <-> FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (file-other.rules) * 1:23508 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules) * 1:23509 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules) * 1:23510 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules) * 1:23511 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules) * 1:23512 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules) * 1:23513 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23514 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23515 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23516 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23526 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:23527 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:23528 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules) * 1:23530 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:23531 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:23532 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:23533 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules) * 1:23545 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules) * 1:23546 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules) * 1:23547 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules) * 1:23548 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:23549 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:23550 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules) * 1:23551 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:23552 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:23553 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules) * 1:23554 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules) * 1:23555 <-> DISABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules) * 1:23558 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:23559 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:23577 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules) * 1:23579 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules) * 1:23582 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules) * 1:23583 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23584 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules) * 1:23585 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules) * 1:23586 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules) * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules) * 1:23591 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:23592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules) * 1:23609 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules) * 1:23611 <-> DISABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules) * 1:23612 <-> DISABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules) * 1:23614 <-> DISABLED <-> FILE-JAVA Oracle JavaScript heap exploitation library usage attempt (file-java.rules) * 1:23624 <-> DISABLED <-> SERVER-OTHER Ubisoft Uplay browser plugin backdoor attempt (server-other.rules) * 1:23631 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - POST parameter (server-apache.rules) * 1:23632 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23783 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (server-webapp.rules) * 1:23789 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (browser-firefox.rules) * 1:23790 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (browser-firefox.rules) * 1:23805 <-> DISABLED <-> BROWSER-WEBKIT WebKit button column memory corruption attempt (browser-webkit.rules) * 1:23834 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (browser-ie.rules) * 1:23835 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (browser-ie.rules) * 1:23836 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules) * 1:23837 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB host announcement format string exploit attempt (os-windows.rules) * 1:23838 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NetServerEnum response host format string exploit attempt (os-windows.rules) * 1:23840 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:23841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:23842 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23846 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Terminal server RDP freed memory write attempt (os-windows.rules) * 1:23853 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:23854 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:23864 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (file-pdf.rules) * 1:23865 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (file-pdf.rules) * 1:23866 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23867 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23868 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23869 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23870 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23871 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23874 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (file-pdf.rules) * 1:23875 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (file-pdf.rules) * 1:23878 <-> DISABLED <-> BROWSER-PLUGINS Oracle JRE Deployment Toolkit ActiveX clsid access attempt (browser-plugins.rules) * 1:23879 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules) * 1:23880 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules) * 1:23881 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23882 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23883 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (file-pdf.rules) * 1:23884 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (file-pdf.rules) * 1:23889 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23890 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23891 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23892 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23950 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules) * 1:23951 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules) * 1:23956 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23958 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23959 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23960 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23961 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23964 <-> DISABLED <-> PROTOCOL-SCADA BroadWin WebAccess Client format string exploit attempt (protocol-scada.rules) * 1:23965 <-> DISABLED <-> PROTOCOL-SCADA BroadWin WebAccess Client arbitrary memory corruption attempt (protocol-scada.rules) * 1:23967 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt - compressed (file-flash.rules) * 1:23979 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23980 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23981 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23982 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23983 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23985 <-> DISABLED <-> BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (browser-plugins.rules) * 1:23986 <-> DISABLED <-> BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (browser-plugins.rules) * 1:23989 <-> DISABLED <-> FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (file-office.rules) * 1:23992 <-> DISABLED <-> FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (file-office.rules) * 1:23993 <-> DISABLED <-> SERVER-OTHER Dhcpcd packet size buffer overflow attempt (server-other.rules) * 1:23996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:23997 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:23999 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24000 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24001 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24002 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24003 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24007 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules) * 1:24090 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV invalid character argument injection attempt (os-windows.rules) * 1:24129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel catLabel pointer manipulation attempt (file-office.rules) * 1:24130 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel catLabel pointer manipulation attempt (file-office.rules) * 1:24138 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules) * 1:24139 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules) * 1:24140 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules) * 1:24142 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:24147 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules) * 1:24148 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious charstring stream attempt (file-pdf.rules) * 1:24149 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious charstring stream attempt (file-pdf.rules) * 1:24150 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TrueType font corrupt header attempt (file-pdf.rules) * 1:24151 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TrueType font corrupt header attempt (file-pdf.rules) * 1:24152 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (file-pdf.rules) * 1:24153 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (file-pdf.rules) * 1:24154 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader free text annotation invalid IT value denial of service attempt (file-pdf.rules) * 1:24155 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader free text annotation invalid IT value denial of service attempt (file-pdf.rules) * 1:2417 <-> DISABLED <-> PROTOCOL-FTP format string attempt (protocol-ftp.rules) * 1:24187 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:24188 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:24196 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules) * 1:24197 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules) * 1:24199 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules) * 1:24200 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules) * 1:24203 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:24204 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:24205 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:24207 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules) * 1:24208 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules) * 1:24209 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules) * 1:24212 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer execCommand use-after-free attempt (browser-ie.rules) * 1:24220 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules) * 1:24221 <-> DISABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules) * 1:24222 <-> DISABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules) * 1:24223 <-> DISABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules) * 1:24239 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Internet Agent content-length integer overflow attempt (server-webapp.rules) * 1:24240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:24242 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:24244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:24245 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:24252 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer execCommand use embedded within javascript tags (browser-ie.rules) * 1:24272 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:24273 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:24277 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:24278 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:24279 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:24280 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:24281 <-> DISABLED <-> BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX clsid access (browser-plugins.rules) * 1:24282 <-> DISABLED <-> BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX function call access (browser-plugins.rules) * 1:24283 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC webm memory corruption attempt (file-multimedia.rules) * 1:24291 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules) * 1:24292 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules) * 1:24296 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement invalid prefix option attempt (protocol-icmp.rules) * 1:24314 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24315 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24316 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24317 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24318 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24319 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24320 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24338 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:24351 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 use-after-free attempt (file-office.rules) * 1:24352 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 use-after-free attempt (file-office.rules) * 1:24353 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF malformed listid attempt (file-office.rules) * 1:24354 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF malformed listid attempt (file-office.rules) * 1:24357 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rgfc value overflow attempt (file-office.rules) * 1:24358 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rgfc value overflow attempt (file-office.rules) * 1:24362 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24363 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24364 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24365 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24366 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed record stack exhaustion attempt (file-flash.rules) * 1:24367 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed record stack exhaustion attempt (file-flash.rules) * 1:24380 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules) * 1:24414 <-> DISABLED <-> FILE-FLASH Adobe Flash Player stsz box heap overflow attempt (file-flash.rules) * 1:24415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player stsz box heap overflow attempt (file-flash.rules) * 1:24428 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24429 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24431 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24446 <-> DISABLED <-> SERVER-OTHER EMC NetWorker SunRPC format string exploit attempt (server-other.rules) * 1:24476 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24477 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24478 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24479 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24480 <-> DISABLED <-> PROTOCOL-SCADA WellinTech Kingview HMI history server buffer overflow attempt (protocol-scada.rules) * 1:24481 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24485 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules) * 1:24486 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules) * 1:24506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader null pointer dereference attempt (file-pdf.rules) * 1:24507 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:24508 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:24510 <-> DISABLED <-> FILE-JAVA Oracle Java XGetSamplePtrFromSnd memory corruption attempt (file-java.rules) * 1:24511 <-> DISABLED <-> FILE-JAVA Oracle Java XGetSamplePtrFromSnd memory corruption attempt (file-java.rules) * 1:24518 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code injection attempt (server-webapp.rules) * 1:24519 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code execution attempt (server-webapp.rules) * 1:24520 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules) * 1:24536 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules) * 1:24537 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules) * 1:24538 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules) * 1:24549 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (file-multimedia.rules) * 1:24550 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (file-multimedia.rules) * 1:24551 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:24552 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:24553 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:24556 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:24557 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:24558 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:24570 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24571 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24572 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24573 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24574 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24578 <-> DISABLED <-> BROWSER-PLUGINS Viscom Movie Player Pro DrawText ActiveX clsid access (browser-plugins.rules) * 1:24579 <-> DISABLED <-> BROWSER-PLUGINS Viscom Movie Player Pro DrawText ActiveX function call access (browser-plugins.rules) * 1:24580 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24581 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:24582 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24583 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24584 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:24585 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24587 <-> DISABLED <-> FILE-OFFICE Microsoft Works Word document use after free attempt (file-office.rules) * 1:24588 <-> DISABLED <-> FILE-OFFICE Microsoft Works Word document use after free attempt (file-office.rules) * 1:24643 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX function call access (browser-plugins.rules) * 1:24644 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24645 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24646 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET exetension ActiveX clsid access (browser-plugins.rules) * 1:24649 <-> DISABLED <-> FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (file-other.rules) * 1:24650 <-> DISABLED <-> FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (file-other.rules) * 1:24653 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 table th element use after free attempt (browser-ie.rules) * 1:24654 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 table th element use after free attempt (browser-ie.rules) * 1:24657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules) * 1:24658 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules) * 1:24659 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules) * 1:24660 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 style properties use after free attempt (browser-ie.rules) * 1:24661 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 style properties use after free attempt (browser-ie.rules) * 1:24662 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer button object use after free memory corruption attempt (browser-ie.rules) * 1:24663 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer button object use after free memory corruption attempt (browser-ie.rules) * 1:24664 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (file-executable.rules) * 1:24665 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (file-executable.rules) * 1:24672 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules) * 1:24673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SST record invalid length memory corruption attempt (file-office.rules) * 1:24674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SST record invalid length memory corruption attempt (file-office.rules) * 1:24675 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX realm parameter overflow attempt (browser-plugins.rules) * 1:24676 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX real parameter overflow attempt (browser-plugins.rules) * 1:24678 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24679 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24680 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24681 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24682 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24683 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24684 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24685 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24687 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:24688 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:24689 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX function call access (browser-plugins.rules) * 1:24690 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24691 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24692 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET exetension ActiveX clsid access (browser-plugins.rules) * 1:24693 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:24694 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules) * 1:24695 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules) * 1:24696 <-> DISABLED <-> PROTOCOL-RPC EMC Networker nsrindexd.exe procedure 0x01 buffer overflow attempt (protocol-rpc.rules) * 1:24699 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules) * 1:24700 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules) * 1:24701 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules) * 1:24702 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24703 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24704 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (server-webapp.rules) * 1:24705 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (server-webapp.rules) * 1:24723 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX clsid access attempt (browser-plugins.rules) * 1:24724 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX function call access (browser-plugins.rules) * 1:24725 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX clsid access (browser-plugins.rules) * 1:24726 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX function call access (browser-plugins.rules) * 1:24761 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24762 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24765 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request heap overflow attempt (server-webapp.rules) * 1:24767 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter FSFUI request directory traversal attempt (server-webapp.rules) * 1:24802 <-> DISABLED <-> SERVER-OTHER HP Database Archiving Software GIOP parsing buffer overflow attempt (server-other.rules) * 1:24804 <-> DISABLED <-> SERVER-WEBAPP Invision IP Board PHP unserialize code execution attempt (server-webapp.rules) * 1:24808 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer premature unload of Flash plugin use after free attempt (file-flash.rules) * 1:24809 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer premature unload of Flash plugin use after free attempt (file-flash.rules) * 1:24810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24811 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24812 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24813 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24823 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:24827 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24828 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24829 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24830 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24831 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24832 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24833 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24834 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24835 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24836 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24868 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint bad text header txttype attempt (file-office.rules) * 1:24869 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24870 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24871 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24872 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24874 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24875 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24876 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24877 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24879 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid JPEG index attempt (file-flash.rules) * 1:24882 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid JPEG index attempt (file-flash.rules) * 1:24892 <-> DISABLED <-> FILE-FLASH Action InitArray stack overflow attempt (file-flash.rules) * 1:24893 <-> DISABLED <-> FILE-FLASH Action InitArray stack overflow attempt (file-flash.rules) * 1:24895 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt (file-flash.rules) * 1:24896 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt (file-flash.rules) * 1:24898 <-> DISABLED <-> SERVER-OTHER ABB Multiple Product RobNetScanHost.exe buffer overflow attempt (server-other.rules) * 1:24913 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules) * 1:24914 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules) * 1:24915 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules) * 1:24955 <-> DISABLED <-> FILE-MULTIMEDIA AVI file chunk length integer overflow attempt (file-multimedia.rules) * 1:24956 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property use after free memory corruption attempt (browser-ie.rules) * 1:24957 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24958 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24959 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24960 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24961 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24962 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24963 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24964 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24965 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24966 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24967 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24968 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24969 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24970 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24980 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24981 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24982 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24983 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24984 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadPCMFromByteArray bad sample count attempt (file-flash.rules) * 1:24985 <-> DISABLED <-> FILE-FLASH Adobe Flash Player index overflow attempt (file-flash.rules) * 1:24986 <-> DISABLED <-> FILE-FLASH Adobe Flash Player index overflow attempt (file-flash.rules) * 1:24989 <-> DISABLED <-> FILE-FLASH Adobe Flash Player specially invalid traits structure attempt (file-flash.rules) * 1:24990 <-> DISABLED <-> FILE-FLASH Adobe Flash Player specially invalid traits structure attempt (file-flash.rules) * 1:24991 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DoInitAction invalid action overflow attempt (file-flash.rules) * 1:24992 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DoInitAction invalid action overflow attempt (file-flash.rules) * 1:24993 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules) * 1:24994 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox onChannelRedirect method attempt (browser-firefox.rules) * 1:24997 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24998 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24999 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:25000 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:25003 <-> DISABLED <-> SERVER-OTHER HP Archive Query Server stack overflow attempt (server-other.rules) * 1:25006 <-> DISABLED <-> FILE-JAVA Oracle JavaScript heap exploitation library usage attempt (file-java.rules) * 1:25017 <-> DISABLED <-> SERVER-WEBAPP httpdx tolog function format string code execution attempt (server-webapp.rules) * 1:25035 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight inheritance restriction bypass (browser-plugins.rules) * 1:25059 <-> DISABLED <-> SERVER-OTHER SAP Business One License Manager buffer overflow attempt (server-other.rules) * 1:25078 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:25079 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:25225 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules) * 1:25226 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules) * 1:25227 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox iframe and xul element reload crash attempt (browser-firefox.rules) * 1:25228 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox iframe and xul element reload crash attempt (browser-firefox.rules) * 1:25246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:25247 <-> DISABLED <-> FILE-OTHER Lattice PAC Designer symbol value buffer overflow attempt (file-other.rules) * 1:25248 <-> DISABLED <-> FILE-OTHER Lattice PAC Designer symbol value buffer overflow attempt (file-other.rules) * 1:25250 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules) * 1:25251 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules) * 1:25252 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules) * 1:25253 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules) * 1:25254 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (browser-plugins.rules) * 1:25287 <-> DISABLED <-> SERVER-OTHER Rails XML parameter parsing vulnerability exploitation attempt (server-other.rules) * 1:25288 <-> DISABLED <-> SERVER-OTHER Rails XML parameter parsing vulnerability exploitation attempt (server-other.rules) * 1:25297 <-> DISABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules) * 1:25298 <-> DISABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules) * 1:25299 <-> DISABLED <-> BROWSER-PLUGINS IBM VsVIEW ActiveX control directory traversal attempt (browser-plugins.rules) * 1:25300 <-> DISABLED <-> BROWSER-PLUGINS IBM VsVIEW ActiveX control directory traversal attempt (browser-plugins.rules) * 1:25303 <-> DISABLED <-> FILE-OTHER Cisco WebEx WRF memory corruption attempt (file-other.rules) * 1:25304 <-> DISABLED <-> FILE-OTHER Cisco WebEx WRF memory corruption attempt (file-other.rules) * 1:25309 <-> DISABLED <-> FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (file-other.rules) * 1:25310 <-> DISABLED <-> FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (file-other.rules) * 1:25311 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules) * 1:25312 <-> DISABLED <-> SERVER-OTHER Microsoft Forefront Threat Management Gateway remote code execution attempt (server-other.rules) * 1:25316 <-> DISABLED <-> BROWSER-PLUGINS InduSoft ISSymbol InternationalSeparator heap overflow attempt (browser-plugins.rules) * 1:25318 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules) * 1:25319 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules) * 1:25320 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules) * 1:25321 <-> DISABLED <-> SERVER-ORACLE Oracle Database tablefunc_asown buffer overflow attempt (server-oracle.rules) * 1:25330 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel conditional code execution attempt (file-office.rules) * 1:25331 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel conditional code execution attempt (file-office.rules) * 1:25332 <-> DISABLED <-> FILE-OTHER Adobe Audition Session file tkrm stack buffer overflow attempt (file-other.rules) * 1:25341 <-> DISABLED <-> FILE-OTHER Cisco WebEx player remote code execution attempt (file-other.rules) * 1:25343 <-> DISABLED <-> BROWSER-PLUGINS Citrix Access Gateway plug-in ActiveX code execution attempt (browser-plugins.rules) * 1:25344 <-> DISABLED <-> BROWSER-PLUGINS Citrix Access Gateway plug-in ActiveX code execution attempt (browser-plugins.rules) * 1:25346 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules) * 1:25347 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules) * 1:25348 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules) * 1:25353 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:25354 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:25355 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:25357 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:25366 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules) * 1:25367 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules) * 1:25376 <-> DISABLED <-> FILE-IMAGE Apple QuickTime Targa image file buffer overflow attempt (file-image.rules) * 1:25378 <-> DISABLED <-> FILE-IMAGE Apple QuickTime Targa image file buffer overflow attempt (file-image.rules) * 1:25381 <-> DISABLED <-> SERVER-OTHER Microsoft Forefront Threat Management Gateway remote code execution attempt (server-other.rules) * 1:25392 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules) * 1:25474 <-> DISABLED <-> SERVER-OTHER Citrix Access Gateway legacy authentication attempt (server-other.rules) * 1:25475 <-> DISABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules) * 1:25527 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint unbound memcpy and remote code execution attempt (file-office.rules) * 1:25535 <-> DISABLED <-> PROTOCOL-SERVICES Cisco Prime Lan Management rsh command execution attempt (protocol-services.rules) * 1:25542 <-> DISABLED <-> PROTOCOL-RPC EMC NetWorker nsrindexd service buffer overflow attempt (protocol-rpc.rules) * 1:25549 <-> DISABLED <-> SERVER-OTHER Novell eDirectory NCP stack buffer overflow attempt (server-other.rules) * 1:25550 <-> DISABLED <-> SERVER-OTHER Novell eDirectory NCP stack buffer overflow attempt (server-other.rules) * 1:25589 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25601 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25612 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25617 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25618 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25619 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25620 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25644 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25645 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25646 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25647 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25648 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25649 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25654 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (server-other.rules) * 1:25655 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (server-other.rules) * 1:25768 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (file-office.rules) * 1:25779 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:25835 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (file-flash.rules) * 1:26027 <-> DISABLED <-> FILE-OTHER Adobe Director file file rcsL overflow attempt (file-other.rules) * 1:26028 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:26029 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:26066 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26067 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26068 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26069 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26103 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra ping request buffer overflow attempt (server-other.rules) * 1:26105 <-> DISABLED <-> SERVER-OTHER BigAnt IM Server buffer overflow attempt (server-other.rules) * 1:26110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:26111 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:26112 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:26113 <-> DISABLED <-> FILE-PDF Adobe Flash Player memory corruption attempt (file-pdf.rules) * 1:26176 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXDB memory corruption attempt (file-office.rules) * 1:26181 <-> DISABLED <-> BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX clsid access attempt (browser-plugins.rules) * 1:26182 <-> DISABLED <-> BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX function call access attempt (browser-plugins.rules) * 1:26183 <-> DISABLED <-> BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX clsid access attempt (browser-plugins.rules) * 1:26184 <-> DISABLED <-> BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX function call access attempt (browser-plugins.rules) * 1:26187 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid attempt (browser-plugins.rules) * 1:26209 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules) * 1:26210 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules) * 1:26258 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules) * 1:26259 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules) * 1:26295 <-> DISABLED <-> FILE-OTHER Watering Hole Campaign applet download (file-other.rules) * 1:26333 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules) * 1:26334 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules) * 1:26336 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra snmp request buffer overflow attempt (server-other.rules) * 1:26378 <-> DISABLED <-> BROWSER-PLUGINS Viscom Software Image Viewer ActiveX function call access (browser-plugins.rules) * 1:26393 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX function call access (browser-plugins.rules) * 1:26414 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server executable file upload attempt (protocol-scada.rules) * 1:26415 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server directory traversal attempt (protocol-scada.rules) * 1:26416 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules) * 1:26417 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules) * 1:26471 <-> DISABLED <-> PROTOCOL-FTP VanDyke AbsoluteFTP LIST command stack buffer overflow attempt (protocol-ftp.rules) * 1:26488 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server directory traversal attempt (protocol-scada.rules) * 1:26495 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules) * 1:26496 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules) * 1:26502 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules) * 1:26503 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules) * 1:26504 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules) * 1:26548 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (server-webapp.rules) * 1:26584 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (browser-ie.rules) * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules) * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules) * 1:26661 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:26662 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:26682 <-> DISABLED <-> BROWSER-PLUGINS Oracle JRE Deployment Toolkit ActiveX clsid access attempt (browser-plugins.rules) * 1:26699 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:26700 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:26701 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:26769 <-> DISABLED <-> SERVER-OTHER MIT Kerberos kpasswd process_chpw_request denial of service attempt (server-other.rules) * 1:26973 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules) * 1:27006 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager URI rping stack buffer overflow attempt (server-webapp.rules) * 1:27173 <-> DISABLED <-> BROWSER-PLUGINS Cisco AnyConnect mobility client activex clsid access attempt (browser-plugins.rules) * 1:27179 <-> DISABLED <-> BROWSER-PLUGINS Oracle document capture EMPOP3Lib ActiveX clsid access attempt (browser-plugins.rules) * 1:27220 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer virtual function table corruption attempt (browser-ie.rules) * 1:27221 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer virtual function table corruption attempt (browser-ie.rules) * 1:27222 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:27223 <-> DISABLED <-> BROWSER-PLUGINS Oracle document capture Actbar2.ocx ActiveX clsid access attempt (browser-plugins.rules) * 1:27576 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font maxComponentPoints overflow attempt (file-other.rules) * 1:27598 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Admin Server command injection attempt (server-webapp.rules) * 1:27656 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:27657 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:27658 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:27754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (file-flash.rules) * 1:27796 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure POST SQL injection attempt (server-webapp.rules) * 1:27797 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure SQL injection attempt (server-webapp.rules) * 1:27798 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules) * 1:27799 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules) * 1:27862 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules) * 1:27908 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules) * 1:27909 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules) * 1:27945 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules) * 1:28088 <-> DISABLED <-> POLICY-SOCIAL Pidgin MXIT emoticon integer overflow attempt (policy-social.rules) * 1:28103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (file-office.rules) * 1:28137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules) * 1:28257 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC remote memory corruption attempt (file-pdf.rules) * 1:28258 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:28259 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:28260 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC remote memory corruption attempt (file-pdf.rules) * 1:28262 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28263 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules) * 1:28266 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (file-pdf.rules) * 1:28267 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28268 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28269 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28270 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28271 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer htmlfile null attribute access attempt (browser-ie.rules) * 1:28272 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer htmlfile ActiveX object access attempt (browser-plugins.rules) * 1:28278 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (server-webapp.rules) * 1:28306 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS expression defined to empty selection attempt (browser-ie.rules) * 1:28331 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28332 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28333 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28334 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28335 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28336 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28337 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28338 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28339 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28340 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28341 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28342 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28343 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28349 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:28350 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:28351 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:28354 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28355 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28356 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28357 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28358 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28359 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28360 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28363 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:28364 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:28388 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28389 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28390 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:28391 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:28393 <-> DISABLED <-> SERVER-OTHER EMC Replication Manager irccd remote command execution attempt (server-other.rules) * 1:28426 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28427 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28448 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center BIMS bimsDownload directory traversal attempt (server-webapp.rules) * 1:28451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28453 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28461 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28462 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28492 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer freed CTreePos object use-after-free attempt (browser-ie.rules) * 1:28494 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer execCommand CTreePos memory corruption attempt (browser-ie.rules) * 1:28498 <-> ENABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules) * 1:28623 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28624 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28625 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules) * 1:28626 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D RHAdobeMeta Buffer Overflow (file-pdf.rules) * 1:28627 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28628 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules) * 1:28634 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (file-pdf.rules) * 1:28635 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28636 <-> DISABLED <-> FILE-FLASH Adobe Flash Player multimedia file DefineSceneAndFrameLabelData code execution attempt (file-flash.rules) * 1:28637 <-> DISABLED <-> FILE-FLASH Adobe Flash Player multimedia file DefineSceneAndFrameLabelData code execution attempt (file-flash.rules) * 1:28638 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28639 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28642 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28643 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28687 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28688 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28689 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28692 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28693 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28694 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28703 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:28704 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:28705 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28706 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28707 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28708 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28709 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules) * 1:28710 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28711 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28712 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28713 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28714 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28715 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28716 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compact font format memory corruption attempt (file-pdf.rules) * 1:28717 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compact font format memory corruption attempt (file-pdf.rules) * 1:28718 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28719 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28720 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28721 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28722 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules) * 1:28723 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules) * 1:28725 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (file-pdf.rules) * 1:28744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:28745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:28747 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules) * 1:28748 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules) * 1:28790 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D stream memory corruption attempt (file-pdf.rules) * 1:28794 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules) * 1:28849 <-> DISABLED <-> SERVER-WEBAPP WordPress XMLRPC potential port-scan attempt (server-webapp.rules) * 1:28867 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28868 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28869 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28870 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28871 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28872 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28880 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CElement Use After Free exploit attempt (browser-ie.rules) * 1:28902 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28903 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28904 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28905 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28906 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28907 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28908 <-> DISABLED <-> SERVER-OTHER Nagios core config manager tfpassword sql injection attempt (server-other.rules) * 1:28917 <-> DISABLED <-> PROTOCOL-SCADA Microsys Promotic directory traversal attempt (protocol-scada.rules) * 1:28956 <-> DISABLED <-> SERVER-WEBAPP Novell Zenworks configuration management umaninv information disclosure attempt (server-webapp.rules) * 1:28961 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules) * 1:28962 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules) * 1:29014 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules) * 1:29018 <-> DISABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin getReport SQL injection attempt (server-webapp.rules) * 1:29036 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CElement Use After Free exploit attempt (browser-ie.rules) * 1:29040 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules) * 1:29105 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral agentLogUploader servlet directory traversal attempt (server-webapp.rules) * 1:29118 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger Server process memory information disclosure attempt (server-webapp.rules) * 1:29168 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EUC-JP encoding cross site scripting attempt (browser-ie.rules) * 1:29169 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EUC-JP encoding cross site scripting attempt (browser-ie.rules) * 1:29192 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules) * 1:29193 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules) * 1:29214 <-> DISABLED <-> FILE-JAVA Oracle Java JPEGImageWriter memory corruption attempt (file-java.rules) * 1:29265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property use after free memory corruption attempt (browser-ie.rules) * 1:29326 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules) * 1:29327 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules) * 1:29328 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules) * 1:29502 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:29503 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products SVG text content element getCharNumAtPosition use after free attempt (browser-firefox.rules) * 1:29505 <-> DISABLED <-> PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (protocol-scada.rules) * 1:29511 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM jovgraph.exe CGI hostname parameter bugger overflow attempt (server-webapp.rules) * 1:29515 <-> DISABLED <-> PROTOCOL-SCADA ScadaTec Procyon Core server password overflow attempt (protocol-scada.rules) * 1:29522 <-> DISABLED <-> SERVER-WEBAPP Alcatel-Lucent OmniPCX Office remote code execution attempt (server-webapp.rules) * 1:29526 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:29527 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:29533 <-> DISABLED <-> BROWSER-PLUGINS Quest InTrust Annotation Objects ActiveX function call access attempt (browser-plugins.rules) * 1:29534 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server invalid memory access attempt (protocol-scada.rules) * 1:29535 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules) * 1:29537 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APIMonitorImpl information disclosure attempt (server-webapp.rules) * 1:29539 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29540 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29541 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29542 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29543 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29544 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29545 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29546 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29570 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29571 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29572 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29573 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29574 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29575 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29576 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29577 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29582 <-> DISABLED <-> SERVER-OTHER Mediawiki DjVu and PDF handling code execution attempt (server-other.rules) * 1:29583 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center information disclosure attempt (server-webapp.rules) * 1:29584 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector LogClientInstallation SQL Injection attempt (server-webapp.rules) * 1:29585 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 3 buffer overflow attempt (server-other.rules) * 1:29586 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 6 buffer overflow attempt (server-other.rules) * 1:29587 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 6 buffer overflow attempt (server-other.rules) * 1:29588 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 7 buffer overflow attempt (server-other.rules) * 1:29589 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 7 buffer overflow attempt (server-other.rules) * 1:29590 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type A buffer overflow attempt (server-other.rules) * 1:29591 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type A buffer overflow attempt (server-other.rules) * 1:29593 <-> DISABLED <-> SERVER-WEBAPP Airlive IP Camera CSRF attempt (server-webapp.rules) * 1:29595 <-> DISABLED <-> SERVER-WEBAPP Airlive IP Camera directory traversal attempt (server-webapp.rules) * 1:29603 <-> DISABLED <-> SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (server-other.rules) * 1:29604 <-> DISABLED <-> OS-OTHER CoDeSys Gateway Server Denial of Service attempt detected (os-other.rules) * 1:29617 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules) * 1:29626 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29627 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29628 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29629 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29630 <-> DISABLED <-> SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (server-other.rules) * 1:29646 <-> DISABLED <-> SERVER-WEBAPP SkyBlueCanvas CMS remote command execution attempt (server-webapp.rules) * 1:29647 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (server-apache.rules) * 1:29648 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (server-apache.rules) * 1:29649 <-> DISABLED <-> SERVER-APACHE Apache Roller allowStaticMethodAccess invocation attempt (server-apache.rules) * 1:29667 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos deleted object access attempt (browser-ie.rules) * 1:29680 <-> DISABLED <-> BROWSER-PLUGINS Microsoft XML Core Services same origin policy bypass attempt (browser-plugins.rules) * 1:29681 <-> DISABLED <-> BROWSER-PLUGINS Microsoft XML Core Services same origin policy bypass attempt (browser-plugins.rules) * 1:29709 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer fontFamily attribute deleted object access memory corruption attempt (browser-ie.rules) * 1:29715 <-> DISABLED <-> SERVER-IIS Microsoft Windows ASP .NET denial of service attempt (server-iis.rules) * 1:29741 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (browser-ie.rules) * 1:29746 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway languagetest.php language parameter directory traversal attempt (server-webapp.rules) * 1:29747 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirect (server-apache.rules) * 1:29748 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirect (server-apache.rules) * 1:29751 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (server-webapp.rules) * 1:29756 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (server-webapp.rules) * 1:29758 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Javascript negative option index attack attempt (browser-ie.rules) * 1:29796 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:29797 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:29823 <-> DISABLED <-> OS-WINDOWS Microsoft Windows secure channel malformed certificate request memory corruption attempt (os-windows.rules) * 1:29871 <-> DISABLED <-> SERVER-ORACLE Oracle Reports server remote code execution attempt (server-oracle.rules) * 1:29932 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regexp out of bounds memory leak ASLR bypass attempt (file-flash.rules) * 1:29933 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regexp out of bounds memory leak ASLR bypass attempt (file-flash.rules) * 1:29934 <-> DISABLED <-> FILE-FLASH Adobe Flash regular expression grouping depth buffer overflow attempt (file-flash.rules) * 1:29936 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - CookieInterceptor (server-apache.rules) * 1:29937 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules) * 1:29954 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server heap buffer overflow attempt (protocol-scada.rules) * 1:29959 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:29964 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime directory traversal attempt (protocol-scada.rules) * 1:29979 <-> DISABLED <-> SERVER-WEBAPP Symantec Endpoint Protection Manager Unauthenticated XML External Entity Injection attempt (server-webapp.rules) * 1:30011 <-> DISABLED <-> SERVER-WEBAPP GE Proficy CIMPLICITY CimWebServer remote code execution attempt (server-webapp.rules) * 1:30031 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino stack buffer overflow attempt (server-webapp.rules) * 1:30032 <-> DISABLED <-> SERVER-OTHER Borland VisiBroker Smart Agent heap overflow attempt (server-other.rules) * 1:30144 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer ruby text tag heap-based buffer overflow attempt (browser-ie.rules) * 1:30146 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30147 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30148 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30149 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30202 <-> DISABLED <-> SERVER-MAIL Mortal Universe POP Peeper uidl header overflow attempt (server-mail.rules) * 1:30209 <-> DISABLED <-> SERVER-WEBAPP Microsoft Forefront Unified Access Gateway null session cookie denial of service (server-webapp.rules) * 1:30236 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader field flags exploit attempt (file-pdf.rules) * 1:30244 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (file-office.rules) * 1:30245 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:30246 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:30247 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:30248 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:30280 <-> DISABLED <-> SERVER-WEBAPP FreePBX config.php remote code execution attempt (server-webapp.rules) * 1:30291 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules) * 1:30292 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules) * 1:30293 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules) * 1:30297 <-> DISABLED <-> SERVER-WEBAPP Katello update_roles method privilege escalation attempt (server-webapp.rules) * 1:30305 <-> DISABLED <-> SERVER-WEBAPP Horde Framework variables.php unserialize PHP code execution attempt (server-webapp.rules) * 1:30307 <-> DISABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (server-webapp.rules) * 1:30329 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (server-other.rules) * 1:30330 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (server-other.rules) * 1:30564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime long rnet atom size buffer overflow attempt (file-multimedia.rules) * 1:30565 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime long rnet atom size buffer overflow attempt (file-multimedia.rules) * 1:30790 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30791 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30792 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30793 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30939 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows NtUserMessageCall implementation exploitation attempt (file-executable.rules) * 1:30940 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows NtUserMessageCall implementation exploitation attempt (file-executable.rules) * 1:30941 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:30944 <-> DISABLED <-> SERVER-APACHE Apache Struts CookieInterceptor classloader access attempt (server-apache.rules) * 1:30951 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint ThemeOverride XSS Attempt (server-webapp.rules) * 1:31067 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess ChartThemeConfig SQL injection attempt (server-webapp.rules) * 1:31143 <-> DISABLED <-> SERVER-WEBAPP CA ERwin Web Portal ConfigServiceProvider directory traversal attempt (server-webapp.rules) * 1:31157 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31158 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31159 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31160 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31162 <-> DISABLED <-> SERVER-OTHER Beetel 450TC2 CSRF attempt (server-other.rules) * 1:31180 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS handshake recursion denial of service attempt (server-other.rules) * 1:31206 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 CTreePos child element use-after-free attempt (browser-ie.rules) * 1:31208 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CDispNode use after free attempt (browser-ie.rules) * 1:31209 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CDispNode use after free attempt (browser-ie.rules) * 1:31217 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Server meeting URL XSS attempt (os-windows.rules) * 1:31238 <-> DISABLED <-> SERVER-OTHER Symantec pcAnywhere remote code execution attempt (server-other.rules) * 1:31245 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules) * 1:31246 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules) * 1:31281 <-> DISABLED <-> FILE-FLASH Adobe Flash Player redirect attempt (file-flash.rules) * 1:31282 <-> DISABLED <-> FILE-FLASH Adobe Flash Player redirect attempt (file-flash.rules) * 1:31283 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31291 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader DynamicAnnotStore exploit attempt (file-pdf.rules) * 1:31292 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader DynamicAnnotStore exploit attempt (file-pdf.rules) * 1:31296 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules) * 1:31297 <-> DISABLED <-> SERVER-WEBAPP VMWare vSphere API SOAP request RetrieveProperties remote denial of service attempt (server-webapp.rules) * 1:31301 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules) * 1:31325 <-> DISABLED <-> FILE-OTHER Apple OSX Finder DMG volume name memory corruption attempt (file-other.rules) * 1:31373 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules) * 1:31375 <-> DISABLED <-> SERVER-WEBAPP Hp OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:31378 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules) * 1:31379 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules) * 1:31388 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer improper object cast memory corruption attempt (browser-ie.rules) * 1:31392 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31393 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31394 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31395 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31396 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31397 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31411 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31412 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31413 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31415 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31420 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:31421 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:31427 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules) * 1:31428 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:31438 <-> DISABLED <-> PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (protocol-scada.rules) * 1:31460 <-> DISABLED <-> SERVER-WEBAPP PHP DNS parsing heap overflow attempt (server-webapp.rules) * 1:31461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules) * 1:31462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules) * 1:31473 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31474 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31475 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31476 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31477 <-> DISABLED <-> SERVER-OTHER OpenSSL SSL ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31478 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.0 ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31479 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31480 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31495 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31496 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31497 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (server-webapp.rules) * 1:31498 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2975.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:37027 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Alina variant outbound connection (malware-cnc.rules) * 1:37018 <-> DISABLED <-> SERVER-WEBAPP wordpress kses bypass cross site scripting attempt (server-webapp.rules) * 1:37024 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sofacy outbound connection (malware-cnc.rules) * 1:37017 <-> DISABLED <-> SERVER-OTHER Redis SSH authorized keys file overwrite attempt (server-other.rules) * 1:37030 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37034 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37036 <-> ENABLED <-> MALWARE-CNC Win.Trojan.ModPOS outbound communication attempt (malware-cnc.rules) * 1:37019 <-> DISABLED <-> SERVER-WEBAPP wordpress kses bypass cross site scripting attempt (server-webapp.rules) * 1:37035 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37032 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37015 <-> DISABLED <-> PROTOCOL-DNS DNS DNAME query detected - possible attack attempt (protocol-dns.rules) * 1:37029 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37022 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:37031 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37023 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:37026 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 ciphersuite use attempt (policy-other.rules) * 1:37020 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gh0st variant outbound connection (malware-cnc.rules) * 1:37033 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37014 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit landing page detected (exploit-kit.rules) * 1:37021 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:37025 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 ciphersuite use attempt (policy-other.rules) * 1:37016 <-> ENABLED <-> EXPLOIT-KIT DoloMalo exploit kit packer detected (exploit-kit.rules)
* 1:35614 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:35615 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:35616 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:35617 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:35628 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime tkhd atom matrix integer overflow attempt (file-multimedia.rules) * 1:35629 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime tkhd atom matrix integer overflow attempt (file-multimedia.rules) * 1:35638 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (file-flash.rules) * 1:35639 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (file-flash.rules) * 1:35640 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object after free attempt (file-flash.rules) * 1:35641 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (file-flash.rules) * 1:35687 <-> DISABLED <-> SERVER-WEBAPP Semantec Endpoint Protection Manager server elevated privilege code execution attempt (server-webapp.rules) * 1:35707 <-> DISABLED <-> SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (server-webapp.rules) * 1:35708 <-> DISABLED <-> SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (server-webapp.rules) * 1:35709 <-> DISABLED <-> SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (server-webapp.rules) * 1:35731 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV invalid character argument injection attempt (os-windows.rules) * 1:35739 <-> DISABLED <-> FILE-PDF Adobe Reader GoToE javascript execution attempt (file-pdf.rules) * 1:35740 <-> DISABLED <-> FILE-PDF Adobe Reader GoToE javascript execution attempt (file-pdf.rules) * 1:35747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:35748 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:35771 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:35772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:35779 <-> DISABLED <-> FILE-PDF Adobe Reader out of bounds memory read attempt (file-pdf.rules) * 1:35780 <-> DISABLED <-> FILE-PDF Adobe Reader out of bounds memory read attempt (file-pdf.rules) * 1:35784 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm null pointer dereference attempt (file-pdf.rules) * 1:35785 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm null pointer dereference attempt (file-pdf.rules) * 1:35805 <-> DISABLED <-> FILE-EXECUTABLE Adobe Reader NtSetInformationFile privilege escalation attempt (file-executable.rules) * 1:35806 <-> DISABLED <-> FILE-EXECUTABLE Adobe Reader NtSetInformationFile privilege escalation attempt (file-executable.rules) * 1:35807 <-> DISABLED <-> FILE-PDF Adobe Reader validation bypass privilege escalation attempt (file-pdf.rules) * 1:35808 <-> DISABLED <-> FILE-PDF Adobe Reader validation bypass privilege escalation attempt (file-pdf.rules) * 1:35817 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server RenameFile method directory traversal attempt (server-webapp.rules) * 1:35818 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server RenameFile method directory traversal attempt (server-webapp.rules) * 1:35843 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server MoveFile method directory traversal attempt (server-webapp.rules) * 1:35844 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server MoveFile method directory traversal attempt (server-webapp.rules) * 1:35847 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca server directory traversal attempt (server-webapp.rules) * 1:35859 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime traf atom out of bounds read attempt (file-multimedia.rules) * 1:35860 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime traf atom out of bounds read attempt (file-multimedia.rules) * 1:35967 <-> DISABLED <-> BROWSER-IE Microsoft Windows Edge sandbox CreateFileW arbitrary file delete attempt (browser-ie.rules) * 1:35968 <-> DISABLED <-> BROWSER-IE Microsoft Windows Edge sandbox CreateFileW arbitrary file delete attempt (browser-ie.rules) * 1:35977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CreateObjectTask privilege escalation attempt (os-windows.rules) * 1:35978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CreateObjectTask privilege escalation attempt (os-windows.rules) * 1:35986 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserSetWindowsHook memory disclosure attempt (os-windows.rules) * 1:35987 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserSetWindowsHook memory disclosure attempt (os-windows.rules) * 1:35988 <-> DISABLED <-> FILE-EXECUTABLE NtGdiStretchBlt buffer overflow privilege escalation attempt (file-executable.rules) * 1:35989 <-> DISABLED <-> FILE-EXECUTABLE NtGdiStretchBlt buffer overflow privilege escalation attempt (file-executable.rules) * 1:35994 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop window privilege escalation attempt (os-windows.rules) * 1:35995 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop window privilege escalation attempt (os-windows.rules) * 1:35998 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer msGetRegionContent memory corruption attempt (browser-ie.rules) * 1:35999 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer msGetRegionContent memory corruption attempt (browser-ie.rules) * 1:36010 <-> DISABLED <-> OS-WINDOWS Microsoft Windows task scheduler race condition attempt (os-windows.rules) * 1:36011 <-> DISABLED <-> OS-WINDOWS Microsoft Windows task scheduler race condition attempt (os-windows.rules) * 1:36012 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kernel SettingsSyncDiagnostics privilege escalation attempt (os-windows.rules) * 1:36013 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kernel SettingsSyncDiagnostics privilege escalation attempt (os-windows.rules) * 1:36016 <-> DISABLED <-> OS-WINDOWS Microsoft Windows use after free kernel privilege escalation attempt (os-windows.rules) * 1:36017 <-> DISABLED <-> OS-WINDOWS Microsoft Windows use after free kernel privilege escalation attempt (os-windows.rules) * 1:36020 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM SetValue sandbox bypass attempt (browser-ie.rules) * 1:36021 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM SetValue sandbox bypass attempt (browser-ie.rules) * 1:36028 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Win32k.sys use after free attempt (os-windows.rules) * 1:36029 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Win32k.sys use after free attempt (os-windows.rules) * 1:36057 <-> DISABLED <-> SERVER-WEBAPP Apache ActiveMQ directory traversal attempt (server-webapp.rules) * 1:36067 <-> DISABLED <-> SERVER-OTHER ElasticSearch script remote code execution attempt (server-other.rules) * 1:36277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:36278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:36279 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:36280 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:36331 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Alina variant outbound connection (malware-cnc.rules) * 1:36403 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SepReferenceLowBoxObjects privilege escalation attempt (os-windows.rules) * 1:36404 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SepReferenceLowBoxObjects privilege escalation attempt (os-windows.rules) * 1:36405 <-> DISABLED <-> OS-WINDOWS Microsoft Windows sandbox policy bypass attempt (os-windows.rules) * 1:36406 <-> DISABLED <-> OS-WINDOWS Microsoft Windows sandbox policy bypass attempt (os-windows.rules) * 1:36407 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:36408 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:36409 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:36410 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:36411 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:36412 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:36413 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:36414 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:36415 <-> DISABLED <-> OS-WINDOWS Microsoft Windows kernel ALPC synchronous requests memory corruption attempt (os-windows.rules) * 1:36416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows kernel ALPC synchronous requests memory corruption attempt (os-windows.rules) * 1:36431 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:36432 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:36445 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (os-windows.rules) * 1:36446 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (os-windows.rules) * 1:36447 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSharedStyle object out-of-bounds read attempt (browser-ie.rules) * 1:36448 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSharedStyle object out-of-bounds read attempt (browser-ie.rules) * 1:36452 <-> DISABLED <-> BROWSER-IE Microsoft Edge cross site scripting filter bypass attempt (browser-ie.rules) * 1:36458 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:36459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:36463 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack Server opcode 1332 buffer overflow attempt (server-other.rules) * 1:36476 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:36477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:36478 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:36479 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:36559 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:36560 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:36562 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:36563 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:36606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36607 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36608 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36615 <-> DISABLED <-> SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (server-webapp.rules) * 1:36616 <-> DISABLED <-> SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (server-webapp.rules) * 1:36617 <-> DISABLED <-> SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (server-webapp.rules) * 1:36693 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer style object stylesheet use after free attempt (browser-ie.rules) * 1:36694 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer style object stylesheet use after free attempt (browser-ie.rules) * 1:4155 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer htmlfile ActiveX object access attempt (browser-plugins.rules) * 1:7002 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel url unicode overflow attempt (file-office.rules) * 1:32894 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX clsid access attempt (browser-plugins.rules) * 1:32886 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules) * 1:32885 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules) * 1:32872 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff exploit attempt (file-office.rules) * 1:32844 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:32843 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:32842 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:32841 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (browser-plugins.rules) * 1:32840 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:32839 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ANTrustPropgateAll privilege propagation attempt (file-pdf.rules) * 1:32838 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ANTrustPropgateAll privilege propagation attempt (file-pdf.rules) * 1:32822 <-> DISABLED <-> FILE-PDF Cross Domain potentially malicious redirection attempt (file-pdf.rules) * 1:32821 <-> DISABLED <-> FILE-PDF Cross Domain potentially malicious redirection attempt (file-pdf.rules) * 1:32812 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32811 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32807 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32806 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:35562 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (file-multimedia.rules) * 1:35561 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (file-multimedia.rules) * 1:35560 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules) * 1:35514 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtGdiGetTextMetricsW TEXTMETRICW kernel mode ASLR bypass attempt (os-windows.rules) * 1:35513 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtGdiGetTextMetricsW TEXTMETRICW kernel mode ASLR bypass attempt (os-windows.rules) * 1:35488 <-> DISABLED <-> OS-WINDOWS Windows Notepad remote printer file access attempt (os-windows.rules) * 1:35487 <-> DISABLED <-> OS-WINDOWS Windows Notepad remote printer file access attempt (os-windows.rules) * 1:35447 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:35446 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:35445 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:35444 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:35443 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:35442 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:35441 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:35440 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:35422 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:35421 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:35420 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:35419 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:35379 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:35378 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:35377 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:35376 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:35354 <-> DISABLED <-> SERVER-WEBAPP Cacti graphs local_graph_id SQL injection attempt (server-webapp.rules) * 1:35311 <-> DISABLED <-> SERVER-WEBAPP Centreon getStats.php command injection attempt (server-webapp.rules) * 1:35310 <-> DISABLED <-> SERVER-WEBAPP Centreon getStats.php command injection attempt (server-webapp.rules) * 1:35285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:35284 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:35283 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:35282 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:35189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:35188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:35187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:35186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:35175 <-> DISABLED <-> OS-WINDOWS DCOM DCE/RPC NTLM reflection elevation of privilege attempt (os-windows.rules) * 1:35174 <-> DISABLED <-> OS-WINDOWS DCOM DCE/RPC NTLM reflection elevation of privilege attempt (os-windows.rules) * 1:35167 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF object remote code execution attempt (file-office.rules) * 1:35166 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF object remote code execution attempt (file-office.rules) * 1:35163 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:35162 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:35161 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:35160 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:35150 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop reference use after free attempt (os-windows.rules) * 1:35149 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop reference use after free attempt (os-windows.rules) * 1:35136 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DeferWindowPos access after release code injection attempt (os-windows.rules) * 1:35135 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DeferWindowPos access after release code injection attempt (os-windows.rules) * 1:35134 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox read permission bypass attempt (browser-ie.rules) * 1:35133 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox read permission bypass attempt (browser-ie.rules) * 1:35132 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserDisableProcessWindowFiltering information disclosure attempt (os-windows.rules) * 1:35131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserDisableProcessWindowFiltering information disclosure attempt (os-windows.rules) * 1:35130 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid table information disclosure attempt (file-office.rules) * 1:35129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid table information disclosure attempt (file-office.rules) * 1:35128 <-> DISABLED <-> BROWSER-IE Microsoft Windows Internet Explorer local file information disclosure attempt (browser-ie.rules) * 1:35127 <-> DISABLED <-> BROWSER-IE Microsoft Windows Internet Explorer local file information disclosure attempt (browser-ie.rules) * 1:35117 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer svg elements use after free attempt (browser-ie.rules) * 1:35116 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer svg elements use after free attempt (browser-ie.rules) * 1:35108 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:35107 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:35106 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:35105 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:35038 <-> DISABLED <-> SERVER-OTHER Trustwave ModSecurity chunked transfer encoding policy bypass attempt (server-other.rules) * 1:35023 <-> DISABLED <-> FILE-MULTIMEDIA Apple Quicktime corrupt stbl atom out of bounds read attempt (file-multimedia.rules) * 1:35022 <-> DISABLED <-> FILE-MULTIMEDIA Apple Quicktime corrupt stbl atom out of bounds read attempt (file-multimedia.rules) * 1:34987 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:34986 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:34985 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:34984 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:34981 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (server-webapp.rules) * 1:34980 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (server-webapp.rules) * 1:34979 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (server-webapp.rules) * 1:34962 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (server-webapp.rules) * 1:34961 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (server-webapp.rules) * 1:34960 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (server-webapp.rules) * 1:34889 <-> DISABLED <-> SERVER-OTHER OpenSSL denial-of-service via crafted x.509 certificate attempt (server-other.rules) * 1:34861 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:34860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:34859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:34858 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:34839 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:34838 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:34837 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:34836 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:34815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:34814 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:34813 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:34812 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:34793 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:34792 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:34789 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 CreateWindowEx privilege escalation attempt (os-windows.rules) * 1:34788 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 CreateWindowEx privilege escalation attempt (os-windows.rules) * 1:34787 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context memory corruption attempt (file-other.rules) * 1:34786 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context memory corruption attempt (file-other.rules) * 1:34785 <-> DISABLED <-> OS-WINDOWS Microsoft Windows window placement invalid memory write attempt (os-windows.rules) * 1:34784 <-> DISABLED <-> OS-WINDOWS Microsoft Windows window placement invalid memory write attempt (os-windows.rules) * 1:34783 <-> DISABLED <-> OS-WINDOWS Microsoft Windows BrushAttributes use-after-free attempt (os-windows.rules) * 1:34782 <-> DISABLED <-> OS-WINDOWS Microsoft Windows BrushAttributes use-after-free attempt (os-windows.rules) * 1:34781 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context visible region memory corruption attempt (file-other.rules) * 1:34780 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context visible region memory corruption attempt (file-other.rules) * 1:34777 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserMessageCall information disclosure attempt (os-windows.rules) * 1:34776 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserMessageCall information disclosure attempt (os-windows.rules) * 1:34775 <-> DISABLED <-> OS-WINDOWS Microsoft Windows multiple linked fonts memory corruption attempt (os-windows.rules) * 1:34774 <-> DISABLED <-> OS-WINDOWS Microsoft Windows multiple linked fonts memory corruption attempt (os-windows.rules) * 1:34773 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MOTW.dll sandbox escape attempt (browser-ie.rules) * 1:34772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MOTW.dll sandbox escape attempt (browser-ie.rules) * 1:34771 <-> DISABLED <-> OS-WINDOWS Microsoft Windows bitmap menu item use after free attempt (os-windows.rules) * 1:34770 <-> DISABLED <-> OS-WINDOWS Microsoft Windows bitmap menu item use after free attempt (os-windows.rules) * 1:34769 <-> DISABLED <-> SERVER-IIS Microsoft Active Directory Federation Services wct parameter cross site scripting attempt (server-iis.rules) * 1:34752 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ieframe.dll privilege escalation attempt (browser-ie.rules) * 1:34751 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ieframe.dll privilege escalation attempt (browser-ie.rules) * 1:34644 <-> DISABLED <-> BROWSER-PLUGINS Schneider Electric Pelco Rvctl.RVControl.1 ActiveX clsid access attempt ActiveX function call (browser-plugins.rules) * 1:34643 <-> DISABLED <-> BROWSER-PLUGINS Schneider Electric Pelco Rvctl.RVControl.1 ActiveX clsid access attempt ActiveX clsid access (browser-plugins.rules) * 1:34603 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34587 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34585 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34580 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:34579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:34578 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:34577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:34576 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34566 <-> DISABLED <-> FILE-OTHER Microsoft Windows Font Library file buffer overflow attempt (file-other.rules) * 1:34537 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules) * 1:34536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules) * 1:34535 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PRC invalid index attempt (file-pdf.rules) * 1:34534 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PRC invalid index attempt (file-pdf.rules) * 1:34533 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader customDictionaryExport information disclosure attempt (file-pdf.rules) * 1:34532 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader customDictionaryExport information disclosure attempt (file-pdf.rules) * 1:34529 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader AVDoc use-after-free attempt (file-pdf.rules) * 1:34528 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader AVDoc use-after-free attempt (file-pdf.rules) * 1:34495 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:34494 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:34493 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:34492 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:34488 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34487 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34486 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34485 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34484 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34483 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34482 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34481 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34480 <-> DISABLED <-> FILE-EXECUTABLE Adobe Flash Player Internet Explorer broker process directory traversal attempt (file-executable.rules) * 1:34479 <-> DISABLED <-> FILE-EXECUTABLE Adobe Flash Player Internet Explorer broker process directory traversal attempt (file-executable.rules) * 1:34472 <-> DISABLED <-> SERVER-WEBAPP Symantec Critical System Protection SQL injection attempt (server-webapp.rules) * 1:34443 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NTUserGetTitleBarInfo information disclosure attempt (os-windows.rules) * 1:34442 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NTUserGetTitleBarInfo information disclosure attempt (os-windows.rules) * 1:34439 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Explorer .msc file stack overflow attempt (os-windows.rules) * 1:34438 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Explorer .msc file stack overflow attempt (os-windows.rules) * 1:34435 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET XML recursive call denial of service attempt (os-windows.rules) * 1:34434 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET XML recursive call denial of service attempt (os-windows.rules) * 1:34427 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:34426 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:34414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetScrollBarInfo information disclosure attempt (os-windows.rules) * 1:34413 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetScrollBarInfo information disclosure attempt (os-windows.rules) * 1:34408 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox bypass attempt (browser-ie.rules) * 1:34407 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox bypass attempt (browser-ie.rules) * 1:34394 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:34393 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:34392 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer TextData out of bounds read attempt (browser-ie.rules) * 1:34391 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer TextData out of bounds read attempt (browser-ie.rules) * 1:34380 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox privilege escalation attempt (browser-ie.rules) * 1:34379 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox privilege escalation attempt (browser-ie.rules) * 1:34378 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetComboBoxInfo information disclosure attempt (os-windows.rules) * 1:34377 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetComboBoxInfo information disclosure attempt (os-windows.rules) * 1:34365 <-> DISABLED <-> SERVER-WEBAPP Magento remote code execution attempt (server-webapp.rules) * 1:34353 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34352 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34351 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34350 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34349 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34306 <-> DISABLED <-> SERVER-WEBAPP Subversion HTTP excessive REPORT requests denial of service attempt (server-webapp.rules) * 1:34235 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:34234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:34233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:34232 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:34150 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:34149 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:34148 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:34147 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:34142 <-> DISABLED <-> SERVER-OTHER Oracle CorelDRAW file parser heap buffer overflow attempt (server-other.rules) * 1:34141 <-> DISABLED <-> SERVER-OTHER Oracle CorelDRAW file parser heap buffer overflow attempt (server-other.rules) * 1:34124 <-> DISABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:34123 <-> DISABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:34110 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:34109 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:34099 <-> DISABLED <-> SERVER-OTHER Microsoft SharePoint projectdetails.aspx ret parameter XSS attempt (server-other.rules) * 1:34098 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML3 external entity injection attempt (browser-ie.rules) * 1:34097 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML3 external entity injection attempt (browser-ie.rules) * 1:34096 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtCreateTransactionManager type confusion attempt (os-windows.rules) * 1:34095 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtCreateTransactionManager type confusion attempt (os-windows.rules) * 1:34088 <-> DISABLED <-> SERVER-IIS Web.config information disclosure attempt (server-iis.rules) * 1:34081 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:34080 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:34079 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:34078 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:34069 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 invalid array element read attempt (browser-ie.rules) * 1:34068 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 invalid array element read attempt (browser-ie.rules) * 1:33974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed file cross domain policy bypass attempt (file-flash.rules) * 1:33973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed file cross domain policy bypass attempt (file-flash.rules) * 1:33972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross domain policy bypass attempt (file-flash.rules) * 1:33971 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross domain policy bypass attempt (file-flash.rules) * 1:33904 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:33903 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:33898 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript iframe injection attempt (browser-ie.rules) * 1:33897 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript iframe injection attempt (browser-ie.rules) * 1:33830 <-> DISABLED <-> SERVER-OTHER ElasticSearch script remote code execution attempt (server-other.rules) * 1:33824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:33814 <-> DISABLED <-> SERVER-OTHER ElasticSearch script remote code execution attempt (server-other.rules) * 1:33811 <-> DISABLED <-> SERVER-MAIL Microsoft Exchange UM Management user stored XSS attempt (server-mail.rules) * 1:33810 <-> DISABLED <-> SERVER-OTHER Microsoft Exchange Server custom DLP policy name cross-site scripting attempt (server-other.rules) * 1:33809 <-> DISABLED <-> SERVER-OTHER Microsoft Sharepoint user display name XSS attempt (server-other.rules) * 1:33808 <-> DISABLED <-> SERVER-OTHER Microsoft Sharepoint Server Newsfeed XSS attempt (server-other.rules) * 1:33807 <-> DISABLED <-> SERVER-MAIL Microsoft Exchange OWA X-OWA-CANARY command injection attempt (server-mail.rules) * 1:33806 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33805 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33804 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33803 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33802 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33801 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33800 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33799 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33798 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33797 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33796 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33795 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33794 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33793 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33792 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33791 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33790 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33789 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33788 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33787 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33786 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33785 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33784 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33783 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33782 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33781 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33780 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33779 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33778 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33777 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33774 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CmpGetVirtualizationID race condition user impersonation attempt (os-windows.rules) * 1:33773 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CmpGetVirtualizationID race condition user impersonation attempt (os-windows.rules) * 1:33772 <-> DISABLED <-> FILE-OTHER Microsoft Windows jxr information disclosure attempt (file-other.rules) * 1:33771 <-> DISABLED <-> FILE-OTHER Microsoft Windows jxr information disclosure attempt (file-other.rules) * 1:33770 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserfnINSTRINGNULL memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:33769 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserfnINSTRINGNULL memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:33768 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserFnINOUTNCCALCSIZE kernel memory leak attempt (os-windows.rules) * 1:33767 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserFnINOUTNCCALCSIZE kernel memory leak attempt (os-windows.rules) * 1:33766 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetClipboardAccessToken privilege escalation attempt (os-windows.rules) * 1:33765 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetClipboardAccessToken privilege escalation attempt (os-windows.rules) * 1:33762 <-> DISABLED <-> SERVER-WEBAPP Microsoft Outlook WebAccess msgParam cross site scripting attempt (server-webapp.rules) * 1:33761 <-> DISABLED <-> FILE-IMAGE Microsoft Internet Explorer PNG tRNS chuck size 1 information disclosure attempt (file-image.rules) * 1:33760 <-> DISABLED <-> FILE-IMAGE Microsoft Internet Explorer PNG tRNS chuck size 1 information disclosure attempt (file-image.rules) * 1:33733 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font atlmfd.dll uninitialized memory read attempt (file-other.rules) * 1:33732 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font atlmfd.dll uninitialized memory read attempt (file-other.rules) * 1:33729 <-> DISABLED <-> OS-WINDOWS ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt (os-windows.rules) * 1:33728 <-> DISABLED <-> OS-WINDOWS ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt (os-windows.rules) * 1:33721 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 sandbox bypass attempt (browser-ie.rules) * 1:33720 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 sandbox bypass attempt (browser-ie.rules) * 1:33684 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:33717 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Task Scheduler access control bypass attempt (os-windows.rules) * 1:33683 <-> DISABLED <-> SERVER-OTHER PHP unserialize use after free attempt (server-other.rules) * 1:33682 <-> DISABLED <-> SERVER-OTHER PHP unserialize use after free attempt (server-other.rules) * 1:33676 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway restore.php command injection attempt (server-webapp.rules) * 1:33659 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules) * 1:33658 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules) * 1:33657 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules) * 1:33653 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules) * 1:33652 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules) * 1:33651 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules) * 1:33615 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules) * 1:33578 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33577 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33442 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules) * 1:33441 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules) * 1:33437 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font integer overflow attempt (file-other.rules) * 1:33436 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font integer overflow attempt (file-other.rules) * 1:33424 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CHeaderElement object use after free attempt (browser-ie.rules) * 1:33423 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CHeaderElement object use after free attempt (browser-ie.rules) * 1:33414 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer unitialized memory access attempt (browser-ie.rules) * 1:33413 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer unitialized memory access attempt (browser-ie.rules) * 1:33364 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:33363 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:33355 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys use-after-free attempt (os-windows.rules) * 1:33352 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 error handler XSS exploit attempt (browser-ie.rules) * 1:33344 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 x64 linked cursor double free attempt (os-windows.rules) * 1:33343 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 x64 linked cursor double free attempt (os-windows.rules) * 1:33322 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:33321 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:33320 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:33319 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:33308 <-> DISABLED <-> FILE-OTHER Microsoft Visio packed object parsing memory corruption attempt (file-other.rules) * 1:33307 <-> DISABLED <-> FILE-OTHER Microsoft Visio packed object parsing memory corruption attempt (file-other.rules) * 1:33288 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer same origin policy bypass attempt (browser-ie.rules) * 1:33287 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer same origin policy bypass attempt (browser-ie.rules) * 1:33214 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader newfunction memory corruption attempt (file-pdf.rules) * 1:33213 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader newfunction memory corruption attempt (file-pdf.rules) * 1:33206 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC 2.1.5 Media Player libavcodex memory corruption attempt (file-multimedia.rules) * 1:33205 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC 2.1.5 Media Player libavcodex memory corruption attempt (file-multimedia.rules) * 1:33197 <-> DISABLED <-> SERVER-OTHER BMC Track-It FileStorageService directory traversal attempt (server-other.rules) * 1:33181 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:33180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:33179 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:33178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:33163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:33162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:33160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVM2 opcode type confusion denial of service attempt (file-flash.rules) * 1:33159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVM2 opcode type confusion denial of service attempt (file-flash.rules) * 1:33156 <-> DISABLED <-> OS-WINDOWS CryptProtectMemory Impersonation Check Bypass attempt (os-windows.rules) * 1:33155 <-> DISABLED <-> OS-WINDOWS CryptProtectMemory Impersonation Check Bypass attempt (os-windows.rules) * 1:33049 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebdavRedirector privilege escalation attempt (os-windows.rules) * 1:33048 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebdavRedirector privilege escalation attempt (os-windows.rules) * 1:33012 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules) * 1:33011 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules) * 1:33009 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules) * 1:33008 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:33007 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:33006 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:33005 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:32970 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules) * 1:32969 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules) * 1:32968 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules) * 1:32966 <-> DISABLED <-> OS-WINDOWS Microsoft Windows identity token authorization bypass attempt (os-windows.rules) * 1:32965 <-> DISABLED <-> OS-WINDOWS Microsoft Windows identity token authorization bypass attempt (os-windows.rules) * 1:32961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:32960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:32943 <-> DISABLED <-> FILE-OTHER Microsoft SYmbolic LinK stack overflow attempt (file-other.rules) * 1:32942 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:32941 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:32940 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed Label record exploit attempt (file-office.rules) * 1:32902 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules) * 1:32901 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules) * 1:32897 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX function call access attempt (browser-plugins.rules) * 1:32896 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX clsid access attempt (browser-plugins.rules) * 1:32895 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX function call access attempt (browser-plugins.rules) * 1:32805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32800 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:32799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:32798 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:32797 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:32790 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:32789 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:32788 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:32787 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:32778 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CheaderElement use after free attempt (browser-ie.rules) * 1:32777 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CheaderElement use after free attempt (browser-ie.rules) * 1:32773 <-> DISABLED <-> SERVER-WEBAPP Symantec messaging gateway management console cross-site scripting attempt (server-webapp.rules) * 1:32746 <-> DISABLED <-> SERVER-WEBAPP Wordpress OptimizePress plugin theme upload attempt (server-webapp.rules) * 1:32745 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer information disclosure attempt (server-webapp.rules) * 1:32744 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer DisplayChartPDF directory traversal attempt (server-webapp.rules) * 1:32730 <-> DISABLED <-> FILE-OTHER Microsoft Windows XP .theme file remote code execution attempt (file-other.rules) * 1:32720 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer element type confusion use after free attempt (browser-ie.rules) * 1:32702 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32701 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32700 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32699 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32698 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32697 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32694 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS out-of-bounds buffer access attempt (browser-ie.rules) * 1:32693 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS out-of-bounds buffer access attempt (browser-ie.rules) * 1:32682 <-> DISABLED <-> SERVER-WEBAPP Microsoft Outlook Web Access parameter cross site scripting attempt (server-webapp.rules) * 1:32681 <-> DISABLED <-> SERVER-WEBAPP Microsoft Outlook Web Access parameter cross site scripting attempt (server-webapp.rules) * 1:32637 <-> DISABLED <-> PROTOCOL-TFTP UDP UFO large packet denial of service attempt (protocol-tftp.rules) * 1:32635 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX function call access (browser-plugins.rules) * 1:32634 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX clsid access (browser-plugins.rules) * 1:32633 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX function call access (browser-plugins.rules) * 1:32632 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX clsid access (browser-plugins.rules) * 1:32627 <-> DISABLED <-> BROWSER-PLUGINS Adobe Flash broker privilege escalation file creation attempt (browser-plugins.rules) * 1:32626 <-> DISABLED <-> BROWSER-PLUGINS Adobe Flash broker privilege escalation file creation attempt (browser-plugins.rules) * 1:32589 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules) * 1:32588 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules) * 1:32587 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Series record exploit attempt (file-office.rules) * 1:32582 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules) * 1:32581 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules) * 1:32532 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules) * 1:32519 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer registry symbolic link attack attempt (file-other.rules) * 1:32518 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer registry symbolic link attack attempt (file-other.rules) * 1:32517 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:32516 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:32515 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:32514 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:32500 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer EPM sandbox escape attempt (file-other.rules) * 1:32499 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer EPM sandbox escape attempt (file-other.rules) * 1:32492 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer information disclosure attempt (browser-ie.rules) * 1:32491 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer information disclosure attempt (browser-ie.rules) * 1:32490 <-> DISABLED <-> OS-WINDOWS Microsoft Windows tcpip.sys null pointer dereference attempt (os-windows.rules) * 1:32489 <-> DISABLED <-> OS-WINDOWS Microsoft Windows tcpip.sys null pointer dereference attempt (os-windows.rules) * 1:32485 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer immutable application settings sandbox escape attempt (browser-ie.rules) * 1:32484 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer immutable application settings sandbox escape attempt (browser-ie.rules) * 1:32483 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer pasteHTML use after free attempt (browser-ie.rules) * 1:32482 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer pasteHTML use after free attempt (browser-ie.rules) * 1:32460 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPtsTextParaclient out of bounds error remote code execution attempt (browser-ie.rules) * 1:32459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer clipboardData unauthorized JavaScript read and write attempt (browser-ie.rules) * 1:32458 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer clipboardData unauthorized JavaScript read and write attempt (browser-ie.rules) * 1:32437 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer document.URL override information disclosure attempt (browser-ie.rules) * 1:32436 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer document.URL override information disclosure attempt (browser-ie.rules) * 1:32430 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CHeaderElement object use-after-free remote code execution attempt (browser-ie.rules) * 1:32382 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules) * 1:32381 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules) * 1:32377 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules) * 1:32358 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JpxDecode invalid crgn memory corruption attempt (file-pdf.rules) * 1:32351 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules) * 1:32350 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules) * 1:32349 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:32348 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:32347 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:32346 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules) * 1:32320 <-> DISABLED <-> BROWSER-CHROME Google Chrome Blink locationAttributeSetter use after free attempt (browser-chrome.rules) * 1:32319 <-> DISABLED <-> BROWSER-CHROME Google Chrome Blink locationAttributeSetter use after free attempt (browser-chrome.rules) * 1:32277 <-> DISABLED <-> SERVER-OTHER Novell ZENworks PreBoot directory traversal attempt (server-other.rules) * 1:32276 <-> DISABLED <-> SERVER-WEBAPP WordPress Infusionsoft Gravity Forms Plugin arbitrary code execution attempt (server-webapp.rules) * 1:32267 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 out of bounds array access attempt (browser-ie.rules) * 1:32266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 out of bounds array access attempt (browser-ie.rules) * 1:32265 <-> DISABLED <-> BROWSER-IE ActiveX installer broker object sandbox escape attempt (browser-ie.rules) * 1:32264 <-> DISABLED <-> BROWSER-IE ActiveX installer broker object sandbox escape attempt (browser-ie.rules) * 1:32263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Active X installer broker privilege elevation attempt (browser-ie.rules) * 1:32262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Active X installer broker privilege elevation attempt (browser-ie.rules) * 1:32199 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 directory traversal attempt (server-other.rules) * 1:32184 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CFunctionPointer use after free exploit attempt (browser-ie.rules) * 1:32157 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 CMarkup GetMarkupTitle use-after-free attempt (browser-ie.rules) * 1:32146 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32145 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32144 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32143 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32142 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32141 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32105 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX function call access (browser-plugins.rules) * 1:32104 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX function call access (browser-plugins.rules) * 1:32103 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX clsid access (browser-plugins.rules) * 1:32102 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX clsid access (browser-plugins.rules) * 1:32076 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules) * 1:32063 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:32064 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:32062 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:32057 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules) * 1:32056 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:31956 <-> DISABLED <-> SERVER-WEBAPP Rejetto HttpFileServer command injection attempt (server-webapp.rules) * 1:32044 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules) * 1:31945 <-> DISABLED <-> SERVER-WEBAPP PhpWiki Ploticus plugin command injection attempt (server-webapp.rules) * 1:31943 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope EmailServlet directory traversal attempt (server-webapp.rules) * 1:31942 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Admin Service FileUploadServlet directory traversal attempt (server-webapp.rules) * 1:31845 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules) * 1:31860 <-> DISABLED <-> SERVER-OTHER Apple CUPS web interface cross site scripting attempt (server-other.rules) * 1:31844 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules) * 1:31749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player marshallException through JavaScript XSS attempt (file-flash.rules) * 1:31843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules) * 1:31838 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules) * 1:31818 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral statusUpdate servlet directory traversal attempt (server-webapp.rules) * 1:31809 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer integer overflow exploit attempt (browser-ie.rules) * 1:31799 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTableCell Use After Free exploit attempt (browser-ie.rules) * 1:31750 <-> DISABLED <-> FILE-FLASH Adobe Flash Player marshallException through JavaScript XSS attempt (file-flash.rules) * 1:31504 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:31572 <-> DISABLED <-> FILE-IMAGE GIMP XWD GreenMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31747 <-> DISABLED <-> SERVER-WEBAPP Gitlab ssh key upload command injection attempt (server-webapp.rules) * 1:31571 <-> DISABLED <-> FILE-IMAGE GIMP XWD BlueMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31574 <-> DISABLED <-> FILE-IMAGE GIMP XWD BlueMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31575 <-> DISABLED <-> FILE-IMAGE GIMP XWD GreenMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31729 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Password Manager MetadataServlet SQL injection attempt (server-webapp.rules) * 1:31576 <-> DISABLED <-> FILE-IMAGE GIMP XWD RedMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31579 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record attempt (file-office.rules) * 1:31580 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:31581 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:31728 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central LinkViewFetchServlet SQL injection attempt (server-webapp.rules) * 1:31582 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:31583 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:31584 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSS .ipsum layout use-after-free attempt (browser-ie.rules) * 1:31608 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:31685 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-origin security policy bypass attempt (file-flash.rules) * 1:31609 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:31610 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:31611 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:31684 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-origin security policy bypass attempt (file-flash.rules) * 1:31623 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EventListener use after free attempt (browser-ie.rules) * 1:31573 <-> DISABLED <-> FILE-IMAGE GIMP XWD RedMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31624 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EventListener use after free attempt (browser-ie.rules) * 1:31629 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CMarkup insertMarquee use after free attempt (browser-ie.rules) * 1:31561 <-> DISABLED <-> SERVER-WEBAPP Wordpress MailPoet plugin successful theme file upload detected (server-webapp.rules) * 1:31677 <-> DISABLED <-> FILE-FLASH Adobe Flash Broker write to junction exploit attempt (file-flash.rules) * 1:31674 <-> DISABLED <-> FILE-FLASH Adobe Flash Broker write to junction exploit attempt (file-flash.rules) * 1:31671 <-> DISABLED <-> FILE-OTHER Symantec Endpoint Protection Sysplant kernel pool overflow exploit attempt (file-other.rules) * 1:31670 <-> DISABLED <-> FILE-OTHER Symantec Endpoint Protection Sysplant kernel pool overflow exploit attempt (file-other.rules) * 1:31652 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (server-webapp.rules) * 1:31560 <-> DISABLED <-> SERVER-WEBAPP Wordpress MailPoet plugin theme file upload attempt (server-webapp.rules) * 1:31651 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (server-webapp.rules) * 1:35563 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime esds atom buffer overread attempt (file-multimedia.rules) * 1:35564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime esds atom buffer overread attempt (file-multimedia.rules) * 1:35567 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid mvhd atom size out of bounds read attempt (file-multimedia.rules) * 1:35568 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid mvhd atom size out of bounds read attempt (file-multimedia.rules) * 1:35594 <-> DISABLED <-> SERVER-WEBAPP Websense Triton Content Manager handle_debug_network stack buffer overflow attempt (server-webapp.rules) * 1:10192 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX clsid access (browser-plugins.rules) * 1:10193 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX function call access (browser-plugins.rules) * 1:10194 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX function call access (browser-plugins.rules) * 1:1118 <-> DISABLED <-> SERVER-WEBAPP ls 20-l (server-webapp.rules) * 1:11259 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX clsid access (browser-plugins.rules) * 1:11261 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX function call access (browser-plugins.rules) * 1:12746 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules) * 1:12766 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX clsid access (browser-plugins.rules) * 1:12767 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules) * 1:13287 <-> DISABLED <-> OS-WINDOWS Windows remote kernel tcp/ip igmp vulnerability exploit attempt (os-windows.rules) * 1:13471 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher invalid pathname overwrite attempt (file-office.rules) * 1:13523 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules) * 1:13525 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules) * 1:13975 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Event System ActiveX clsid access (browser-plugins.rules) * 1:13977 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Event System ActiveX function call access (browser-plugins.rules) * 1:13979 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Event System Subscription VBScript access (os-windows.rules) * 1:14037 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules) * 1:14038 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules) * 1:14769 <-> DISABLED <-> SERVER-OTHER DATAC RealWin SCADA System buffer overflow attempt (server-other.rules) * 1:15266 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:15456 <-> DISABLED <-> SERVER-OTHER WinHTTP SSL/TLS impersonation attempt (server-other.rules) * 1:15470 <-> DISABLED <-> FILE-EXECUTABLE IIS ASP/ASP.NET potentially malicious file upload attempt (file-executable.rules) * 1:15522 <-> DISABLED <-> SERVER-OTHER Active Directory invalid OID denial of service attempt (server-other.rules) * 1:15683 <-> DISABLED <-> SERVER-OTHER ISA Server OTP-based Forms-authorization fallback policy bypass attempt (server-other.rules) * 1:15727 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules) * 1:15851 <-> DISABLED <-> SERVER-IIS Microsoft ASP.NET bad request denial of service attempt (server-iis.rules) * 1:15974 <-> DISABLED <-> SERVER-IIS Microsoft IIS ASP handling buffer overflow attempt (server-iis.rules) * 1:16150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer variant argument validation remote code execution attempt (browser-ie.rules) * 1:16158 <-> DISABLED <-> OS-WINDOWS malformed ASF codec memory corruption attempt (os-windows.rules) * 1:16179 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET MSIL CLR interface multiple instantiation attempt (file-executable.rules) * 1:16182 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET MSIL stack corruption attempt (file-executable.rules) * 1:16188 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint bad text header txttype attempt (file-office.rules) * 1:16228 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed StartObject record arbitrary code execution attempt (file-office.rules) * 1:16237 <-> DISABLED <-> SERVER-OTHER Microsoft Active Directory NTDSA stack space exhaustion attempt (server-other.rules) * 1:16326 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 DOM memory corruption attempt (browser-ie.rules) * 1:16329 <-> DISABLED <-> SERVER-OTHER Microsoft Internet Authentication Service EAP-MSCHAPv2 authentication bypass attempt (server-other.rules) * 1:16337 <-> DISABLED <-> FILE-FLASH Adobe Flash Player directory traversal attempt (file-flash.rules) * 1:16353 <-> DISABLED <-> FILE-MULTIMEDIA FFmpeg OGV file format memory corruption attempt (file-multimedia.rules) * 1:16366 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules) * 1:16367 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules) * 1:16369 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt - public exploit (browser-ie.rules) * 1:16371 <-> DISABLED <-> BROWSER-PLUGINS NOS Microsystems Adobe atl_getcom ActiveX clsid access (browser-plugins.rules) * 1:16377 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:16378 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object cells reference memory corruption vulnerability (browser-ie.rules) * 1:16405 <-> DISABLED <-> PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Prefix Information stack buffer overflow attempt (protocol-icmp.rules) * 1:16409 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules) * 1:16410 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint file LinkedSlide10Atom record parsing heap corruption attempt (file-office.rules) * 1:16411 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:16412 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid TextByteAtom remote code execution attempt (file-office.rules) * 1:16414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Shell Handler remote code execution attempt (os-windows.rules) * 1:16416 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules) * 1:16419 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Data Analyzer 3.5 ActiveX clsid access (browser-plugins.rules) * 1:16421 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:16422 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Paint JPEG with malformed SOFx field integer overflow attempt (file-image.rules) * 1:16438 <-> DISABLED <-> SERVER-ORACLE WebLogic Server Node Manager arbitrary command execution attempt (server-oracle.rules) * 1:16461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules) * 1:16462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 formulas from records parsing code execution attempt (file-office.rules) * 1:16463 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 formulas from records parsing code execution attempt (file-office.rules) * 1:16464 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ContinueFRT12 heap overflow attempt (file-office.rules) * 1:16465 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ContinueFRT12 and MDXSet heap overflow attempt (file-office.rules) * 1:16466 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel uninitialized stack variable code execution attempt (file-office.rules) * 1:16467 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 1 (file-office.rules) * 1:16468 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 2 (file-office.rules) * 1:16469 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (file-office.rules) * 1:16470 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:16471 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:16492 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari inline text box use after free attempt (browser-webkit.rules) * 1:16501 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - TrueType (browser-firefox.rules) * 1:16502 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - CFF-based (browser-firefox.rules) * 1:16503 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (browser-ie.rules) * 1:16504 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 7 encoded content handling exploit attempt (browser-ie.rules) * 1:16505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML parsing memory corruption attempt (browser-ie.rules) * 1:16506 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:16507 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onreadystatechange memory corruption attempt (browser-ie.rules) * 1:16508 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 non-IE8 compatibility mode htmltime remote code execution attempt (browser-ie.rules) * 1:16509 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer designMode-enabled information disclosure attempt (browser-ie.rules) * 1:16510 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by CLSID (browser-plugins.rules) * 1:16511 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by ProgID (browser-plugins.rules) * 1:16512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed span/div html document heap corruption attempt (browser-ie.rules) * 1:16534 <-> DISABLED <-> SERVER-OTHER Windows Server2000/2003/2008 SMTP service DNS MX lookup denial of service attempt (server-other.rules) * 1:16537 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (browser-plugins.rules) * 1:16541 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Service stack overflow attempt (os-windows.rules) * 1:16542 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules) * 1:16543 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player codec code execution attempt (file-multimedia.rules) * 1:16545 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules) * 1:16546 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader/Acrobat Pro CFF font parsing heap overflow attempt (file-pdf.rules) * 1:16549 <-> DISABLED <-> FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - npruntime-scriptable-plugin (file-other.rules) * 1:16550 <-> DISABLED <-> FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - java-deployment-toolkit (file-other.rules) * 1:16561 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 1 (file-image.rules) * 1:16562 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 2 (file-image.rules) * 1:16563 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 3 (file-image.rules) * 1:16564 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 4 (file-image.rules) * 1:16576 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix AgentX receive_agentx stack buffer overflow attempt (server-other.rules) * 1:16577 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMBv2 compound request DoS attempt (os-windows.rules) * 1:16584 <-> DISABLED <-> BROWSER-IE Oracle Java Web Start arbitrary command execution attempt - Internet Explorer (browser-ie.rules) * 1:16593 <-> DISABLED <-> FILE-OFFICE Microsoft VBE6.dll stack corruption attempt (file-office.rules) * 1:16595 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail remote code execution attempt (server-mail.rules) * 1:16603 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Linux malformed U3D mesh deceleration block exploit attempt (file-pdf.rules) * 1:16631 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after remove attempt (browser-webkit.rules) * 1:16632 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after reparent attempt (browser-webkit.rules) * 1:16633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules) * 1:16634 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules) * 1:16635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:16638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules) * 1:16639 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules) * 1:16640 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules) * 1:16641 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules) * 1:16643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (file-office.rules) * 1:16644 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules) * 1:16645 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:16646 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules) * 1:16647 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 2 (file-office.rules) * 1:16648 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 1 (file-office.rules) * 1:16650 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 1 (file-office.rules) * 1:16651 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 2 (file-office.rules) * 1:16652 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 3 (file-office.rules) * 1:16653 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 4 (file-office.rules) * 1:16654 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules) * 1:16655 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lbl record stack overflow attempt (file-office.rules) * 1:16656 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 ExternSheet record stack overflow attempt (file-office.rules) * 1:16657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DBQueryExt record memory corruption attempt (file-office.rules) * 1:16658 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 cross-site scripting attempt (browser-ie.rules) * 1:16659 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules) * 1:16661 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules) * 1:16664 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules) * 1:16665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Help Centre escape sequence XSS attempt (os-windows.rules) * 1:16667 <-> DISABLED <-> BROWSER-CHROME Google Chrome GURL cross origin bypass attempt (browser-chrome.rules) * 1:16668 <-> DISABLED <-> BROWSER-CHROME Google Chrome GURL cross origin bypass attempt (browser-chrome.rules) * 1:16673 <-> DISABLED <-> FILE-OTHER Adobe Shockwave DIR file PAMI chunk code execution attempt (file-other.rules) * 1:16674 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:16680 <-> DISABLED <-> APP-DETECT Tandberg VCS SSH default key (app-detect.rules) * 1:16721 <-> DISABLED <-> FILE-OTHER Orbital Viewer .orb stack buffer overflow attempt (file-other.rules) * 1:16767 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player SceneURL ActiveX clsid access (browser-plugins.rules) * 1:16769 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player ActiveX function call access (browser-plugins.rules) * 1:16771 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player WindsPlayerIE.View.1 ActiveX SceneURL method overflow attempt (browser-plugins.rules) * 1:16772 <-> DISABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX clsid access (browser-plugins.rules) * 1:16774 <-> DISABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX function call access (browser-plugins.rules) * 1:16776 <-> DISABLED <-> BROWSER-PLUGINS KeyWorks KeyHelp ActiveX control JumpURL method access attempt (browser-plugins.rules) * 1:16785 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Winds3D Player SceneURL method command execution attempt (browser-plugins.rules) * 1:16801 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll remote memory corruption denial of service attempt (file-pdf.rules) * 1:17034 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt (file-office.rules) * 1:17035 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt (file-office.rules) * 1:17036 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt (file-office.rules) * 1:17038 <-> DISABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 1 (file-office.rules) * 1:17039 <-> DISABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 2 (file-office.rules) * 1:17041 <-> DISABLED <-> SERVER-OTHER ISA Server OTP-based Forms-authorization fallback policy bypass attempt (server-other.rules) * 1:17110 <-> DISABLED <-> APP-DETECT VxWorks remote debugging agent login attempt (app-detect.rules) * 1:17114 <-> DISABLED <-> OS-WINDOWS Microsoft SilverLight ImageSource remote code execution attempt (os-windows.rules) * 1:17117 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-multimedia.rules) * 1:17118 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET CreateDelegate method arbitrary code execution attempt (file-executable.rules) * 1:17119 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority SPRM overflow attempt (file-office.rules) * 1:17120 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules) * 1:17121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules) * 1:17122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules) * 1:17123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format invalid field size memory corruption attempt (file-office.rules) * 1:17124 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word malformed table record memory corruption attempt (file-office.rules) * 1:17126 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB large session length with small packet (os-windows.rules) * 1:17128 <-> DISABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules) * 1:17130 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution (browser-ie.rules) * 1:17131 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 parent style rendering arbitrary code execution (browser-ie.rules) * 1:17132 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access attempt (browser-ie.rules) * 1:17133 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:17134 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:17135 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules) * 1:17136 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6 race condition exploit attempt (browser-ie.rules) * 1:17140 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:17141 <-> DISABLED <-> FILE-FLASH Adobe Flash invalid data precision arbitrary code execution exploit attempt (file-flash.rules) * 1:17142 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules) * 1:17143 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 1 (file-image.rules) * 1:17144 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 2 (file-image.rules) * 1:17145 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ASL file processing buffer overflow attempt (file-image.rules) * 1:17146 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 GRD file processing buffer overflow attempt (file-image.rules) * 1:17147 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt (file-image.rules) * 1:17153 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 1 (browser-firefox.rules) * 1:17154 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 2 (browser-firefox.rules) * 1:17155 <-> DISABLED <-> SERVER-OTHER Multiple vendors OPIE off-by-one stack buffer overflow attempt (server-other.rules) * 1:17165 <-> DISABLED <-> BROWSER-OTHER Opera browser document writing uninitialized memory access attempt (browser-other.rules) * 1:17167 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 1 ActiveX clsid access (browser-plugins.rules) * 1:17169 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 2 ActiveX clsid access (browser-plugins.rules) * 1:17171 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 3 ActiveX clsid access (browser-plugins.rules) * 1:17173 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 4 ActiveX clsid access (browser-plugins.rules) * 1:17175 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 5 ActiveX clsid access (browser-plugins.rules) * 1:17177 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 6 ActiveX clsid access (browser-plugins.rules) * 1:17179 <-> DISABLED <-> FILE-OTHER Adobe Director file pamm record exploit attempt (file-other.rules) * 1:17180 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules) * 1:17181 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules) * 1:17182 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules) * 1:17183 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules) * 1:17184 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules) * 1:17185 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17186 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17187 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17188 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17189 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17190 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17191 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17192 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17193 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17194 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC tag exploit attempt (file-other.rules) * 1:17196 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules) * 1:17197 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules) * 1:17198 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules) * 1:17200 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM overflow attempt (file-other.rules) * 1:17202 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:17203 <-> DISABLED <-> FILE-OTHER Adobe Director file file rcsL overflow attempt (file-other.rules) * 1:17204 <-> DISABLED <-> FILE-OTHER Adobe Director file mmap overflow attempt (file-other.rules) * 1:17205 <-> DISABLED <-> PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - udp (protocol-rpc.rules) * 1:17206 <-> DISABLED <-> PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - tcp (protocol-rpc.rules) * 1:17211 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime marshaled punk remote code execution (file-multimedia.rules) * 1:17239 <-> DISABLED <-> SERVER-MAIL Multiple IMAP server CREATE command buffer overflow attempt (server-mail.rules) * 1:17240 <-> DISABLED <-> SERVER-MAIL Multiple IMAP server literal CREATE command buffer overflow attempt (server-mail.rules) * 1:17252 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Print Spooler arbitrary file write attempt (os-windows.rules) * 1:17256 <-> DISABLED <-> OS-WINDOWS Microsoft Windows uniscribe fonts parsing memory corruption attempt (os-windows.rules) * 1:17257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and Reader remote code execution attempt (file-flash.rules) * 1:17609 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:17660 <-> DISABLED <-> SERVER-OTHER Oracle Java Web Start arbitrary command execution attempt (server-other.rules) * 1:17674 <-> DISABLED <-> BROWSER-PLUGINS Skype Extras Manager ActiveX clsid access (browser-plugins.rules) * 1:17676 <-> DISABLED <-> BROWSER-PLUGINS Skype Extras Manager ActiveX function call access (browser-plugins.rules) * 1:17696 <-> DISABLED <-> PROTOCOL-DNS Microsoft Windows DNS Server ANY query cache weakness (protocol-dns.rules) * 1:17723 <-> DISABLED <-> OS-WINDOWS possible SMB replay attempt - overlapping encryption keys detected (os-windows.rules) * 1:17742 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules) * 1:17747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer compressed HDMX font processing integer overflow attempt (browser-ie.rules) * 1:17754 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word bookmark bound check remote code execution attempt (file-office.rules) * 1:17755 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (file-office.rules) * 1:17756 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XP PLFLSInTableStream heap overflow attempt (file-office.rules) * 1:17757 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel CrErr record integer overflow attempt (file-office.rules) * 1:17758 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules) * 1:17759 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid SerAr object exploit attempt (file-office.rules) * 1:17760 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules) * 1:17763 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel GhostRw record exploit attempt (file-office.rules) * 1:17764 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:17768 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 object event handler use after free exploit attempt (browser-ie.rules) * 1:17769 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CSS invalid mapping exploit attempt (browser-ie.rules) * 1:17770 <-> DISABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules) * 1:17773 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player Firefox plugin memory corruption attempt (file-multimedia.rules) * 1:17803 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:17804 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules) * 1:17806 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:17807 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:17808 <-> DISABLED <-> FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (file-flash.rules) * 1:18064 <-> DISABLED <-> BROWSER-PLUGINS Microsoft .NET framework EntityObject execution attempt (browser-plugins.rules) * 1:18065 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules) * 1:18066 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules) * 1:18068 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (file-office.rules) * 1:18069 <-> DISABLED <-> FILE-OFFICE Microsoft Office Art drawing invalid shape identifier attempt (file-office.rules) * 1:18070 <-> DISABLED <-> FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt (file-office.rules) * 1:18071 <-> DISABLED <-> FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt (file-office.rules) * 1:18097 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:18102 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules) * 1:18180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript remote code execution attempt (file-flash.rules) * 1:18196 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (browser-ie.rules) * 1:18197 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:18198 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:18199 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:18200 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:18202 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book smmscrpt.dll malicious DLL load (os-windows.rules) * 1:18203 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book smmscrpt.dll malicious DLL load (os-windows.rules) * 1:18204 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (os-windows.rules) * 1:18205 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (os-windows.rules) * 1:18206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (os-windows.rules) * 1:18207 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (os-windows.rules) * 1:18208 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wininet peerdist.dll dll-load exploit attempt (os-windows.rules) * 1:18212 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher tyo.oty field heap overflow attempt (file-office.rules) * 1:18213 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher column and row remote code execution attempt (file-office.rules) * 1:18214 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 97 conversion remote code execution attempt (file-office.rules) * 1:18216 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6 #default#anim attempt (browser-ie.rules) * 1:18217 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer select element memory corruption attempt (browser-ie.rules) * 1:18218 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer time element memory corruption attempt (browser-ie.rules) * 1:18220 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malformed character glyph remote code execution attempt (os-windows.rules) * 1:18221 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table remote code execution attempt (browser-ie.rules) * 1:18222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules) * 1:18224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules) * 1:18227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18229 <-> DISABLED <-> FILE-IMAGE Microsoft FlashPix tile length overflow attempt (file-image.rules) * 1:18230 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher memory corruption attempt (file-office.rules) * 1:18231 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher oversized oti length attempt (file-office.rules) * 1:18233 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Adobe Font Driver code execution attempt (file-office.rules) * 1:18235 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules) * 1:18236 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFFIM32.FLT filter memory corruption attempt (file-office.rules) * 1:18237 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Flashpix graphics filter fpx32.flt remote code execution attempt (file-image.rules) * 1:18240 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (browser-ie.rules) * 1:18241 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:18242 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules) * 1:18243 <-> DISABLED <-> SERVER-IIS Microsoft Windows 7 IIS7.5 FTPSVC buffer overflow attempt (server-iis.rules) * 1:18244 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules) * 1:18245 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java browser plugin docbase overflow attempt (browser-plugins.rules) * 1:18249 <-> DISABLED <-> PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Route Information stack buffer overflow attempt (protocol-icmp.rules) * 1:18265 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:18276 <-> DISABLED <-> FILE-OTHER Microsoft Data Access Components library attempt (file-other.rules) * 1:18277 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (os-windows.rules) * 1:18278 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (os-windows.rules) * 1:18280 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer oversize recordset object cache size exploit attempt (browser-ie.rules) * 1:18308 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (file-pdf.rules) * 1:18323 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX clsid access (browser-plugins.rules) * 1:18324 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX function call access (browser-plugins.rules) * 1:18327 <-> DISABLED <-> PROTOCOL-SCADA Kingview HMI heap overflow attempt (protocol-scada.rules) * 1:18329 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules) * 1:18398 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:18400 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CRSS local process allowed to persist through logon or logoff attempt (os-windows.rules) * 1:18401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Base64 encoded script overflow attempt (browser-ie.rules) * 1:18402 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD Adobe font driver remote code execution attempt (file-other.rules) * 1:18404 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer document.insertBefore memory corruption attempt (browser-ie.rules) * 1:18409 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys write message to dead thread code execution attempt (os-windows.rules) * 1:18410 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys write message to dead thread code execution attempt (os-windows.rules) * 1:18411 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k!xxxTrackPopupMenuEx privilege escalation attempt (os-windows.rules) * 1:18412 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k!xxxTrackPopupMenuEx privilege escalation attempt (os-windows.rules) * 1:18414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos auth downgrade to DES MITM attempt (os-windows.rules) * 1:18415 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio deserialization double free attempt (file-office.rules) * 1:18416 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (file-office.rules) * 1:18417 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (file-office.rules) * 1:18418 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript apply function memory corruption attempt (file-flash.rules) * 1:18419 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader field flags exploit attempt (file-pdf.rules) * 1:18420 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript ASnative function remote code execution attempt (file-flash.rules) * 1:18421 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript beginGradientFill memory corruption attempt (file-flash.rules) * 1:18448 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules) * 1:18449 <-> DISABLED <-> FILE-OTHER Adobe Acrobat font definition memory corruption attempt (file-other.rules) * 1:18450 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed BMP RGBQUAD attempt (file-pdf.rules) * 1:18451 <-> DISABLED <-> FILE-PDF Adobe Acrobat ICC color integer overflow attempt (file-pdf.rules) * 1:18453 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:18454 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:18455 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed jpeg2000 superbox attempt (file-pdf.rules) * 1:18457 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules) * 1:18460 <-> DISABLED <-> SERVER-WEBAPP Symantec Alert Management System pin number buffer overflow attempt (server-webapp.rules) * 1:18461 <-> DISABLED <-> SERVER-MAIL IBM Lotus Domino nrouter.exe iCalendar MAILTO stack buffer overflow attempt (server-mail.rules) * 1:18462 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules) * 1:18463 <-> DISABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules) * 1:18488 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules) * 1:18489 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules) * 1:18496 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension ehtrace.dll dll-load exploit attempt (os-windows.rules) * 1:18497 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension ehtrace.dll dll-load exploit attempt (os-windows.rules) * 1:18498 <-> DISABLED <-> FILE-OTHER Microsoft Media Player dvr-ms file parsing remote code execution attempt (file-other.rules) * 1:18499 <-> DISABLED <-> OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (os-windows.rules) * 1:18500 <-> DISABLED <-> OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (os-windows.rules) * 1:18501 <-> DISABLED <-> OS-WINDOWS Microsoft Malware Protection Engine elevation of privilege attempt (os-windows.rules) * 1:18502 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Actionlf out of range negative offset attempt (file-flash.rules) * 1:18503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript flash.geom.Point constructor memory corruption attempt (file-flash.rules) * 1:18504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionConstantPool overflow attempt (file-flash.rules) * 1:18505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionPush overflow attempt (file-flash.rules) * 1:18506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules) * 1:18507 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules) * 1:18525 <-> DISABLED <-> SERVER-OTHER Lotus Domino LDAP Heap Buffer Overflow Attempt (server-other.rules) * 1:18529 <-> DISABLED <-> FILE-OTHER Adobe Premiere Pro ibfs32.dll dll-load exploit attempt (file-other.rules) * 1:18530 <-> DISABLED <-> FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt (file-other.rules) * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules) * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules) * 1:18536 <-> DISABLED <-> FILE-OFFICE OpenOffice.org Microsoft Office Word file processing integer underflow attempt (file-office.rules) * 1:18537 <-> DISABLED <-> FILE-OTHER OpenOffice.org XPM file processing integer overflow attempt (file-other.rules) * 1:18538 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:18539 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (browser-ie.rules) * 1:18541 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 3 (file-office.rules) * 1:18542 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (browser-plugins.rules) * 1:18543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:18544 <-> DISABLED <-> FILE-FLASH embedded Shockwave dropper in email attachment (file-flash.rules) * 1:18557 <-> DISABLED <-> PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (protocol-rpc.rules) * 1:18558 <-> DISABLED <-> PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (protocol-rpc.rules) * 1:18559 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules) * 1:18560 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules) * 1:18578 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL cdda URI overflow attempt (browser-plugins.rules) * 1:18611 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:18612 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:18613 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:18624 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET framework optimizer escalation attempt (os-windows.rules) * 1:18630 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (file-office.rules) * 1:18631 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (file-office.rules) * 1:18632 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed Label record exploit attempt (file-office.rules) * 1:18634 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (file-office.rules) * 1:18635 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:18636 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint SlideAtom record exploit attempt (file-office.rules) * 1:18637 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint OfficeArt atom memory corruption attempt (file-office.rules) * 1:18638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:18642 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules) * 1:18643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules) * 1:18644 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType Fonts CompactFontFormat FontMatrix tranform memory corruption attempt (file-other.rules) * 1:18645 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (file-image.rules) * 1:18648 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file upload/download attempt (protocol-scada.rules) * 1:18649 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file operation overflow attempt (protocol-scada.rules) * 1:18651 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe report template overflow attempt (protocol-scada.rules) * 1:18654 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe format string attempt (protocol-scada.rules) * 1:18656 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe strep overflow attempt (protocol-scada.rules) * 1:18657 <-> DISABLED <-> PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (protocol-scada.rules) * 1:18659 <-> DISABLED <-> PROTOCOL-SCADA RealWin 2.1 SCPC_INITIALIZE overflow attempt (protocol-scada.rules) * 1:18668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (browser-plugins.rules) * 1:18670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:18671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:18672 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-ie.rules) * 1:18679 <-> DISABLED <-> SERVER-OTHER Oracle Java Applet2ClassLoader Remote Code Execution (server-other.rules) * 1:18740 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules) * 1:18745 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs buffer overflow attempt (server-webapp.rules) * 1:18754 <-> DISABLED <-> SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (server-other.rules) * 1:18755 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Data Type Memory Corruption (file-office.rules) * 1:18759 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - POST (server-webapp.rules) * 1:18760 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - GET (server-webapp.rules) * 1:18764 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules) * 1:18768 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent RRULE parsing buffer overflow attempt (server-mail.rules) * 1:18771 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules) * 1:18772 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules) * 1:18776 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director pamm chunk memory corruption attempt (file-other.rules) * 1:18790 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe overflow attempt (server-other.rules) * 1:18795 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovet_demandpoll.exe format string execution attempt (server-webapp.rules) * 1:18796 <-> DISABLED <-> SERVER-WEBAPP Novell iManager ClassName handling overflow attempt (server-webapp.rules) * 1:18797 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration property_box.php other variable command execution attempt (server-webapp.rules) * 1:18801 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JpxDecode invalid crgn memory corruption attempt (file-pdf.rules) * 1:18802 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs directory traversal attempt (server-webapp.rules) * 1:18805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player undefined tag exploit attempt (file-flash.rules) * 1:18806 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules) * 1:1881 <-> DISABLED <-> SERVER-WEBAPP bad HTTP 1.1 request - potential worm attack (server-webapp.rules) * 1:18903 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit Rendering Counter Code Execution (browser-webkit.rules) * 1:18905 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18906 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18907 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18908 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18909 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18910 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18911 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18912 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18913 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18914 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18915 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18916 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18917 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18918 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18919 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18920 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18921 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18922 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18923 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18924 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18925 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18926 <-> DISABLED <-> PROTOCOL-SNMP Multiple vendors AgentX receive_agentx integer overflow attempt (protocol-snmp.rules) * 1:18928 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules) * 1:18929 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration objectname variable command injection attempt (server-oracle.rules) * 1:18930 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe Template format string code execution attempt (server-webapp.rules) * 1:18948 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules) * 1:18950 <-> DISABLED <-> OS-WINDOWS Microsoft WINS service oversize payload exploit attempt (os-windows.rules) * 1:18952 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules) * 1:18953 <-> DISABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules) * 1:18954 <-> DISABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules) * 1:18957 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (browser-webkit.rules) * 1:18958 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (browser-webkit.rules) * 1:18960 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise agents HTTP request remote code execution attempt (server-webapp.rules) * 1:18961 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:18962 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:18963 <-> DISABLED <-> FILE-FLASH Adobe ActionScript 3 addEventListener exploit attempt (file-flash.rules) * 1:18964 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules) * 1:18965 <-> DISABLED <-> FILE-FLASH Adobe Flash file ActionScript 2 ActionJump remote code execution attempt (file-flash.rules) * 1:18966 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules) * 1:18967 <-> DISABLED <-> FILE-FLASH Adobe ActionScript argumentCount download attempt (file-flash.rules) * 1:18968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript3 stack integer overflow attempt (file-flash.rules) * 1:18969 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript ActionIf integer overflow attempt (file-flash.rules) * 1:18970 <-> DISABLED <-> FILE-FLASH Adobe Flash Player null pointer dereference attempt (file-flash.rules) * 1:18971 <-> DISABLED <-> FILE-FLASH Adobe Flash beginGradientfill improper color validation attempt (file-flash.rules) * 1:18972 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration selector variable command injection attempt (server-oracle.rules) * 1:18973 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit button first-letter style rendering code execution attempt (browser-webkit.rules) * 1:18974 <-> DISABLED <-> BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX function call attempt (browser-plugins.rules) * 1:18975 <-> DISABLED <-> BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX function call access (browser-plugins.rules) * 1:18985 <-> DISABLED <-> POLICY-OTHER CA ARCserve Axis2 default credential login attempt (policy-other.rules) * 1:18992 <-> DISABLED <-> FILE-FLASH Adobe Flash Player content parsing execution attempt (file-flash.rules) * 1:18993 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager server name exploit attempt (server-webapp.rules) * 1:18994 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules) * 1:18998 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules) * 1:18999 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (server-webapp.rules) * 1:19002 <-> DISABLED <-> FILE-FLASH RealNetworks RealPlayer FLV parsing two integer overflow vulnerabilities (file-flash.rules) * 1:19003 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules) * 1:19004 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules) * 1:19008 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point conversion memory corruption attempt (browser-webkit.rules) * 1:19011 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules) * 1:19012 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules) * 1:19013 <-> DISABLED <-> PROTOCOL-TFTP HP Intelligent Management Center TFTP server MODE remote code execution attempt - WRQ (protocol-tftp.rules) * 1:19014 <-> DISABLED <-> PROTOCOL-TFTP HP Intelligent Management Center TFTP server MODE remote code execution attempt - RRQ (protocol-tftp.rules) * 1:19063 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules) * 1:19064 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font index remote code execution attempt (file-other.rules) * 1:19071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19076 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:19077 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:19078 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules) * 1:19080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19082 <-> DISABLED <-> FILE-PDF Adobe Flash Player memory corruption attempt (file-pdf.rules) * 1:19083 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19084 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules) * 1:19095 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (browser-webkit.rules) * 1:19096 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (browser-webkit.rules) * 1:19097 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit ContentEditable code execution attempt (browser-webkit.rules) * 1:19098 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit ContentEditable code exeuction attempt (browser-webkit.rules) * 1:19099 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari CSS font format corruption attempt (browser-webkit.rules) * 1:19102 <-> DISABLED <-> BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX clsid access (browser-plugins.rules) * 1:19103 <-> DISABLED <-> BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX function call access (browser-plugins.rules) * 1:19112 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D stucture heap overflow (file-other.rules) * 1:19113 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 81 overflow attempt (file-other.rules) * 1:19114 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 45 overflow attempt (file-other.rules) * 1:19115 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 89 overflow attempt (file-other.rules) * 1:19117 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D integer overflow (file-pdf.rules) * 1:19118 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader script injection vulnerability (file-pdf.rules) * 1:19120 <-> DISABLED <-> SERVER-OTHER IBM Informix DBINFO stack buffer overflow (server-other.rules) * 1:19121 <-> DISABLED <-> SERVER-OTHER IBM Informix EXPLAIN stack buffer overflow attempt (server-other.rules) * 1:19126 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules) * 1:19127 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules) * 1:19130 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Paint jpeg with malformed SOFx field integer overflow attempt (file-image.rules) * 1:19131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:19132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:19133 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules) * 1:19134 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules) * 1:19136 <-> DISABLED <-> SERVER-WEBAPP CA XOsoft Multiple Products entry_point.aspx buffer overflow attempt (server-webapp.rules) * 1:19137 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI ICount parameter buffer overflow attempt (server-webapp.rules) * 1:19138 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (server-webapp.rules) * 1:19139 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI MaxAge parameter buffer overflow attempt (server-webapp.rules) * 1:19140 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM snmpviewer.exe CGI parameter buffer overflow attempt (server-webapp.rules) * 1:19141 <-> DISABLED <-> FILE-OFFICE Microsoft Access Wizard control memory corruption ActiveX clsid access (file-office.rules) * 1:19143 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player JPG header record mismatch memory corruption attempt (file-multimedia.rules) * 1:19144 <-> DISABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules) * 1:19145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:19146 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules) * 1:19147 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:19148 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player SWF file MP4 data parsing memory corruption attempt (file-multimedia.rules) * 1:19149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules) * 1:19150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules) * 1:19151 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX clsid access (browser-plugins.rules) * 1:19152 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX function call access (browser-plugins.rules) * 1:19153 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word malformed index code execution attempt (file-office.rules) * 1:19154 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray parsing attempt (file-office.rules) * 1:19156 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:19169 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer vidplin.dll avi header parsing execution attempt (file-multimedia.rules) * 1:19170 <-> DISABLED <-> FILE-OTHER Microsoft Windows .NET Framework XAML browser applications stack corruption (file-other.rules) * 1:19173 <-> DISABLED <-> PROTOCOL-RPC CDE Calendar Manager service memory corruption attempt (protocol-rpc.rules) * 1:19180 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:19181 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe uninitialized memory corruption attempt (browser-ie.rules) * 1:19183 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules) * 1:19184 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (os-windows.rules) * 1:19185 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET ArraySegment escape exploit attempt (os-windows.rules) * 1:19188 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules) * 1:19189 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules) * 1:19193 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX clsid access (browser-plugins.rules) * 1:19194 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules) * 1:19195 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules) * 1:19196 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD Adobe font driver remote code execution attempt (os-windows.rules) * 1:19197 <-> DISABLED <-> BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX clsid access (browser-plugins.rules) * 1:19198 <-> DISABLED <-> BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX function call access (browser-plugins.rules) * 1:19199 <-> DISABLED <-> OS-WINDOWS Smb2Create_Finalize malformed EndOfFile field exploit attempt (os-windows.rules) * 1:19200 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff exploit attempt (file-office.rules) * 1:19209 <-> DISABLED <-> SERVER-WEBAPP Symantec Alert Management System modem string buffer overflow attempt (server-webapp.rules) * 1:19210 <-> DISABLED <-> SERVER-OTHER IBM Informix Dynamic Server set environment buffer overflow attempt (server-other.rules) * 1:19216 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules) * 1:19217 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules) * 1:19219 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules) * 1:19220 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules) * 1:19221 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules) * 1:19222 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:19225 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules) * 1:19226 <-> DISABLED <-> FILE-OTHER Cisco Webex Player .wrf stack buffer overflow (file-other.rules) * 1:19227 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Scenario heap memory overflow (file-office.rules) * 1:19228 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration preauth variable command injection attempt (server-webapp.rules) * 1:19229 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:19230 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules) * 1:19231 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Series record exploit attempt (file-office.rules) * 1:19232 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel XF record exploit attempt (file-office.rules) * 1:19235 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer copy/paste memory corruption attempt (browser-ie.rules) * 1:19236 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer drag event memory corruption attempt (browser-ie.rules) * 1:19237 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:19238 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 self remove from markup vulnerability (browser-ie.rules) * 1:19240 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7/8 reload stylesheet attempt (browser-ie.rules) * 1:19243 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:19245 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (browser-ie.rules) * 1:19246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS expression defined to empty selection attempt (browser-ie.rules) * 1:19247 <-> DISABLED <-> FILE-IMAGE Adobe jpeg 2000 image exploit attempt (file-image.rules) * 1:19248 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D texture continuation integer overflow attempt (file-pdf.rules) * 1:19249 <-> DISABLED <-> FILE-FLASH Adobe Universal3D meshes.removeItem exploit attempt (file-flash.rules) * 1:19250 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D file include overflow attempt (file-pdf.rules) * 1:19251 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CIDFont dictionary glyph width corruption attempt (file-pdf.rules) * 1:19253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious language.engtesselate.ln file download attempt (file-pdf.rules) * 1:19254 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript in PDF go-to actions exploit attempt (file-pdf.rules) * 1:19255 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC ProfileDescriptionTag overflow attempt (file-pdf.rules) * 1:19257 <-> DISABLED <-> FILE-FLASH Adobe ActionScript float index memory corruption attempt (file-flash.rules) * 1:19258 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:19260 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (file-office.rules) * 1:19261 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 invalid Selection.cref exploit attempt (file-office.rules) * 1:19262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:19263 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:19264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:19265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:19266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:19268 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules) * 1:19269 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules) * 1:19292 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:19293 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19294 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (file-office.rules) * 1:19295 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules) * 1:19296 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules) * 1:19303 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:19306 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher pubconv.dll corruption attempt (file-office.rules) * 1:19308 <-> DISABLED <-> FILE-OTHER Microsoft Windows embedded OpenType EOT font integer overflow attempt (file-other.rules) * 1:19313 <-> DISABLED <-> SERVER-OTHER Symantec Antivirus Intel Service DoS Attempt (server-other.rules) * 1:19314 <-> DISABLED <-> OS-WINDOWS Groove GroovePerfmon.dll dll-load exploit attempt (os-windows.rules) * 1:19315 <-> DISABLED <-> OS-WINDOWS Microsoft Groove GroovePerfmon.dll dll-load exploit attempt (os-windows.rules) * 1:19317 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmTDiagLine80 record parsing stack buffer overflow attempt (file-office.rules) * 1:19321 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products nsCSSValue Array Index Integer Overflow (browser-firefox.rules) * 1:19403 <-> DISABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules) * 1:19405 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:19406 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:19407 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:19408 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules) * 1:19412 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record parsing memory corruption (file-office.rules) * 1:19413 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules) * 1:19414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules) * 1:19436 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CStyleSheetRule array memory corruption attempt (browser-ie.rules) * 1:19441 <-> DISABLED <-> SERVER-WEBAPP Oracle Virtual Server Agent command injection attempt (server-webapp.rules) * 1:19442 <-> DISABLED <-> FILE-OFFICE Microsoft Office embedded Office Art drawings execution attempt (file-office.rules) * 1:19451 <-> DISABLED <-> SERVER-OTHER Oracle VM server agent command injection (server-other.rules) * 1:19452 <-> DISABLED <-> SERVER-OTHER Oracle VM server agent command injection (server-other.rules) * 1:19466 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio mfc71 dll-load exploit attempt (file-office.rules) * 1:19646 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:19647 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:19648 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:19649 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center dbman buffer overflow attempt (server-other.rules) * 1:19670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer telnet.exe file load exploit attempt (browser-ie.rules) * 1:19671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules) * 1:19672 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer stylesheet dynamic access memory corruption attempt (browser-ie.rules) * 1:19674 <-> DISABLED <-> OS-WINDOWS Microsoft Data Access Components bidlab.dll dll-load exploit attempt (os-windows.rules) * 1:19675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid UMLString data length exploit attempt (file-office.rules) * 1:19676 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid UMLDTOptions object exploit attempt (file-office.rules) * 1:19677 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules) * 1:19682 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (file-flash.rules) * 1:19683 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 buffer overflow attempt (file-flash.rules) * 1:19684 <-> DISABLED <-> FILE-OTHER Adobe CFF font storage memory corruption attempt (file-other.rules) * 1:19685 <-> DISABLED <-> FILE-FLASH Adobe Flash regular expression grouping depth buffer overflow attempt (file-flash.rules) * 1:19686 <-> DISABLED <-> FILE-FLASH Adobe Flash uninitialized bitmap structure memory corruption attempt (file-flash.rules) * 1:19687 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionStoreRegister instruction length invalidation attempt (file-flash.rules) * 1:19688 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript BitmapData buffer overflow attempt (file-flash.rules) * 1:19689 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript dynamic calculation double-free attempt (file-flash.rules) * 1:19690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript duplicateDoorInputArguments stack overwrite (file-flash.rules) * 1:19691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript File reference buffer overflow attempt (file-flash.rules) * 1:19693 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules) * 1:19707 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules) * 1:19713 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:19714 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:1975 <-> DISABLED <-> PROTOCOL-FTP DELE overflow attempt (protocol-ftp.rules) * 1:19806 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (browser-webkit.rules) * 1:19807 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (browser-webkit.rules) * 1:19808 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules) * 1:19811 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:19812 <-> DISABLED <-> SERVER-OTHER CA Total Defense Suite UNCWS getDBConfigSettings credential information disclosure attempt (server-other.rules) * 1:19813 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter Agent XMLK parsing stack bugger overflow attempt (server-webapp.rules) * 1:19817 <-> DISABLED <-> NETBIOS Juniper Odyssey Access Client DSSETUPSERVICE_CMD_UNINSTALL overflow attempt (netbios.rules) * 1:19873 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules) * 1:19883 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player libdirectx_plugin.dll AMV parsing buffer overflow attempt (file-multimedia.rules) * 1:19892 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System modem string buffer overflow attempt (server-other.rules) * 1:19893 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Tabular Control ActiveX overflow by CLSID / param tag (browser-plugins.rules) * 1:19894 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint unbound memcpy and remote code execution attempt (file-office.rules) * 1:19910 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules) * 1:19911 <-> DISABLED <-> FILE-OTHER Microsoft SYmbolic LinK stack overflow attempt (file-other.rules) * 1:19925 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX client browser plugin call-back-url buffer overflow attempt (browser-plugins.rules) * 1:19937 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules) * 1:19938 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Directory Server ibmslapd.exe stack buffer overflow attempt (server-other.rules) * 1:19956 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker project file heap buffer overflow attempt (file-multimedia.rules) * 1:20029 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules) * 1:20030 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file operation directory traversal attempt (protocol-scada.rules) * 1:20031 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:20049 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:20050 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory consumption vulnerability (file-flash.rules) * 1:20051 <-> DISABLED <-> SERVER-OTHER SAP MaxDB malformed handshake request buffer overflow attempt (server-other.rules) * 1:20072 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules) * 1:20073 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules) * 1:20118 <-> DISABLED <-> OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (os-windows.rules) * 1:20119 <-> DISABLED <-> OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (os-windows.rules) * 1:20123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules) * 1:20124 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record attempt (file-office.rules) * 1:20125 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:20126 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:20127 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Conditional Formatting record vulnerability (file-office.rules) * 1:20128 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules) * 1:20129 <-> DISABLED <-> FILE-OFFICE Microsoft Office BpscBulletProof uninitialized pointer dereference attempt (file-office.rules) * 1:20134 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector buffer overflow attempt (server-webapp.rules) * 1:20142 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader app.openDoc path vulnerability (file-pdf.rules) * 1:20144 <-> DISABLED <-> FILE-PDF Adobe Acrobat embedded TIFF DotRange structure memory corruption attempt (file-pdf.rules) * 1:20145 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules) * 1:20147 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules) * 1:20148 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules) * 1:20149 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded IFF file RGBA chunk memory corruption attempt (file-pdf.rules) * 1:20150 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PCX parsing corruption attempt (file-pdf.rules) * 1:20152 <-> DISABLED <-> FILE-PDF Adobe Acrobat GDI object leak memory corruption attempt (file-pdf.rules) * 1:20153 <-> DISABLED <-> FILE-PDF Adobe Acrobat embedded JPEG file APP0 chunk memory corruption attempt (file-pdf.rules) * 1:20154 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:20155 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (file-pdf.rules) * 1:20156 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getCosObj file overwrite attempt (file-pdf.rules) * 1:20157 <-> DISABLED <-> SERVER-ORACLE Oracle GlassFish Server war file upload attempt (server-oracle.rules) * 1:20158 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Server default credentials login attempt (server-webapp.rules) * 1:20159 <-> ENABLED <-> SERVER-WEBAPP Oracle GlassFish Server authentication bypass attempt (server-webapp.rules) * 1:20160 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Server successful authentication bypass attempt (server-webapp.rules) * 1:20168 <-> DISABLED <-> BROWSER-PLUGINS ChemView SaveAsMolFile vulnerability ActiveX clsid access (browser-plugins.rules) * 1:20169 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules) * 1:20170 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules) * 1:20171 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules) * 1:20176 <-> DISABLED <-> PROTOCOL-SCADA DAQFactory NETB protcol stack overflow attempt (protocol-scada.rules) * 1:20181 <-> DISABLED <-> FILE-FLASH Adobe Flash Speex-encoded audio buffer underflow attempt (file-flash.rules) * 1:20206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pcre ActionScript under allocation (file-flash.rules) * 1:20207 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20208 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20209 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20210 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20211 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursive stack overflow attempt (file-flash.rules) * 1:20214 <-> DISABLED <-> PROTOCOL-SCADA Measuresoft ScadaPro msvcrt.dll local command execution attempt (protocol-scada.rules) * 1:20215 <-> DISABLED <-> PROTOCOL-SCADA Measuresoft ScadaPro directory traversal file operation attempt (protocol-scada.rules) * 1:20227 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC webm memory corruption attempt (file-multimedia.rules) * 1:20246 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:20247 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:20255 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight inheritance restriction bypass (browser-plugins.rules) * 1:20259 <-> DISABLED <-> FILE-OTHER Microsoft Agent Helper Malicious JAR download attempt (file-other.rules) * 1:20263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer htmlfile null attribute access attempt (browser-ie.rules) * 1:20264 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer form selection reset attempt (browser-ie.rules) * 1:20265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer null attribute DoS attempt (browser-ie.rules) * 1:20266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Javascript negative option index attack attempt (browser-ie.rules) * 1:20267 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer circular reference exploit attempt (browser-ie.rules) * 1:20268 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules) * 1:20273 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer jscript9 parsing corruption attempt (browser-ie.rules) * 1:20288 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer QCP parsing buffer overflow attempt (file-multimedia.rules) * 1:20430 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start BasicServiceImpl security policy bypass attempt (file-java.rules) * 1:20431 <-> DISABLED <-> FILE-OTHER Wireshark DECT packet dissector overflow attempt (file-other.rules) * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules) * 1:20530 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (server-webapp.rules) * 1:20531 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (server-webapp.rules) * 1:20532 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector get file buffer overflow attempt (server-webapp.rules) * 1:20545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF embedded font null pointer attempt (file-flash.rules) * 1:20547 <-> DISABLED <-> FILE-FLASH Adobe Flash Player overlapping record overflow attempt (file-flash.rules) * 1:20548 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursive doaction stack exhaustion (file-flash.rules) * 1:20549 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion attempt (file-flash.rules) * 1:20550 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Mover3D clipping exploit (file-flash.rules) * 1:20551 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Stage 3D texture format overflow attempt (file-flash.rules) * 1:20555 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules) * 1:20556 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PlaceObjectX null pointer dereference attempt (file-flash.rules) * 1:20557 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionDefineFunction2 length overflow attempt (file-flash.rules) * 1:2056 <-> DISABLED <-> SERVER-WEBAPP TRACE attempt (server-webapp.rules) * 1:20560 <-> DISABLED <-> FILE-FLASH Adobe Flash Player salign null javascript access attempt (file-flash.rules) * 1:20567 <-> DISABLED <-> FILE-FLASH Adobe Flash SWF AVM2 namespace lookup deref exploit (file-flash.rules) * 1:20568 <-> DISABLED <-> FILE-FLASH Adobe Flash SWF ActionScript 3 ByteArray class vulnerability (file-flash.rules) * 1:20572 <-> DISABLED <-> FILE-OTHER Microsoft Windows Font Library file buffer overflow attempt (file-other.rules) * 1:20581 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:20582 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:20590 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:20600 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products SVG text content element getCharNumAtPosition use after free attempt (browser-firefox.rules) * 1:20607 <-> DISABLED <-> SERVER-OTHER Novell Groupwise internet agent http uri buffer overflow attempt (server-other.rules) * 1:20608 <-> DISABLED <-> SERVER-OTHER Novell Groupwise internet agent http uri buffer overflow attempt (server-other.rules) * 1:20622 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules) * 1:20628 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector FinishedCopy SQL Injection attempt (server-webapp.rules) * 1:20634 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules) * 1:20635 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector GetPolicies SQL Injection attempt (server-webapp.rules) * 1:20636 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules) * 1:20637 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules) * 1:20638 <-> DISABLED <-> PROTOCOL-SCADA Progea Movicon/PowerHMI EIDP over HTTP memory corruption attempt (protocol-scada.rules) * 1:20691 <-> DISABLED <-> POLICY-OTHER Cisco Network Registrar default credentials authentication attempt (policy-other.rules) * 1:20692 <-> DISABLED <-> POLICY-OTHER Cisco network registrar default credentials authentication attempt (policy-other.rules) * 1:20704 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer defaulttime behavior attack attempt (browser-plugins.rules) * 1:20705 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (browser-plugins.rules) * 1:20706 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (browser-plugins.rules) * 1:20707 <-> DISABLED <-> BROWSER-PLUGINS Dell IT Assistant ActiveX clsid access (browser-plugins.rules) * 1:20708 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules) * 1:20709 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20710 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20711 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20712 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20713 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20714 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20715 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20716 <-> DISABLED <-> BROWSER-PLUGINS Yahoo! CD Player ActiveX clsid access (browser-plugins.rules) * 1:20717 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE versioned stream missing data stream (file-office.rules) * 1:20718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (file-office.rules) * 1:20719 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:20720 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:20721 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher PLC object memory corruption attempt (file-office.rules) * 1:20722 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:20734 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player digital video recording buffer overflow attempt (file-multimedia.rules) * 1:20735 <-> DISABLED <-> FILE-OTHER Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation of privileges attempt (file-other.rules) * 1:20758 <-> DISABLED <-> POLICY-OTHER Progrea Movicon TCPUploadServer.exe unauthenticated access attempt (policy-other.rules) * 1:20761 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector buffer overflow attempt (server-other.rules) * 1:20766 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20767 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:20768 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20769 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20770 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20771 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20772 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20773 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20774 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20775 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20776 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:20786 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20787 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20788 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20789 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20802 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PRC file MarkupLinkedItem arbitrary code execution attempt (file-pdf.rules) * 1:20804 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20805 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20806 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20807 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20808 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20809 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20810 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20811 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20812 <-> DISABLED <-> PROTOCOL-TELNET FreeBSD telnetd enc_keyid overflow attempt (protocol-telnet.rules) * 1:20813 <-> DISABLED <-> PROTOCOL-TELNET FreeBSD telnetd dec_keyid overflow attempt (protocol-telnet.rules) * 1:20822 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt malicious string (browser-ie.rules) * 1:20829 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules) * 1:20842 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:20843 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:20875 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (browser-plugins.rules) * 1:20878 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules) * 1:20880 <-> DISABLED <-> FILE-OFFICE Microsoft DirectShow Line 21 decoder exploit attempt (file-office.rules) * 1:20889 <-> DISABLED <-> FILE-OTHER Video Spirit visprj buffer overflow (file-other.rules) * 1:20900 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:20902 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules) * 1:20903 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules) * 1:20904 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules) * 1:20997 <-> DISABLED <-> BROWSER-WEBKIT Apple Webkit Display box rendering corruption attempt (browser-webkit.rules) * 1:20999 <-> DISABLED <-> BROWSER-WEBKIT Microsoft Windows 7 x64 Apple Safari abnormally long iframe exploit attempt (browser-webkit.rules) * 1:21029 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules) * 1:21030 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules) * 1:21031 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules) * 1:21032 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules) * 1:21033 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules) * 1:21034 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules) * 1:21050 <-> DISABLED <-> SERVER-OTHER HP Diagnostics Server magentservice.exe stack overflow attempt (server-other.rules) * 1:21057 <-> DISABLED <-> FILE-OTHER Java Applet Rhino script engine remote code execution attempt (file-other.rules) * 1:21076 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules) * 1:21077 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call (browser-plugins.rules) * 1:21078 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectShow GraphEdt closed captioning memory corruption (file-multimedia.rules) * 1:21079 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC HMI Administrator cookie detected (protocol-scada.rules) * 1:21116 <-> DISABLED <-> FILE-OTHER Cisco Webex selector and size2 subrecords corruption attempt (file-other.rules) * 1:21159 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:21167 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:21168 <-> DISABLED <-> FILE-MULTIMEDIA AVI file chunk length integer overflow attempt (file-multimedia.rules) * 1:21170 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules) * 1:21189 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari innerHTML use after free exploit attempt (browser-webkit.rules) * 1:21234 <-> DISABLED <-> SERVER-WEBAPP MKCOL Webdav Stack Buffer Overflow attempt (server-webapp.rules) * 1:21236 <-> DISABLED <-> SERVER-WEBAPP UNLOCK Webdav Stack Buffer Overflow attempt (server-webapp.rules) * 1:21243 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:21281 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules) * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules) * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules) * 1:21291 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid row option attempt (file-office.rules) * 1:21292 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules) * 1:21293 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio corrupted compressed data memory corruption attempt (file-office.rules) * 1:21299 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight privilege escalation attempt (browser-plugins.rules) * 1:21301 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules) * 1:21302 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_OLEChunk code execution attempt (file-office.rules) * 1:21305 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules) * 1:21307 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSheet code execution attempt (file-office.rules) * 1:21308 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules) * 1:21309 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules) * 1:21310 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules) * 1:21316 <-> DISABLED <-> FILE-OTHER Adobe shockwave director tSAC string termination memory corruption attempt (file-other.rules) * 1:21317 <-> DISABLED <-> FILE-OTHER BACnet OPC client csv file buffer overflow attempt (file-other.rules) * 1:21326 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActiveX URL import attempt (file-flash.rules) * 1:21335 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion null dereference attempt (file-flash.rules) * 1:21336 <-> DISABLED <-> FILE-FLASH Adobe Flash ASConstructor insecure calling attempt (file-flash.rules) * 1:21338 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP4 zero length atom attempt (file-flash.rules) * 1:21339 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom auth field attempt (file-multimedia.rules) * 1:21341 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'dscp' field attempt (file-multimedia.rules) * 1:21342 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom cprt field attempt (file-multimedia.rules) * 1:21357 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (os-windows.rules) * 1:21363 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:21371 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director KEY chunk buffer overflow attempt (file-other.rules) * 1:21414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules) * 1:21415 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules) * 1:21422 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (file-office.rules) * 1:21423 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:21439 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (file-image.rules) * 1:21457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:21458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:21483 <-> DISABLED <-> PROTOCOL-SCADA Moxa Device Manager buffer overflow attempt (protocol-scada.rules) * 1:21484 <-> DISABLED <-> FILE-OTHER ZIP file name overflow attempt (file-other.rules) * 1:21491 <-> DISABLED <-> PROTOCOL-SCADA Sielco Sistemi Winlog Pro stack buffer overflow attempt (protocol-scada.rules) * 1:21503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXDB memory corruption (file-office.rules) * 1:21504 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21505 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21506 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21507 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21508 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Stage3D null dereference attempt (file-flash.rules) * 1:21534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules) * 1:21535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules) * 1:21536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Stage3D null dereference attempt (file-flash.rules) * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules) * 1:21567 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules) * 1:21647 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:21653 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript getURL target null reference attempt (file-flash.rules) * 1:21654 <-> DISABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules) * 1:21655 <-> DISABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules) * 1:21752 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot request buffer overflow attempt (server-other.rules) * 1:21754 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:21790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:21791 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:21792 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (file-executable.rules) * 1:21793 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (browser-ie.rules) * 1:21795 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:21796 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:21806 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:21858 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules) * 1:21859 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules) * 1:21878 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:21881 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules) * 1:21882 <-> DISABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules) * 1:21883 <-> DISABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules) * 1:21914 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot opcode 6C request buffer overflow attempt (server-other.rules) * 1:21918 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX clsid access attempt (browser-plugins.rules) * 1:21919 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX function call access attempt (browser-plugins.rules) * 1:21929 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:21930 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:21942 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules) * 1:21943 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules) * 1:22004 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22005 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22006 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22007 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22008 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22009 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22010 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22011 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22012 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22038 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:22042 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (file-executable.rules) * 1:22063 <-> DISABLED <-> SERVER-WEBAPP PHP-CGI remote file include attempt (server-webapp.rules) * 1:22069 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22070 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio IndexDirectorySize greater than ChildrenSize memory access attempt (file-office.rules) * 1:22077 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules) * 1:22079 <-> DISABLED <-> OS-WINDOWS Microsoft .NET framework EvidenceBase class remote code execution attempt (os-windows.rules) * 1:22080 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer xbap custom ISeralizable object exception attempt (browser-ie.rules) * 1:22085 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (file-office.rules) * 1:22086 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (file-office.rules) * 1:22087 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font maxComponentPoints overflow attempt (file-other.rules) * 1:22090 <-> DISABLED <-> OS-WINDOWS Microsoft .NET framework malicious XBAP attempt (os-windows.rules) * 1:22091 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules) * 1:22092 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules) * 1:22093 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules) * 1:22094 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules) * 1:22915 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22916 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22938 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:22942 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:22952 <-> DISABLED <-> SERVER-OTHER Iron Mountain connected backup opcode 13 processing command injection attempt (server-other.rules) * 1:23004 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23005 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23006 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23007 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23008 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules) * 1:23009 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules) * 1:23010 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules) * 1:23048 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid attempt (browser-plugins.rules) * 1:23049 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules) * 1:23050 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules) * 1:23056 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules) * 1:23059 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules) * 1:23060 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules) * 1:23098 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules) * 1:23099 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceHex denial of service attempt (server-other.rules) * 1:23102 <-> DISABLED <-> POLICY-OTHER Seagate BlackArmor administrator password reset attempt (policy-other.rules) * 1:23111 <-> DISABLED <-> POLICY-OTHER PHP uri tag injection attempt (policy-other.rules) * 1:23116 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 CTreeNode use after free attempt (browser-ie.rules) * 1:23117 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 DOM element use after free attempt (browser-ie.rules) * 1:23118 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer console object use after free attempt (browser-ie.rules) * 1:23121 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (browser-ie.rules) * 1:23122 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules) * 1:23124 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:23125 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:23126 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer insertAdjacentText memory corruption attempt (browser-ie.rules) * 1:23127 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET xbap STGMEDIUM.unionmember arbitrary number overwrite attempt (file-executable.rules) * 1:23129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SecureSocket use without Connect attempt (file-flash.rules) * 1:23130 <-> DISABLED <-> FILE-FLASH Adobe Flash Player X509 direct instantiation property access attempt (file-flash.rules) * 1:23131 <-> DISABLED <-> FILE-FLASH Adobe Flash Player X500 DistinguishedName property access attempt (file-flash.rules) * 1:23132 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineSound tag long recordheader length field attempt (file-flash.rules) * 1:23133 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash.display.BitmapData constuctor overflow attempt (file-flash.rules) * 1:23134 <-> DISABLED <-> FILE-FLASH Adobe Flash Player broker destructor DoS attempt (file-flash.rules) * 1:23135 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash.DisplayObject memory corruption attempt (file-flash.rules) * 1:23142 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23143 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23144 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23145 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23146 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23174 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules) * 1:23175 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules) * 1:23178 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement flood attempt (protocol-icmp.rules) * 1:23181 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework xbap DataObject object pointer attempt (file-executable.rules) * 1:23212 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:23239 <-> DISABLED <-> SERVER-OTHER Wireshark console.lua file load exploit attempt (server-other.rules) * 1:23240 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:23241 <-> DISABLED <-> SERVER-OTHER HP DPNECentral RequestCopy type SQL injection attempt (server-other.rules) * 1:23263 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules) * 1:23264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:23265 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:23269 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules) * 1:23270 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules) * 1:23278 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested list memory corruption attempt (browser-ie.rules) * 1:23280 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer corrupted HROW instance write access violation attempt (browser-ie.rules) * 1:23285 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:23286 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23287 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23288 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23289 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23290 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23291 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23292 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23293 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23294 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23295 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23296 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23297 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23299 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23300 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23301 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23302 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23304 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23330 <-> DISABLED <-> PROTOCOL-SCADA ScadaTec Procyon Core server password overflow attempt (protocol-scada.rules) * 1:23352 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (browser-plugins.rules) * 1:23353 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX function call access attempt (browser-plugins.rules) * 1:23355 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager AddTask stack buffer overflow attempt (server-other.rules) * 1:23371 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:23400 <-> DISABLED <-> FILE-OTHER Apple Quicktime JPEG2000 length integer underflow attempt (file-other.rules) * 1:23445 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox use-after free remote code execution attempt (browser-firefox.rules) * 1:23461 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules) * 1:23462 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23463 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules) * 1:23464 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules) * 1:23465 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23478 <-> DISABLED <-> FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (file-other.rules) * 1:23479 <-> DISABLED <-> FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (file-other.rules) * 1:23508 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules) * 1:23509 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules) * 1:23510 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules) * 1:23511 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules) * 1:23512 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules) * 1:23513 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23514 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23515 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23516 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23526 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:23527 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:23528 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules) * 1:23530 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:23531 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:23532 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:23533 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules) * 1:23545 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules) * 1:23546 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules) * 1:23547 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules) * 1:23548 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:23549 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:23550 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules) * 1:23551 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:23552 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:23553 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules) * 1:23554 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules) * 1:23555 <-> DISABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules) * 1:23558 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:23559 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:23577 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules) * 1:23579 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules) * 1:23582 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules) * 1:23583 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23584 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules) * 1:23585 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules) * 1:23586 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules) * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules) * 1:23591 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:23592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules) * 1:23609 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules) * 1:23611 <-> DISABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules) * 1:23612 <-> DISABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules) * 1:23614 <-> DISABLED <-> FILE-JAVA Oracle JavaScript heap exploitation library usage attempt (file-java.rules) * 1:23624 <-> DISABLED <-> SERVER-OTHER Ubisoft Uplay browser plugin backdoor attempt (server-other.rules) * 1:23631 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - POST parameter (server-apache.rules) * 1:23632 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23783 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (server-webapp.rules) * 1:23789 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (browser-firefox.rules) * 1:23790 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (browser-firefox.rules) * 1:23805 <-> DISABLED <-> BROWSER-WEBKIT WebKit button column memory corruption attempt (browser-webkit.rules) * 1:23834 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (browser-ie.rules) * 1:23835 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (browser-ie.rules) * 1:23836 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules) * 1:23837 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB host announcement format string exploit attempt (os-windows.rules) * 1:23838 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NetServerEnum response host format string exploit attempt (os-windows.rules) * 1:23840 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:23841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:23842 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23846 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Terminal server RDP freed memory write attempt (os-windows.rules) * 1:23853 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:23854 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:23864 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (file-pdf.rules) * 1:23865 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (file-pdf.rules) * 1:23866 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23867 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23868 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23869 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23870 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23871 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23874 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (file-pdf.rules) * 1:23875 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (file-pdf.rules) * 1:23878 <-> DISABLED <-> BROWSER-PLUGINS Oracle JRE Deployment Toolkit ActiveX clsid access attempt (browser-plugins.rules) * 1:23879 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules) * 1:23880 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules) * 1:23881 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23882 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23883 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (file-pdf.rules) * 1:23884 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (file-pdf.rules) * 1:23889 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23890 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23891 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23892 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23950 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules) * 1:23951 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules) * 1:23956 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23958 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23959 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23960 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23961 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23964 <-> DISABLED <-> PROTOCOL-SCADA BroadWin WebAccess Client format string exploit attempt (protocol-scada.rules) * 1:23965 <-> DISABLED <-> PROTOCOL-SCADA BroadWin WebAccess Client arbitrary memory corruption attempt (protocol-scada.rules) * 1:23967 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt - compressed (file-flash.rules) * 1:23979 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23980 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23981 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23982 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23983 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23985 <-> DISABLED <-> BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (browser-plugins.rules) * 1:23986 <-> DISABLED <-> BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (browser-plugins.rules) * 1:23989 <-> DISABLED <-> FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (file-office.rules) * 1:23992 <-> DISABLED <-> FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (file-office.rules) * 1:23993 <-> DISABLED <-> SERVER-OTHER Dhcpcd packet size buffer overflow attempt (server-other.rules) * 1:23996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:23997 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:23999 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24000 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24001 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24002 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24003 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24007 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules) * 1:24090 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV invalid character argument injection attempt (os-windows.rules) * 1:24129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel catLabel pointer manipulation attempt (file-office.rules) * 1:24130 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel catLabel pointer manipulation attempt (file-office.rules) * 1:24138 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules) * 1:24139 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules) * 1:24140 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules) * 1:24142 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:24147 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules) * 1:24148 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious charstring stream attempt (file-pdf.rules) * 1:24149 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious charstring stream attempt (file-pdf.rules) * 1:24150 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TrueType font corrupt header attempt (file-pdf.rules) * 1:24151 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TrueType font corrupt header attempt (file-pdf.rules) * 1:24152 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (file-pdf.rules) * 1:24153 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (file-pdf.rules) * 1:24154 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader free text annotation invalid IT value denial of service attempt (file-pdf.rules) * 1:24155 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader free text annotation invalid IT value denial of service attempt (file-pdf.rules) * 1:2417 <-> DISABLED <-> PROTOCOL-FTP format string attempt (protocol-ftp.rules) * 1:24187 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:24188 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:24196 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules) * 1:24197 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules) * 1:24199 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules) * 1:24200 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules) * 1:24203 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:24204 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:24205 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:24207 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules) * 1:24208 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules) * 1:24209 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules) * 1:24212 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer execCommand use-after-free attempt (browser-ie.rules) * 1:24220 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules) * 1:24221 <-> DISABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules) * 1:24222 <-> DISABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules) * 1:24223 <-> DISABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules) * 1:24239 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Internet Agent content-length integer overflow attempt (server-webapp.rules) * 1:24240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:24242 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:24244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:24245 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:24252 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer execCommand use embedded within javascript tags (browser-ie.rules) * 1:24272 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:24273 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:24277 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:24278 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:24279 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:24280 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:24281 <-> DISABLED <-> BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX clsid access (browser-plugins.rules) * 1:24282 <-> DISABLED <-> BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX function call access (browser-plugins.rules) * 1:24283 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC webm memory corruption attempt (file-multimedia.rules) * 1:24291 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules) * 1:24292 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules) * 1:24296 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement invalid prefix option attempt (protocol-icmp.rules) * 1:24314 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24315 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24316 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24317 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24318 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24319 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24320 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24338 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:24351 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 use-after-free attempt (file-office.rules) * 1:24352 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 use-after-free attempt (file-office.rules) * 1:24353 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF malformed listid attempt (file-office.rules) * 1:24354 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF malformed listid attempt (file-office.rules) * 1:24357 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rgfc value overflow attempt (file-office.rules) * 1:24358 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rgfc value overflow attempt (file-office.rules) * 1:24362 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24363 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24364 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24365 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24366 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed record stack exhaustion attempt (file-flash.rules) * 1:24367 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed record stack exhaustion attempt (file-flash.rules) * 1:24380 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules) * 1:24414 <-> DISABLED <-> FILE-FLASH Adobe Flash Player stsz box heap overflow attempt (file-flash.rules) * 1:24415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player stsz box heap overflow attempt (file-flash.rules) * 1:24428 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24429 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24431 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24446 <-> DISABLED <-> SERVER-OTHER EMC NetWorker SunRPC format string exploit attempt (server-other.rules) * 1:24476 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24477 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24478 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24479 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24480 <-> DISABLED <-> PROTOCOL-SCADA WellinTech Kingview HMI history server buffer overflow attempt (protocol-scada.rules) * 1:24481 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24485 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules) * 1:24486 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules) * 1:24506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader null pointer dereference attempt (file-pdf.rules) * 1:24507 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:24508 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:24510 <-> DISABLED <-> FILE-JAVA Oracle Java XGetSamplePtrFromSnd memory corruption attempt (file-java.rules) * 1:24511 <-> DISABLED <-> FILE-JAVA Oracle Java XGetSamplePtrFromSnd memory corruption attempt (file-java.rules) * 1:24518 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code injection attempt (server-webapp.rules) * 1:24519 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code execution attempt (server-webapp.rules) * 1:24520 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules) * 1:24536 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules) * 1:24537 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules) * 1:24538 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules) * 1:24549 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (file-multimedia.rules) * 1:24550 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (file-multimedia.rules) * 1:24551 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:24552 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:24553 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:24556 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:24557 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:24558 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:24570 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24571 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24572 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24573 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24574 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24578 <-> DISABLED <-> BROWSER-PLUGINS Viscom Movie Player Pro DrawText ActiveX clsid access (browser-plugins.rules) * 1:24579 <-> DISABLED <-> BROWSER-PLUGINS Viscom Movie Player Pro DrawText ActiveX function call access (browser-plugins.rules) * 1:24580 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24581 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:24582 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24583 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24584 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:24585 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24587 <-> DISABLED <-> FILE-OFFICE Microsoft Works Word document use after free attempt (file-office.rules) * 1:24588 <-> DISABLED <-> FILE-OFFICE Microsoft Works Word document use after free attempt (file-office.rules) * 1:24643 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX function call access (browser-plugins.rules) * 1:24644 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24645 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24646 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET exetension ActiveX clsid access (browser-plugins.rules) * 1:24649 <-> DISABLED <-> FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (file-other.rules) * 1:24650 <-> DISABLED <-> FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (file-other.rules) * 1:24653 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 table th element use after free attempt (browser-ie.rules) * 1:24654 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 table th element use after free attempt (browser-ie.rules) * 1:24657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules) * 1:24658 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules) * 1:24659 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules) * 1:24660 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 style properties use after free attempt (browser-ie.rules) * 1:24661 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 style properties use after free attempt (browser-ie.rules) * 1:24662 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer button object use after free memory corruption attempt (browser-ie.rules) * 1:24663 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer button object use after free memory corruption attempt (browser-ie.rules) * 1:24664 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (file-executable.rules) * 1:24665 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (file-executable.rules) * 1:24672 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules) * 1:24673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SST record invalid length memory corruption attempt (file-office.rules) * 1:24674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SST record invalid length memory corruption attempt (file-office.rules) * 1:24675 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX realm parameter overflow attempt (browser-plugins.rules) * 1:24676 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX real parameter overflow attempt (browser-plugins.rules) * 1:24678 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24679 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24680 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24681 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24682 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24683 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24684 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24685 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24687 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:24688 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:24689 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX function call access (browser-plugins.rules) * 1:24690 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24691 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24692 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET exetension ActiveX clsid access (browser-plugins.rules) * 1:24693 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:24694 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules) * 1:24695 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules) * 1:24696 <-> DISABLED <-> PROTOCOL-RPC EMC Networker nsrindexd.exe procedure 0x01 buffer overflow attempt (protocol-rpc.rules) * 1:24699 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules) * 1:24700 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules) * 1:24701 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules) * 1:24702 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24703 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24704 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (server-webapp.rules) * 1:24705 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (server-webapp.rules) * 1:24723 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX clsid access attempt (browser-plugins.rules) * 1:24724 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX function call access (browser-plugins.rules) * 1:24725 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX clsid access (browser-plugins.rules) * 1:24726 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX function call access (browser-plugins.rules) * 1:24761 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24762 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24765 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request heap overflow attempt (server-webapp.rules) * 1:24767 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter FSFUI request directory traversal attempt (server-webapp.rules) * 1:24802 <-> DISABLED <-> SERVER-OTHER HP Database Archiving Software GIOP parsing buffer overflow attempt (server-other.rules) * 1:24804 <-> DISABLED <-> SERVER-WEBAPP Invision IP Board PHP unserialize code execution attempt (server-webapp.rules) * 1:24808 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer premature unload of Flash plugin use after free attempt (file-flash.rules) * 1:24809 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer premature unload of Flash plugin use after free attempt (file-flash.rules) * 1:24810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24811 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24812 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24813 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24823 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:24827 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24828 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24829 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24830 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24831 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24832 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24833 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24834 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24835 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24836 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24868 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint bad text header txttype attempt (file-office.rules) * 1:24869 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24870 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24871 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24872 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24874 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24875 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24876 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24877 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24879 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid JPEG index attempt (file-flash.rules) * 1:24882 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid JPEG index attempt (file-flash.rules) * 1:24892 <-> DISABLED <-> FILE-FLASH Action InitArray stack overflow attempt (file-flash.rules) * 1:24893 <-> DISABLED <-> FILE-FLASH Action InitArray stack overflow attempt (file-flash.rules) * 1:24895 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt (file-flash.rules) * 1:24896 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt (file-flash.rules) * 1:24898 <-> DISABLED <-> SERVER-OTHER ABB Multiple Product RobNetScanHost.exe buffer overflow attempt (server-other.rules) * 1:24913 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules) * 1:24914 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules) * 1:24915 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules) * 1:24955 <-> DISABLED <-> FILE-MULTIMEDIA AVI file chunk length integer overflow attempt (file-multimedia.rules) * 1:24956 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property use after free memory corruption attempt (browser-ie.rules) * 1:24957 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24958 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24959 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24960 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24961 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24962 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24963 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24964 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24965 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24966 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24967 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24968 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24969 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24970 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24980 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24981 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24982 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24983 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24984 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadPCMFromByteArray bad sample count attempt (file-flash.rules) * 1:24985 <-> DISABLED <-> FILE-FLASH Adobe Flash Player index overflow attempt (file-flash.rules) * 1:24986 <-> DISABLED <-> FILE-FLASH Adobe Flash Player index overflow attempt (file-flash.rules) * 1:24989 <-> DISABLED <-> FILE-FLASH Adobe Flash Player specially invalid traits structure attempt (file-flash.rules) * 1:24990 <-> DISABLED <-> FILE-FLASH Adobe Flash Player specially invalid traits structure attempt (file-flash.rules) * 1:24991 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DoInitAction invalid action overflow attempt (file-flash.rules) * 1:24992 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DoInitAction invalid action overflow attempt (file-flash.rules) * 1:24993 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules) * 1:24994 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox onChannelRedirect method attempt (browser-firefox.rules) * 1:24997 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24998 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24999 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:25000 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:25003 <-> DISABLED <-> SERVER-OTHER HP Archive Query Server stack overflow attempt (server-other.rules) * 1:25006 <-> DISABLED <-> FILE-JAVA Oracle JavaScript heap exploitation library usage attempt (file-java.rules) * 1:25017 <-> DISABLED <-> SERVER-WEBAPP httpdx tolog function format string code execution attempt (server-webapp.rules) * 1:25035 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight inheritance restriction bypass (browser-plugins.rules) * 1:25059 <-> DISABLED <-> SERVER-OTHER SAP Business One License Manager buffer overflow attempt (server-other.rules) * 1:25078 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:25079 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:25225 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules) * 1:25226 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules) * 1:25227 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox iframe and xul element reload crash attempt (browser-firefox.rules) * 1:25228 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox iframe and xul element reload crash attempt (browser-firefox.rules) * 1:25246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:25247 <-> DISABLED <-> FILE-OTHER Lattice PAC Designer symbol value buffer overflow attempt (file-other.rules) * 1:25248 <-> DISABLED <-> FILE-OTHER Lattice PAC Designer symbol value buffer overflow attempt (file-other.rules) * 1:25250 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules) * 1:25251 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules) * 1:25252 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules) * 1:25253 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules) * 1:25254 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (browser-plugins.rules) * 1:25287 <-> DISABLED <-> SERVER-OTHER Rails XML parameter parsing vulnerability exploitation attempt (server-other.rules) * 1:25288 <-> DISABLED <-> SERVER-OTHER Rails XML parameter parsing vulnerability exploitation attempt (server-other.rules) * 1:25297 <-> DISABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules) * 1:25298 <-> DISABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules) * 1:25299 <-> DISABLED <-> BROWSER-PLUGINS IBM VsVIEW ActiveX control directory traversal attempt (browser-plugins.rules) * 1:25300 <-> DISABLED <-> BROWSER-PLUGINS IBM VsVIEW ActiveX control directory traversal attempt (browser-plugins.rules) * 1:25303 <-> DISABLED <-> FILE-OTHER Cisco WebEx WRF memory corruption attempt (file-other.rules) * 1:25304 <-> DISABLED <-> FILE-OTHER Cisco WebEx WRF memory corruption attempt (file-other.rules) * 1:25309 <-> DISABLED <-> FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (file-other.rules) * 1:25310 <-> DISABLED <-> FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (file-other.rules) * 1:25311 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules) * 1:25312 <-> DISABLED <-> SERVER-OTHER Microsoft Forefront Threat Management Gateway remote code execution attempt (server-other.rules) * 1:25316 <-> DISABLED <-> BROWSER-PLUGINS InduSoft ISSymbol InternationalSeparator heap overflow attempt (browser-plugins.rules) * 1:25318 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules) * 1:25319 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules) * 1:25320 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules) * 1:25321 <-> DISABLED <-> SERVER-ORACLE Oracle Database tablefunc_asown buffer overflow attempt (server-oracle.rules) * 1:25330 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel conditional code execution attempt (file-office.rules) * 1:25331 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel conditional code execution attempt (file-office.rules) * 1:25332 <-> DISABLED <-> FILE-OTHER Adobe Audition Session file tkrm stack buffer overflow attempt (file-other.rules) * 1:25341 <-> DISABLED <-> FILE-OTHER Cisco WebEx player remote code execution attempt (file-other.rules) * 1:25343 <-> DISABLED <-> BROWSER-PLUGINS Citrix Access Gateway plug-in ActiveX code execution attempt (browser-plugins.rules) * 1:25344 <-> DISABLED <-> BROWSER-PLUGINS Citrix Access Gateway plug-in ActiveX code execution attempt (browser-plugins.rules) * 1:25346 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules) * 1:25347 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules) * 1:25348 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules) * 1:25353 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:25354 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:25355 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:25357 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:25366 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules) * 1:25367 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules) * 1:25376 <-> DISABLED <-> FILE-IMAGE Apple QuickTime Targa image file buffer overflow attempt (file-image.rules) * 1:25378 <-> DISABLED <-> FILE-IMAGE Apple QuickTime Targa image file buffer overflow attempt (file-image.rules) * 1:25381 <-> DISABLED <-> SERVER-OTHER Microsoft Forefront Threat Management Gateway remote code execution attempt (server-other.rules) * 1:25392 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules) * 1:25474 <-> DISABLED <-> SERVER-OTHER Citrix Access Gateway legacy authentication attempt (server-other.rules) * 1:25475 <-> DISABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules) * 1:25527 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint unbound memcpy and remote code execution attempt (file-office.rules) * 1:25535 <-> DISABLED <-> PROTOCOL-SERVICES Cisco Prime Lan Management rsh command execution attempt (protocol-services.rules) * 1:25542 <-> DISABLED <-> PROTOCOL-RPC EMC NetWorker nsrindexd service buffer overflow attempt (protocol-rpc.rules) * 1:25549 <-> DISABLED <-> SERVER-OTHER Novell eDirectory NCP stack buffer overflow attempt (server-other.rules) * 1:25550 <-> DISABLED <-> SERVER-OTHER Novell eDirectory NCP stack buffer overflow attempt (server-other.rules) * 1:25589 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25601 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25612 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25617 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25618 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25619 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25620 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25644 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25645 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25646 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25647 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25648 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25649 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25654 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (server-other.rules) * 1:25655 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (server-other.rules) * 1:25768 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (file-office.rules) * 1:25779 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:25835 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (file-flash.rules) * 1:26027 <-> DISABLED <-> FILE-OTHER Adobe Director file file rcsL overflow attempt (file-other.rules) * 1:26028 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:26029 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:26066 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26067 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26068 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26069 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26103 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra ping request buffer overflow attempt (server-other.rules) * 1:26105 <-> DISABLED <-> SERVER-OTHER BigAnt IM Server buffer overflow attempt (server-other.rules) * 1:26110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:26111 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:26112 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:26113 <-> DISABLED <-> FILE-PDF Adobe Flash Player memory corruption attempt (file-pdf.rules) * 1:26176 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXDB memory corruption attempt (file-office.rules) * 1:26181 <-> DISABLED <-> BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX clsid access attempt (browser-plugins.rules) * 1:26182 <-> DISABLED <-> BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX function call access attempt (browser-plugins.rules) * 1:26183 <-> DISABLED <-> BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX clsid access attempt (browser-plugins.rules) * 1:26184 <-> DISABLED <-> BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX function call access attempt (browser-plugins.rules) * 1:26187 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid attempt (browser-plugins.rules) * 1:26209 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules) * 1:26210 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules) * 1:26258 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules) * 1:26259 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules) * 1:26295 <-> DISABLED <-> FILE-OTHER Watering Hole Campaign applet download (file-other.rules) * 1:26333 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules) * 1:26334 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules) * 1:26336 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra snmp request buffer overflow attempt (server-other.rules) * 1:26378 <-> DISABLED <-> BROWSER-PLUGINS Viscom Software Image Viewer ActiveX function call access (browser-plugins.rules) * 1:26393 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX function call access (browser-plugins.rules) * 1:26414 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server executable file upload attempt (protocol-scada.rules) * 1:26415 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server directory traversal attempt (protocol-scada.rules) * 1:26416 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules) * 1:26417 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules) * 1:26471 <-> DISABLED <-> PROTOCOL-FTP VanDyke AbsoluteFTP LIST command stack buffer overflow attempt (protocol-ftp.rules) * 1:26488 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server directory traversal attempt (protocol-scada.rules) * 1:26495 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules) * 1:26496 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules) * 1:26502 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules) * 1:26503 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules) * 1:26504 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules) * 1:26548 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (server-webapp.rules) * 1:26584 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (browser-ie.rules) * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules) * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules) * 1:26661 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:26662 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:26682 <-> DISABLED <-> BROWSER-PLUGINS Oracle JRE Deployment Toolkit ActiveX clsid access attempt (browser-plugins.rules) * 1:26699 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:26700 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:26701 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:26769 <-> DISABLED <-> SERVER-OTHER MIT Kerberos kpasswd process_chpw_request denial of service attempt (server-other.rules) * 1:26973 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules) * 1:27006 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager URI rping stack buffer overflow attempt (server-webapp.rules) * 1:27173 <-> DISABLED <-> BROWSER-PLUGINS Cisco AnyConnect mobility client activex clsid access attempt (browser-plugins.rules) * 1:27179 <-> DISABLED <-> BROWSER-PLUGINS Oracle document capture EMPOP3Lib ActiveX clsid access attempt (browser-plugins.rules) * 1:27220 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer virtual function table corruption attempt (browser-ie.rules) * 1:27221 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer virtual function table corruption attempt (browser-ie.rules) * 1:27222 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:27223 <-> DISABLED <-> BROWSER-PLUGINS Oracle document capture Actbar2.ocx ActiveX clsid access attempt (browser-plugins.rules) * 1:27576 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font maxComponentPoints overflow attempt (file-other.rules) * 1:27598 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Admin Server command injection attempt (server-webapp.rules) * 1:27656 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:27657 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:27658 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:27754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (file-flash.rules) * 1:27796 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure POST SQL injection attempt (server-webapp.rules) * 1:27797 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure SQL injection attempt (server-webapp.rules) * 1:27798 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules) * 1:27799 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules) * 1:27862 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules) * 1:27908 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules) * 1:27909 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules) * 1:27945 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules) * 1:28088 <-> DISABLED <-> POLICY-SOCIAL Pidgin MXIT emoticon integer overflow attempt (policy-social.rules) * 1:28103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (file-office.rules) * 1:28137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules) * 1:28257 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC remote memory corruption attempt (file-pdf.rules) * 1:28258 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:28259 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:28260 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC remote memory corruption attempt (file-pdf.rules) * 1:28262 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28263 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules) * 1:28266 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (file-pdf.rules) * 1:28267 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28268 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28269 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28270 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28271 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer htmlfile null attribute access attempt (browser-ie.rules) * 1:28272 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer htmlfile ActiveX object access attempt (browser-plugins.rules) * 1:28278 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (server-webapp.rules) * 1:28306 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS expression defined to empty selection attempt (browser-ie.rules) * 1:28331 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28332 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28333 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28334 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28335 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28336 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28337 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28338 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28339 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28340 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28341 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28342 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28343 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28349 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:28350 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:28351 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:28354 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28355 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28356 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28357 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28358 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28359 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28360 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28363 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:28364 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:28388 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28389 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28390 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:28391 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:28393 <-> DISABLED <-> SERVER-OTHER EMC Replication Manager irccd remote command execution attempt (server-other.rules) * 1:28426 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28427 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28448 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center BIMS bimsDownload directory traversal attempt (server-webapp.rules) * 1:28451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28453 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28461 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28462 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28492 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer freed CTreePos object use-after-free attempt (browser-ie.rules) * 1:28494 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer execCommand CTreePos memory corruption attempt (browser-ie.rules) * 1:28498 <-> ENABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules) * 1:28623 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28624 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28625 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules) * 1:28626 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D RHAdobeMeta Buffer Overflow (file-pdf.rules) * 1:28627 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28628 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules) * 1:28634 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (file-pdf.rules) * 1:28635 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28636 <-> DISABLED <-> FILE-FLASH Adobe Flash Player multimedia file DefineSceneAndFrameLabelData code execution attempt (file-flash.rules) * 1:28637 <-> DISABLED <-> FILE-FLASH Adobe Flash Player multimedia file DefineSceneAndFrameLabelData code execution attempt (file-flash.rules) * 1:28638 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28639 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28642 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28643 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28687 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28688 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28689 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28692 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28693 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28694 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28703 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:28704 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:28705 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28706 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28707 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28708 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28709 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules) * 1:28710 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28711 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28712 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28713 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28714 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28715 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28716 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compact font format memory corruption attempt (file-pdf.rules) * 1:28717 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compact font format memory corruption attempt (file-pdf.rules) * 1:28718 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28719 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28720 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28721 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28722 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules) * 1:28723 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules) * 1:28725 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (file-pdf.rules) * 1:28744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:28745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:28747 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules) * 1:28748 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules) * 1:28790 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D stream memory corruption attempt (file-pdf.rules) * 1:28794 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules) * 1:28849 <-> DISABLED <-> SERVER-WEBAPP WordPress XMLRPC potential port-scan attempt (server-webapp.rules) * 1:28867 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28868 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28869 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28870 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28871 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28872 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28880 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CElement Use After Free exploit attempt (browser-ie.rules) * 1:28902 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28903 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28904 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28905 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28906 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28907 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28908 <-> DISABLED <-> SERVER-OTHER Nagios core config manager tfpassword sql injection attempt (server-other.rules) * 1:28917 <-> DISABLED <-> PROTOCOL-SCADA Microsys Promotic directory traversal attempt (protocol-scada.rules) * 1:28956 <-> DISABLED <-> SERVER-WEBAPP Novell Zenworks configuration management umaninv information disclosure attempt (server-webapp.rules) * 1:28961 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules) * 1:28962 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules) * 1:29014 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules) * 1:29018 <-> DISABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin getReport SQL injection attempt (server-webapp.rules) * 1:29036 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CElement Use After Free exploit attempt (browser-ie.rules) * 1:29040 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules) * 1:29105 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral agentLogUploader servlet directory traversal attempt (server-webapp.rules) * 1:29118 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger Server process memory information disclosure attempt (server-webapp.rules) * 1:29168 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EUC-JP encoding cross site scripting attempt (browser-ie.rules) * 1:29169 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EUC-JP encoding cross site scripting attempt (browser-ie.rules) * 1:29192 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules) * 1:29193 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules) * 1:29214 <-> DISABLED <-> FILE-JAVA Oracle Java JPEGImageWriter memory corruption attempt (file-java.rules) * 1:29265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property use after free memory corruption attempt (browser-ie.rules) * 1:29326 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules) * 1:29327 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules) * 1:29328 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules) * 1:29502 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:29503 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products SVG text content element getCharNumAtPosition use after free attempt (browser-firefox.rules) * 1:29505 <-> DISABLED <-> PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (protocol-scada.rules) * 1:29511 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM jovgraph.exe CGI hostname parameter bugger overflow attempt (server-webapp.rules) * 1:29515 <-> DISABLED <-> PROTOCOL-SCADA ScadaTec Procyon Core server password overflow attempt (protocol-scada.rules) * 1:29522 <-> DISABLED <-> SERVER-WEBAPP Alcatel-Lucent OmniPCX Office remote code execution attempt (server-webapp.rules) * 1:29526 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:29527 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:29533 <-> DISABLED <-> BROWSER-PLUGINS Quest InTrust Annotation Objects ActiveX function call access attempt (browser-plugins.rules) * 1:29534 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server invalid memory access attempt (protocol-scada.rules) * 1:29535 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules) * 1:29537 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APIMonitorImpl information disclosure attempt (server-webapp.rules) * 1:29539 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29540 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29541 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29542 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29543 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29544 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29545 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29546 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29570 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29571 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29572 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29573 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29574 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29575 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29576 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29577 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29582 <-> DISABLED <-> SERVER-OTHER Mediawiki DjVu and PDF handling code execution attempt (server-other.rules) * 1:29583 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center information disclosure attempt (server-webapp.rules) * 1:29584 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector LogClientInstallation SQL Injection attempt (server-webapp.rules) * 1:29585 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 3 buffer overflow attempt (server-other.rules) * 1:29586 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 6 buffer overflow attempt (server-other.rules) * 1:29587 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 6 buffer overflow attempt (server-other.rules) * 1:29588 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 7 buffer overflow attempt (server-other.rules) * 1:29589 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 7 buffer overflow attempt (server-other.rules) * 1:29590 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type A buffer overflow attempt (server-other.rules) * 1:29591 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type A buffer overflow attempt (server-other.rules) * 1:29593 <-> DISABLED <-> SERVER-WEBAPP Airlive IP Camera CSRF attempt (server-webapp.rules) * 1:29595 <-> DISABLED <-> SERVER-WEBAPP Airlive IP Camera directory traversal attempt (server-webapp.rules) * 1:29603 <-> DISABLED <-> SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (server-other.rules) * 1:29604 <-> DISABLED <-> OS-OTHER CoDeSys Gateway Server Denial of Service attempt detected (os-other.rules) * 1:29617 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules) * 1:29626 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29627 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29628 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29629 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29630 <-> DISABLED <-> SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (server-other.rules) * 1:29646 <-> DISABLED <-> SERVER-WEBAPP SkyBlueCanvas CMS remote command execution attempt (server-webapp.rules) * 1:29647 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (server-apache.rules) * 1:29648 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (server-apache.rules) * 1:29649 <-> DISABLED <-> SERVER-APACHE Apache Roller allowStaticMethodAccess invocation attempt (server-apache.rules) * 1:29667 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos deleted object access attempt (browser-ie.rules) * 1:29680 <-> DISABLED <-> BROWSER-PLUGINS Microsoft XML Core Services same origin policy bypass attempt (browser-plugins.rules) * 1:29681 <-> DISABLED <-> BROWSER-PLUGINS Microsoft XML Core Services same origin policy bypass attempt (browser-plugins.rules) * 1:29709 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer fontFamily attribute deleted object access memory corruption attempt (browser-ie.rules) * 1:29715 <-> DISABLED <-> SERVER-IIS Microsoft Windows ASP .NET denial of service attempt (server-iis.rules) * 1:29741 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (browser-ie.rules) * 1:29746 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway languagetest.php language parameter directory traversal attempt (server-webapp.rules) * 1:29747 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirect (server-apache.rules) * 1:29748 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirect (server-apache.rules) * 1:29751 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (server-webapp.rules) * 1:29756 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (server-webapp.rules) * 1:29758 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Javascript negative option index attack attempt (browser-ie.rules) * 1:29796 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:29797 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:29823 <-> DISABLED <-> OS-WINDOWS Microsoft Windows secure channel malformed certificate request memory corruption attempt (os-windows.rules) * 1:29871 <-> DISABLED <-> SERVER-ORACLE Oracle Reports server remote code execution attempt (server-oracle.rules) * 1:29932 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regexp out of bounds memory leak ASLR bypass attempt (file-flash.rules) * 1:29933 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regexp out of bounds memory leak ASLR bypass attempt (file-flash.rules) * 1:29934 <-> DISABLED <-> FILE-FLASH Adobe Flash regular expression grouping depth buffer overflow attempt (file-flash.rules) * 1:29936 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - CookieInterceptor (server-apache.rules) * 1:29937 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules) * 1:29954 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server heap buffer overflow attempt (protocol-scada.rules) * 1:29959 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:29964 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime directory traversal attempt (protocol-scada.rules) * 1:29979 <-> DISABLED <-> SERVER-WEBAPP Symantec Endpoint Protection Manager Unauthenticated XML External Entity Injection attempt (server-webapp.rules) * 1:30011 <-> DISABLED <-> SERVER-WEBAPP GE Proficy CIMPLICITY CimWebServer remote code execution attempt (server-webapp.rules) * 1:30031 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino stack buffer overflow attempt (server-webapp.rules) * 1:30032 <-> DISABLED <-> SERVER-OTHER Borland VisiBroker Smart Agent heap overflow attempt (server-other.rules) * 1:30144 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer ruby text tag heap-based buffer overflow attempt (browser-ie.rules) * 1:30146 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30147 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30148 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30149 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30202 <-> DISABLED <-> SERVER-MAIL Mortal Universe POP Peeper uidl header overflow attempt (server-mail.rules) * 1:30209 <-> DISABLED <-> SERVER-WEBAPP Microsoft Forefront Unified Access Gateway null session cookie denial of service (server-webapp.rules) * 1:30236 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader field flags exploit attempt (file-pdf.rules) * 1:30244 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (file-office.rules) * 1:30245 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:30246 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:30247 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:30248 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:30280 <-> DISABLED <-> SERVER-WEBAPP FreePBX config.php remote code execution attempt (server-webapp.rules) * 1:30291 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules) * 1:30292 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules) * 1:30293 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules) * 1:30297 <-> DISABLED <-> SERVER-WEBAPP Katello update_roles method privilege escalation attempt (server-webapp.rules) * 1:30305 <-> DISABLED <-> SERVER-WEBAPP Horde Framework variables.php unserialize PHP code execution attempt (server-webapp.rules) * 1:30307 <-> DISABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (server-webapp.rules) * 1:30329 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (server-other.rules) * 1:30330 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (server-other.rules) * 1:30564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime long rnet atom size buffer overflow attempt (file-multimedia.rules) * 1:30565 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime long rnet atom size buffer overflow attempt (file-multimedia.rules) * 1:30790 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30791 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30792 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30793 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30939 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows NtUserMessageCall implementation exploitation attempt (file-executable.rules) * 1:30940 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows NtUserMessageCall implementation exploitation attempt (file-executable.rules) * 1:30941 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:30944 <-> DISABLED <-> SERVER-APACHE Apache Struts CookieInterceptor classloader access attempt (server-apache.rules) * 1:30951 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint ThemeOverride XSS Attempt (server-webapp.rules) * 1:31067 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess ChartThemeConfig SQL injection attempt (server-webapp.rules) * 1:31143 <-> DISABLED <-> SERVER-WEBAPP CA ERwin Web Portal ConfigServiceProvider directory traversal attempt (server-webapp.rules) * 1:31157 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31158 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31159 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31160 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31162 <-> DISABLED <-> SERVER-OTHER Beetel 450TC2 CSRF attempt (server-other.rules) * 1:31180 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS handshake recursion denial of service attempt (server-other.rules) * 1:31206 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 CTreePos child element use-after-free attempt (browser-ie.rules) * 1:31208 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CDispNode use after free attempt (browser-ie.rules) * 1:31209 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CDispNode use after free attempt (browser-ie.rules) * 1:31217 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Server meeting URL XSS attempt (os-windows.rules) * 1:31238 <-> DISABLED <-> SERVER-OTHER Symantec pcAnywhere remote code execution attempt (server-other.rules) * 1:31245 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules) * 1:31246 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules) * 1:31281 <-> DISABLED <-> FILE-FLASH Adobe Flash Player redirect attempt (file-flash.rules) * 1:31282 <-> DISABLED <-> FILE-FLASH Adobe Flash Player redirect attempt (file-flash.rules) * 1:31283 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31291 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader DynamicAnnotStore exploit attempt (file-pdf.rules) * 1:31292 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader DynamicAnnotStore exploit attempt (file-pdf.rules) * 1:31296 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules) * 1:31297 <-> DISABLED <-> SERVER-WEBAPP VMWare vSphere API SOAP request RetrieveProperties remote denial of service attempt (server-webapp.rules) * 1:31301 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules) * 1:31325 <-> DISABLED <-> FILE-OTHER Apple OSX Finder DMG volume name memory corruption attempt (file-other.rules) * 1:31373 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules) * 1:31375 <-> DISABLED <-> SERVER-WEBAPP Hp OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:31378 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules) * 1:31379 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules) * 1:31388 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer improper object cast memory corruption attempt (browser-ie.rules) * 1:31392 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31393 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31394 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31395 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31396 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31397 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31411 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31412 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31413 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31415 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31420 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:31421 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:31427 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules) * 1:31428 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:31438 <-> DISABLED <-> PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (protocol-scada.rules) * 1:31460 <-> DISABLED <-> SERVER-WEBAPP PHP DNS parsing heap overflow attempt (server-webapp.rules) * 1:31461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules) * 1:31462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules) * 1:31473 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31474 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31475 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31476 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31477 <-> DISABLED <-> SERVER-OTHER OpenSSL SSL ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31478 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.0 ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31479 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31480 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31495 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31496 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31497 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (server-webapp.rules) * 1:31498 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2976.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:37036 <-> ENABLED <-> MALWARE-CNC Win.Trojan.ModPOS outbound communication attempt (malware-cnc.rules) * 1:37035 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37034 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37033 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37032 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37031 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37030 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37029 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:37027 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Alina variant outbound connection (malware-cnc.rules) * 1:37026 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 ciphersuite use attempt (policy-other.rules) * 1:37025 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 ciphersuite use attempt (policy-other.rules) * 1:37024 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sofacy outbound connection (malware-cnc.rules) * 1:37023 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:37022 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:37021 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:37020 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gh0st variant outbound connection (malware-cnc.rules) * 1:37019 <-> DISABLED <-> SERVER-WEBAPP wordpress kses bypass cross site scripting attempt (server-webapp.rules) * 1:37018 <-> DISABLED <-> SERVER-WEBAPP wordpress kses bypass cross site scripting attempt (server-webapp.rules) * 1:37017 <-> DISABLED <-> SERVER-OTHER Redis SSH authorized keys file overwrite attempt (server-other.rules) * 1:37016 <-> ENABLED <-> EXPLOIT-KIT DoloMalo exploit kit packer detected (exploit-kit.rules) * 1:37015 <-> DISABLED <-> PROTOCOL-DNS DNS DNAME query detected - possible attack attempt (protocol-dns.rules) * 1:37014 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit landing page detected (exploit-kit.rules)
* 1:10192 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX clsid access (browser-plugins.rules) * 1:10193 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX function call access (browser-plugins.rules) * 1:10194 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX function call access (browser-plugins.rules) * 1:1118 <-> DISABLED <-> SERVER-WEBAPP ls 20-l (server-webapp.rules) * 1:11259 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX clsid access (browser-plugins.rules) * 1:11261 <-> DISABLED <-> BROWSER-PLUGINS BarcodeWiz ActiveX function call access (browser-plugins.rules) * 1:12746 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules) * 1:12766 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX clsid access (browser-plugins.rules) * 1:12767 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules) * 1:13287 <-> DISABLED <-> OS-WINDOWS Windows remote kernel tcp/ip igmp vulnerability exploit attempt (os-windows.rules) * 1:13471 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher invalid pathname overwrite attempt (file-office.rules) * 1:13523 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules) * 1:13525 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules) * 1:13975 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Event System ActiveX clsid access (browser-plugins.rules) * 1:13977 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Event System ActiveX function call access (browser-plugins.rules) * 1:13979 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Event System Subscription VBScript access (os-windows.rules) * 1:14037 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules) * 1:14038 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules) * 1:14769 <-> DISABLED <-> SERVER-OTHER DATAC RealWin SCADA System buffer overflow attempt (server-other.rules) * 1:15266 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules) * 1:15456 <-> DISABLED <-> SERVER-OTHER WinHTTP SSL/TLS impersonation attempt (server-other.rules) * 1:15470 <-> DISABLED <-> FILE-EXECUTABLE IIS ASP/ASP.NET potentially malicious file upload attempt (file-executable.rules) * 1:15522 <-> DISABLED <-> SERVER-OTHER Active Directory invalid OID denial of service attempt (server-other.rules) * 1:15683 <-> DISABLED <-> SERVER-OTHER ISA Server OTP-based Forms-authorization fallback policy bypass attempt (server-other.rules) * 1:15727 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules) * 1:15851 <-> DISABLED <-> SERVER-IIS Microsoft ASP.NET bad request denial of service attempt (server-iis.rules) * 1:15974 <-> DISABLED <-> SERVER-IIS Microsoft IIS ASP handling buffer overflow attempt (server-iis.rules) * 1:16150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer variant argument validation remote code execution attempt (browser-ie.rules) * 1:16158 <-> DISABLED <-> OS-WINDOWS malformed ASF codec memory corruption attempt (os-windows.rules) * 1:16179 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET MSIL CLR interface multiple instantiation attempt (file-executable.rules) * 1:16182 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET MSIL stack corruption attempt (file-executable.rules) * 1:16188 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint bad text header txttype attempt (file-office.rules) * 1:16228 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed StartObject record arbitrary code execution attempt (file-office.rules) * 1:16237 <-> DISABLED <-> SERVER-OTHER Microsoft Active Directory NTDSA stack space exhaustion attempt (server-other.rules) * 1:16326 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 DOM memory corruption attempt (browser-ie.rules) * 1:16329 <-> DISABLED <-> SERVER-OTHER Microsoft Internet Authentication Service EAP-MSCHAPv2 authentication bypass attempt (server-other.rules) * 1:16337 <-> DISABLED <-> FILE-FLASH Adobe Flash Player directory traversal attempt (file-flash.rules) * 1:16353 <-> DISABLED <-> FILE-MULTIMEDIA FFmpeg OGV file format memory corruption attempt (file-multimedia.rules) * 1:16366 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules) * 1:16367 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules) * 1:16369 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt - public exploit (browser-ie.rules) * 1:16371 <-> DISABLED <-> BROWSER-PLUGINS NOS Microsystems Adobe atl_getcom ActiveX clsid access (browser-plugins.rules) * 1:16377 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:16378 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object cells reference memory corruption vulnerability (browser-ie.rules) * 1:16405 <-> DISABLED <-> PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Prefix Information stack buffer overflow attempt (protocol-icmp.rules) * 1:16409 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules) * 1:16410 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint file LinkedSlide10Atom record parsing heap corruption attempt (file-office.rules) * 1:16411 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:16412 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid TextByteAtom remote code execution attempt (file-office.rules) * 1:16414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Shell Handler remote code execution attempt (os-windows.rules) * 1:16416 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules) * 1:16419 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Data Analyzer 3.5 ActiveX clsid access (browser-plugins.rules) * 1:16421 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:16422 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Paint JPEG with malformed SOFx field integer overflow attempt (file-image.rules) * 1:16438 <-> DISABLED <-> SERVER-ORACLE WebLogic Server Node Manager arbitrary command execution attempt (server-oracle.rules) * 1:16461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules) * 1:16462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 formulas from records parsing code execution attempt (file-office.rules) * 1:16463 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 formulas from records parsing code execution attempt (file-office.rules) * 1:16464 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ContinueFRT12 heap overflow attempt (file-office.rules) * 1:16465 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ContinueFRT12 and MDXSet heap overflow attempt (file-office.rules) * 1:16466 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel uninitialized stack variable code execution attempt (file-office.rules) * 1:16467 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 1 (file-office.rules) * 1:16468 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 2 (file-office.rules) * 1:16469 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (file-office.rules) * 1:16470 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:16471 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:16492 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari inline text box use after free attempt (browser-webkit.rules) * 1:16501 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - TrueType (browser-firefox.rules) * 1:16502 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - CFF-based (browser-firefox.rules) * 1:16503 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (browser-ie.rules) * 1:16504 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 7 encoded content handling exploit attempt (browser-ie.rules) * 1:16505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML parsing memory corruption attempt (browser-ie.rules) * 1:16506 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:16507 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onreadystatechange memory corruption attempt (browser-ie.rules) * 1:16508 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 non-IE8 compatibility mode htmltime remote code execution attempt (browser-ie.rules) * 1:16509 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer designMode-enabled information disclosure attempt (browser-ie.rules) * 1:16510 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by CLSID (browser-plugins.rules) * 1:16511 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by ProgID (browser-plugins.rules) * 1:16512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed span/div html document heap corruption attempt (browser-ie.rules) * 1:16534 <-> DISABLED <-> SERVER-OTHER Windows Server2000/2003/2008 SMTP service DNS MX lookup denial of service attempt (server-other.rules) * 1:16537 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (browser-plugins.rules) * 1:16541 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Service stack overflow attempt (os-windows.rules) * 1:16542 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules) * 1:16543 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player codec code execution attempt (file-multimedia.rules) * 1:16545 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules) * 1:16546 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader/Acrobat Pro CFF font parsing heap overflow attempt (file-pdf.rules) * 1:16549 <-> DISABLED <-> FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - npruntime-scriptable-plugin (file-other.rules) * 1:16550 <-> DISABLED <-> FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - java-deployment-toolkit (file-other.rules) * 1:16561 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 1 (file-image.rules) * 1:16562 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 2 (file-image.rules) * 1:16563 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 3 (file-image.rules) * 1:16564 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 4 (file-image.rules) * 1:16576 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix AgentX receive_agentx stack buffer overflow attempt (server-other.rules) * 1:16577 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMBv2 compound request DoS attempt (os-windows.rules) * 1:16584 <-> DISABLED <-> BROWSER-IE Oracle Java Web Start arbitrary command execution attempt - Internet Explorer (browser-ie.rules) * 1:16593 <-> DISABLED <-> FILE-OFFICE Microsoft VBE6.dll stack corruption attempt (file-office.rules) * 1:16595 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail remote code execution attempt (server-mail.rules) * 1:16603 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Linux malformed U3D mesh deceleration block exploit attempt (file-pdf.rules) * 1:16631 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after remove attempt (browser-webkit.rules) * 1:16632 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after reparent attempt (browser-webkit.rules) * 1:16633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules) * 1:16634 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules) * 1:16635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:16638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules) * 1:16639 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules) * 1:16640 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules) * 1:16641 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules) * 1:16643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (file-office.rules) * 1:16644 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules) * 1:16645 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:16646 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules) * 1:16647 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 2 (file-office.rules) * 1:16648 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 1 (file-office.rules) * 1:16650 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 1 (file-office.rules) * 1:16651 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 2 (file-office.rules) * 1:16652 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 3 (file-office.rules) * 1:16653 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 4 (file-office.rules) * 1:16654 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules) * 1:16655 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lbl record stack overflow attempt (file-office.rules) * 1:16656 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 ExternSheet record stack overflow attempt (file-office.rules) * 1:16657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DBQueryExt record memory corruption attempt (file-office.rules) * 1:16658 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 cross-site scripting attempt (browser-ie.rules) * 1:16659 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules) * 1:16661 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules) * 1:16664 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules) * 1:16665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Help Centre escape sequence XSS attempt (os-windows.rules) * 1:16667 <-> DISABLED <-> BROWSER-CHROME Google Chrome GURL cross origin bypass attempt (browser-chrome.rules) * 1:16668 <-> DISABLED <-> BROWSER-CHROME Google Chrome GURL cross origin bypass attempt (browser-chrome.rules) * 1:16673 <-> DISABLED <-> FILE-OTHER Adobe Shockwave DIR file PAMI chunk code execution attempt (file-other.rules) * 1:16674 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:16680 <-> DISABLED <-> APP-DETECT Tandberg VCS SSH default key (app-detect.rules) * 1:16721 <-> DISABLED <-> FILE-OTHER Orbital Viewer .orb stack buffer overflow attempt (file-other.rules) * 1:16767 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player SceneURL ActiveX clsid access (browser-plugins.rules) * 1:16769 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player ActiveX function call access (browser-plugins.rules) * 1:16771 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player WindsPlayerIE.View.1 ActiveX SceneURL method overflow attempt (browser-plugins.rules) * 1:16772 <-> DISABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX clsid access (browser-plugins.rules) * 1:16774 <-> DISABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX function call access (browser-plugins.rules) * 1:16776 <-> DISABLED <-> BROWSER-PLUGINS KeyWorks KeyHelp ActiveX control JumpURL method access attempt (browser-plugins.rules) * 1:16785 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Winds3D Player SceneURL method command execution attempt (browser-plugins.rules) * 1:16801 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll remote memory corruption denial of service attempt (file-pdf.rules) * 1:17034 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt (file-office.rules) * 1:17035 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt (file-office.rules) * 1:17036 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt (file-office.rules) * 1:17038 <-> DISABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 1 (file-office.rules) * 1:17039 <-> DISABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 2 (file-office.rules) * 1:17041 <-> DISABLED <-> SERVER-OTHER ISA Server OTP-based Forms-authorization fallback policy bypass attempt (server-other.rules) * 1:17110 <-> DISABLED <-> APP-DETECT VxWorks remote debugging agent login attempt (app-detect.rules) * 1:17114 <-> DISABLED <-> OS-WINDOWS Microsoft SilverLight ImageSource remote code execution attempt (os-windows.rules) * 1:17117 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-multimedia.rules) * 1:17118 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET CreateDelegate method arbitrary code execution attempt (file-executable.rules) * 1:17119 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority SPRM overflow attempt (file-office.rules) * 1:17120 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules) * 1:17121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules) * 1:17122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules) * 1:17123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format invalid field size memory corruption attempt (file-office.rules) * 1:17124 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word malformed table record memory corruption attempt (file-office.rules) * 1:17126 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB large session length with small packet (os-windows.rules) * 1:17128 <-> DISABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules) * 1:17130 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution (browser-ie.rules) * 1:17131 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 parent style rendering arbitrary code execution (browser-ie.rules) * 1:17132 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access attempt (browser-ie.rules) * 1:17133 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:17134 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:17135 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules) * 1:17136 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6 race condition exploit attempt (browser-ie.rules) * 1:17140 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:17141 <-> DISABLED <-> FILE-FLASH Adobe Flash invalid data precision arbitrary code execution exploit attempt (file-flash.rules) * 1:17142 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules) * 1:17143 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 1 (file-image.rules) * 1:17144 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 2 (file-image.rules) * 1:17145 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ASL file processing buffer overflow attempt (file-image.rules) * 1:17146 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 GRD file processing buffer overflow attempt (file-image.rules) * 1:17147 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt (file-image.rules) * 1:17153 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 1 (browser-firefox.rules) * 1:17154 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 2 (browser-firefox.rules) * 1:17155 <-> DISABLED <-> SERVER-OTHER Multiple vendors OPIE off-by-one stack buffer overflow attempt (server-other.rules) * 1:17165 <-> DISABLED <-> BROWSER-OTHER Opera browser document writing uninitialized memory access attempt (browser-other.rules) * 1:17167 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 1 ActiveX clsid access (browser-plugins.rules) * 1:17169 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 2 ActiveX clsid access (browser-plugins.rules) * 1:17171 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 3 ActiveX clsid access (browser-plugins.rules) * 1:17173 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 4 ActiveX clsid access (browser-plugins.rules) * 1:17175 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 5 ActiveX clsid access (browser-plugins.rules) * 1:17177 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 6 ActiveX clsid access (browser-plugins.rules) * 1:17179 <-> DISABLED <-> FILE-OTHER Adobe Director file pamm record exploit attempt (file-other.rules) * 1:17180 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules) * 1:17181 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules) * 1:17182 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules) * 1:17183 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules) * 1:17184 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules) * 1:17185 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17186 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17187 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17188 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17189 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules) * 1:17190 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17191 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17192 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17193 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:17194 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC tag exploit attempt (file-other.rules) * 1:17196 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules) * 1:17197 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules) * 1:17198 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules) * 1:17200 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM overflow attempt (file-other.rules) * 1:17202 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:17203 <-> DISABLED <-> FILE-OTHER Adobe Director file file rcsL overflow attempt (file-other.rules) * 1:17204 <-> DISABLED <-> FILE-OTHER Adobe Director file mmap overflow attempt (file-other.rules) * 1:17205 <-> DISABLED <-> PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - udp (protocol-rpc.rules) * 1:17206 <-> DISABLED <-> PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - tcp (protocol-rpc.rules) * 1:17211 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime marshaled punk remote code execution (file-multimedia.rules) * 1:17239 <-> DISABLED <-> SERVER-MAIL Multiple IMAP server CREATE command buffer overflow attempt (server-mail.rules) * 1:17240 <-> DISABLED <-> SERVER-MAIL Multiple IMAP server literal CREATE command buffer overflow attempt (server-mail.rules) * 1:17252 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Print Spooler arbitrary file write attempt (os-windows.rules) * 1:17256 <-> DISABLED <-> OS-WINDOWS Microsoft Windows uniscribe fonts parsing memory corruption attempt (os-windows.rules) * 1:17257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and Reader remote code execution attempt (file-flash.rules) * 1:17609 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:17660 <-> DISABLED <-> SERVER-OTHER Oracle Java Web Start arbitrary command execution attempt (server-other.rules) * 1:17674 <-> DISABLED <-> BROWSER-PLUGINS Skype Extras Manager ActiveX clsid access (browser-plugins.rules) * 1:17676 <-> DISABLED <-> BROWSER-PLUGINS Skype Extras Manager ActiveX function call access (browser-plugins.rules) * 1:17696 <-> DISABLED <-> PROTOCOL-DNS Microsoft Windows DNS Server ANY query cache weakness (protocol-dns.rules) * 1:17723 <-> DISABLED <-> OS-WINDOWS possible SMB replay attempt - overlapping encryption keys detected (os-windows.rules) * 1:17742 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules) * 1:17747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer compressed HDMX font processing integer overflow attempt (browser-ie.rules) * 1:17754 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word bookmark bound check remote code execution attempt (file-office.rules) * 1:17755 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (file-office.rules) * 1:17756 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XP PLFLSInTableStream heap overflow attempt (file-office.rules) * 1:17757 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel CrErr record integer overflow attempt (file-office.rules) * 1:17758 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules) * 1:17759 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid SerAr object exploit attempt (file-office.rules) * 1:17760 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules) * 1:17763 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel GhostRw record exploit attempt (file-office.rules) * 1:17764 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:17768 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 object event handler use after free exploit attempt (browser-ie.rules) * 1:17769 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CSS invalid mapping exploit attempt (browser-ie.rules) * 1:17770 <-> DISABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules) * 1:17773 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player Firefox plugin memory corruption attempt (file-multimedia.rules) * 1:17803 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:17804 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules) * 1:17806 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:17807 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:17808 <-> DISABLED <-> FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (file-flash.rules) * 1:18064 <-> DISABLED <-> BROWSER-PLUGINS Microsoft .NET framework EntityObject execution attempt (browser-plugins.rules) * 1:18065 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules) * 1:18066 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules) * 1:18068 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (file-office.rules) * 1:18069 <-> DISABLED <-> FILE-OFFICE Microsoft Office Art drawing invalid shape identifier attempt (file-office.rules) * 1:18070 <-> DISABLED <-> FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt (file-office.rules) * 1:18071 <-> DISABLED <-> FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt (file-office.rules) * 1:18097 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:18102 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules) * 1:18180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript remote code execution attempt (file-flash.rules) * 1:18196 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (browser-ie.rules) * 1:18197 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:18198 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:18199 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:18200 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:18202 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book smmscrpt.dll malicious DLL load (os-windows.rules) * 1:18203 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book smmscrpt.dll malicious DLL load (os-windows.rules) * 1:18204 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (os-windows.rules) * 1:18205 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (os-windows.rules) * 1:18206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (os-windows.rules) * 1:18207 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (os-windows.rules) * 1:18208 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wininet peerdist.dll dll-load exploit attempt (os-windows.rules) * 1:18212 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher tyo.oty field heap overflow attempt (file-office.rules) * 1:18213 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher column and row remote code execution attempt (file-office.rules) * 1:18214 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 97 conversion remote code execution attempt (file-office.rules) * 1:18216 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6 #default#anim attempt (browser-ie.rules) * 1:18217 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer select element memory corruption attempt (browser-ie.rules) * 1:18218 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer time element memory corruption attempt (browser-ie.rules) * 1:18220 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malformed character glyph remote code execution attempt (os-windows.rules) * 1:18221 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table remote code execution attempt (browser-ie.rules) * 1:18222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules) * 1:18224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules) * 1:18227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules) * 1:18229 <-> DISABLED <-> FILE-IMAGE Microsoft FlashPix tile length overflow attempt (file-image.rules) * 1:18230 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher memory corruption attempt (file-office.rules) * 1:18231 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher oversized oti length attempt (file-office.rules) * 1:18233 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Adobe Font Driver code execution attempt (file-office.rules) * 1:18235 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules) * 1:18236 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFFIM32.FLT filter memory corruption attempt (file-office.rules) * 1:18237 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Flashpix graphics filter fpx32.flt remote code execution attempt (file-image.rules) * 1:18240 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (browser-ie.rules) * 1:18241 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:18242 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules) * 1:18243 <-> DISABLED <-> SERVER-IIS Microsoft Windows 7 IIS7.5 FTPSVC buffer overflow attempt (server-iis.rules) * 1:18244 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules) * 1:18245 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java browser plugin docbase overflow attempt (browser-plugins.rules) * 1:18249 <-> DISABLED <-> PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Route Information stack buffer overflow attempt (protocol-icmp.rules) * 1:18265 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:18276 <-> DISABLED <-> FILE-OTHER Microsoft Data Access Components library attempt (file-other.rules) * 1:18277 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (os-windows.rules) * 1:18278 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (os-windows.rules) * 1:18280 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer oversize recordset object cache size exploit attempt (browser-ie.rules) * 1:18308 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (file-pdf.rules) * 1:18323 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX clsid access (browser-plugins.rules) * 1:18324 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX function call access (browser-plugins.rules) * 1:18327 <-> DISABLED <-> PROTOCOL-SCADA Kingview HMI heap overflow attempt (protocol-scada.rules) * 1:18329 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules) * 1:18398 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:18400 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CRSS local process allowed to persist through logon or logoff attempt (os-windows.rules) * 1:18401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Base64 encoded script overflow attempt (browser-ie.rules) * 1:18402 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD Adobe font driver remote code execution attempt (file-other.rules) * 1:18404 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer document.insertBefore memory corruption attempt (browser-ie.rules) * 1:18409 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys write message to dead thread code execution attempt (os-windows.rules) * 1:18410 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys write message to dead thread code execution attempt (os-windows.rules) * 1:18411 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k!xxxTrackPopupMenuEx privilege escalation attempt (os-windows.rules) * 1:18412 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k!xxxTrackPopupMenuEx privilege escalation attempt (os-windows.rules) * 1:18414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos auth downgrade to DES MITM attempt (os-windows.rules) * 1:18415 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio deserialization double free attempt (file-office.rules) * 1:18416 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (file-office.rules) * 1:18417 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (file-office.rules) * 1:18418 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript apply function memory corruption attempt (file-flash.rules) * 1:18419 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader field flags exploit attempt (file-pdf.rules) * 1:18420 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript ASnative function remote code execution attempt (file-flash.rules) * 1:18421 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript beginGradientFill memory corruption attempt (file-flash.rules) * 1:18448 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules) * 1:18449 <-> DISABLED <-> FILE-OTHER Adobe Acrobat font definition memory corruption attempt (file-other.rules) * 1:18450 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed BMP RGBQUAD attempt (file-pdf.rules) * 1:18451 <-> DISABLED <-> FILE-PDF Adobe Acrobat ICC color integer overflow attempt (file-pdf.rules) * 1:18453 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:18454 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:18455 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed jpeg2000 superbox attempt (file-pdf.rules) * 1:18457 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules) * 1:18460 <-> DISABLED <-> SERVER-WEBAPP Symantec Alert Management System pin number buffer overflow attempt (server-webapp.rules) * 1:18461 <-> DISABLED <-> SERVER-MAIL IBM Lotus Domino nrouter.exe iCalendar MAILTO stack buffer overflow attempt (server-mail.rules) * 1:18462 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules) * 1:18463 <-> DISABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules) * 1:18488 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules) * 1:18489 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules) * 1:18496 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension ehtrace.dll dll-load exploit attempt (os-windows.rules) * 1:18497 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension ehtrace.dll dll-load exploit attempt (os-windows.rules) * 1:18498 <-> DISABLED <-> FILE-OTHER Microsoft Media Player dvr-ms file parsing remote code execution attempt (file-other.rules) * 1:18499 <-> DISABLED <-> OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (os-windows.rules) * 1:18500 <-> DISABLED <-> OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (os-windows.rules) * 1:18501 <-> DISABLED <-> OS-WINDOWS Microsoft Malware Protection Engine elevation of privilege attempt (os-windows.rules) * 1:18502 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Actionlf out of range negative offset attempt (file-flash.rules) * 1:18503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript flash.geom.Point constructor memory corruption attempt (file-flash.rules) * 1:18504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionConstantPool overflow attempt (file-flash.rules) * 1:18505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionPush overflow attempt (file-flash.rules) * 1:18506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules) * 1:18507 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules) * 1:18525 <-> DISABLED <-> SERVER-OTHER Lotus Domino LDAP Heap Buffer Overflow Attempt (server-other.rules) * 1:18529 <-> DISABLED <-> FILE-OTHER Adobe Premiere Pro ibfs32.dll dll-load exploit attempt (file-other.rules) * 1:18530 <-> DISABLED <-> FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt (file-other.rules) * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules) * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules) * 1:18536 <-> DISABLED <-> FILE-OFFICE OpenOffice.org Microsoft Office Word file processing integer underflow attempt (file-office.rules) * 1:18537 <-> DISABLED <-> FILE-OTHER OpenOffice.org XPM file processing integer overflow attempt (file-other.rules) * 1:18538 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:18539 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (browser-ie.rules) * 1:18541 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 3 (file-office.rules) * 1:18542 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (browser-plugins.rules) * 1:18543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:18544 <-> DISABLED <-> FILE-FLASH embedded Shockwave dropper in email attachment (file-flash.rules) * 1:18557 <-> DISABLED <-> PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (protocol-rpc.rules) * 1:18558 <-> DISABLED <-> PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (protocol-rpc.rules) * 1:18559 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules) * 1:18560 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules) * 1:18578 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL cdda URI overflow attempt (browser-plugins.rules) * 1:18611 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:18612 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:18613 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules) * 1:18624 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET framework optimizer escalation attempt (os-windows.rules) * 1:18630 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (file-office.rules) * 1:18631 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (file-office.rules) * 1:18632 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed Label record exploit attempt (file-office.rules) * 1:18634 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (file-office.rules) * 1:18635 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:18636 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint SlideAtom record exploit attempt (file-office.rules) * 1:18637 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint OfficeArt atom memory corruption attempt (file-office.rules) * 1:18638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:18642 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules) * 1:18643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules) * 1:18644 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType Fonts CompactFontFormat FontMatrix tranform memory corruption attempt (file-other.rules) * 1:18645 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (file-image.rules) * 1:18648 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file upload/download attempt (protocol-scada.rules) * 1:18649 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file operation overflow attempt (protocol-scada.rules) * 1:18651 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe report template overflow attempt (protocol-scada.rules) * 1:18654 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe format string attempt (protocol-scada.rules) * 1:18656 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe strep overflow attempt (protocol-scada.rules) * 1:18657 <-> DISABLED <-> PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (protocol-scada.rules) * 1:18659 <-> DISABLED <-> PROTOCOL-SCADA RealWin 2.1 SCPC_INITIALIZE overflow attempt (protocol-scada.rules) * 1:18668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (browser-plugins.rules) * 1:18670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:18671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:18672 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-ie.rules) * 1:18679 <-> DISABLED <-> SERVER-OTHER Oracle Java Applet2ClassLoader Remote Code Execution (server-other.rules) * 1:18740 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules) * 1:18745 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs buffer overflow attempt (server-webapp.rules) * 1:18754 <-> DISABLED <-> SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (server-other.rules) * 1:18755 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Data Type Memory Corruption (file-office.rules) * 1:18759 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - POST (server-webapp.rules) * 1:18760 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - GET (server-webapp.rules) * 1:18764 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules) * 1:18768 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent RRULE parsing buffer overflow attempt (server-mail.rules) * 1:18771 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules) * 1:18772 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules) * 1:18776 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director pamm chunk memory corruption attempt (file-other.rules) * 1:18790 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe overflow attempt (server-other.rules) * 1:18795 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovet_demandpoll.exe format string execution attempt (server-webapp.rules) * 1:18796 <-> DISABLED <-> SERVER-WEBAPP Novell iManager ClassName handling overflow attempt (server-webapp.rules) * 1:18797 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration property_box.php other variable command execution attempt (server-webapp.rules) * 1:18801 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JpxDecode invalid crgn memory corruption attempt (file-pdf.rules) * 1:18802 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs directory traversal attempt (server-webapp.rules) * 1:18805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player undefined tag exploit attempt (file-flash.rules) * 1:18806 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules) * 1:1881 <-> DISABLED <-> SERVER-WEBAPP bad HTTP 1.1 request - potential worm attack (server-webapp.rules) * 1:18903 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit Rendering Counter Code Execution (browser-webkit.rules) * 1:18905 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18906 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18907 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18908 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18909 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18910 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18911 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18912 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18913 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18914 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18915 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18916 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18917 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18918 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18919 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18920 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18921 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18922 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18923 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18924 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18925 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules) * 1:18926 <-> DISABLED <-> PROTOCOL-SNMP Multiple vendors AgentX receive_agentx integer overflow attempt (protocol-snmp.rules) * 1:18928 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules) * 1:18929 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration objectname variable command injection attempt (server-oracle.rules) * 1:18930 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe Template format string code execution attempt (server-webapp.rules) * 1:18948 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules) * 1:18950 <-> DISABLED <-> OS-WINDOWS Microsoft WINS service oversize payload exploit attempt (os-windows.rules) * 1:18952 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules) * 1:18953 <-> DISABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules) * 1:18954 <-> DISABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules) * 1:18957 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (browser-webkit.rules) * 1:18958 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (browser-webkit.rules) * 1:18960 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise agents HTTP request remote code execution attempt (server-webapp.rules) * 1:18961 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:18962 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:18963 <-> DISABLED <-> FILE-FLASH Adobe ActionScript 3 addEventListener exploit attempt (file-flash.rules) * 1:18964 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules) * 1:18965 <-> DISABLED <-> FILE-FLASH Adobe Flash file ActionScript 2 ActionJump remote code execution attempt (file-flash.rules) * 1:18966 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules) * 1:18967 <-> DISABLED <-> FILE-FLASH Adobe ActionScript argumentCount download attempt (file-flash.rules) * 1:18968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript3 stack integer overflow attempt (file-flash.rules) * 1:18969 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript ActionIf integer overflow attempt (file-flash.rules) * 1:18970 <-> DISABLED <-> FILE-FLASH Adobe Flash Player null pointer dereference attempt (file-flash.rules) * 1:18971 <-> DISABLED <-> FILE-FLASH Adobe Flash beginGradientfill improper color validation attempt (file-flash.rules) * 1:18972 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration selector variable command injection attempt (server-oracle.rules) * 1:18973 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit button first-letter style rendering code execution attempt (browser-webkit.rules) * 1:18974 <-> DISABLED <-> BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX function call attempt (browser-plugins.rules) * 1:18975 <-> DISABLED <-> BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX function call access (browser-plugins.rules) * 1:18985 <-> DISABLED <-> POLICY-OTHER CA ARCserve Axis2 default credential login attempt (policy-other.rules) * 1:18992 <-> DISABLED <-> FILE-FLASH Adobe Flash Player content parsing execution attempt (file-flash.rules) * 1:18993 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager server name exploit attempt (server-webapp.rules) * 1:18994 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules) * 1:18998 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules) * 1:18999 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (server-webapp.rules) * 1:19002 <-> DISABLED <-> FILE-FLASH RealNetworks RealPlayer FLV parsing two integer overflow vulnerabilities (file-flash.rules) * 1:19003 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules) * 1:19004 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules) * 1:19008 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point conversion memory corruption attempt (browser-webkit.rules) * 1:19011 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules) * 1:19012 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules) * 1:19013 <-> DISABLED <-> PROTOCOL-TFTP HP Intelligent Management Center TFTP server MODE remote code execution attempt - WRQ (protocol-tftp.rules) * 1:19014 <-> DISABLED <-> PROTOCOL-TFTP HP Intelligent Management Center TFTP server MODE remote code execution attempt - RRQ (protocol-tftp.rules) * 1:19063 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules) * 1:19064 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font index remote code execution attempt (file-other.rules) * 1:19071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19076 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:19077 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:19078 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules) * 1:19080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19082 <-> DISABLED <-> FILE-PDF Adobe Flash Player memory corruption attempt (file-pdf.rules) * 1:19083 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19084 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules) * 1:19095 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (browser-webkit.rules) * 1:19096 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (browser-webkit.rules) * 1:19097 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit ContentEditable code execution attempt (browser-webkit.rules) * 1:19098 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit ContentEditable code exeuction attempt (browser-webkit.rules) * 1:19099 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari CSS font format corruption attempt (browser-webkit.rules) * 1:19102 <-> DISABLED <-> BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX clsid access (browser-plugins.rules) * 1:19103 <-> DISABLED <-> BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX function call access (browser-plugins.rules) * 1:19112 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D stucture heap overflow (file-other.rules) * 1:19113 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 81 overflow attempt (file-other.rules) * 1:19114 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 45 overflow attempt (file-other.rules) * 1:19115 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 89 overflow attempt (file-other.rules) * 1:19117 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D integer overflow (file-pdf.rules) * 1:19118 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader script injection vulnerability (file-pdf.rules) * 1:19120 <-> DISABLED <-> SERVER-OTHER IBM Informix DBINFO stack buffer overflow (server-other.rules) * 1:19121 <-> DISABLED <-> SERVER-OTHER IBM Informix EXPLAIN stack buffer overflow attempt (server-other.rules) * 1:19126 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules) * 1:19127 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules) * 1:19130 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Paint jpeg with malformed SOFx field integer overflow attempt (file-image.rules) * 1:19131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:19132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:19133 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules) * 1:19134 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules) * 1:19136 <-> DISABLED <-> SERVER-WEBAPP CA XOsoft Multiple Products entry_point.aspx buffer overflow attempt (server-webapp.rules) * 1:19137 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI ICount parameter buffer overflow attempt (server-webapp.rules) * 1:19138 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (server-webapp.rules) * 1:19139 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI MaxAge parameter buffer overflow attempt (server-webapp.rules) * 1:19140 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM snmpviewer.exe CGI parameter buffer overflow attempt (server-webapp.rules) * 1:19141 <-> DISABLED <-> FILE-OFFICE Microsoft Access Wizard control memory corruption ActiveX clsid access (file-office.rules) * 1:19143 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player JPG header record mismatch memory corruption attempt (file-multimedia.rules) * 1:19144 <-> DISABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules) * 1:19145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:19146 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules) * 1:19147 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:19148 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player SWF file MP4 data parsing memory corruption attempt (file-multimedia.rules) * 1:19149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules) * 1:19150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules) * 1:19151 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX clsid access (browser-plugins.rules) * 1:19152 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX function call access (browser-plugins.rules) * 1:19153 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word malformed index code execution attempt (file-office.rules) * 1:19154 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray parsing attempt (file-office.rules) * 1:19156 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:19169 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer vidplin.dll avi header parsing execution attempt (file-multimedia.rules) * 1:19170 <-> DISABLED <-> FILE-OTHER Microsoft Windows .NET Framework XAML browser applications stack corruption (file-other.rules) * 1:19173 <-> DISABLED <-> PROTOCOL-RPC CDE Calendar Manager service memory corruption attempt (protocol-rpc.rules) * 1:19180 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:19181 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe uninitialized memory corruption attempt (browser-ie.rules) * 1:19183 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules) * 1:19184 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (os-windows.rules) * 1:19185 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET ArraySegment escape exploit attempt (os-windows.rules) * 1:19188 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules) * 1:19189 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules) * 1:19193 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX clsid access (browser-plugins.rules) * 1:19194 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules) * 1:19195 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules) * 1:19196 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD Adobe font driver remote code execution attempt (os-windows.rules) * 1:19197 <-> DISABLED <-> BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX clsid access (browser-plugins.rules) * 1:19198 <-> DISABLED <-> BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX function call access (browser-plugins.rules) * 1:19199 <-> DISABLED <-> OS-WINDOWS Smb2Create_Finalize malformed EndOfFile field exploit attempt (os-windows.rules) * 1:19200 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff exploit attempt (file-office.rules) * 1:19209 <-> DISABLED <-> SERVER-WEBAPP Symantec Alert Management System modem string buffer overflow attempt (server-webapp.rules) * 1:19210 <-> DISABLED <-> SERVER-OTHER IBM Informix Dynamic Server set environment buffer overflow attempt (server-other.rules) * 1:19216 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules) * 1:19217 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules) * 1:19219 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules) * 1:19220 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules) * 1:19221 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules) * 1:19222 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:19225 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules) * 1:19226 <-> DISABLED <-> FILE-OTHER Cisco Webex Player .wrf stack buffer overflow (file-other.rules) * 1:19227 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Scenario heap memory overflow (file-office.rules) * 1:19228 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration preauth variable command injection attempt (server-webapp.rules) * 1:19229 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:19230 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules) * 1:19231 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Series record exploit attempt (file-office.rules) * 1:19232 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel XF record exploit attempt (file-office.rules) * 1:19235 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer copy/paste memory corruption attempt (browser-ie.rules) * 1:19236 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer drag event memory corruption attempt (browser-ie.rules) * 1:19237 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:19238 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 self remove from markup vulnerability (browser-ie.rules) * 1:19240 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7/8 reload stylesheet attempt (browser-ie.rules) * 1:19243 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:19245 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (browser-ie.rules) * 1:19246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS expression defined to empty selection attempt (browser-ie.rules) * 1:19247 <-> DISABLED <-> FILE-IMAGE Adobe jpeg 2000 image exploit attempt (file-image.rules) * 1:19248 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D texture continuation integer overflow attempt (file-pdf.rules) * 1:19249 <-> DISABLED <-> FILE-FLASH Adobe Universal3D meshes.removeItem exploit attempt (file-flash.rules) * 1:19250 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D file include overflow attempt (file-pdf.rules) * 1:19251 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CIDFont dictionary glyph width corruption attempt (file-pdf.rules) * 1:19253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious language.engtesselate.ln file download attempt (file-pdf.rules) * 1:19254 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript in PDF go-to actions exploit attempt (file-pdf.rules) * 1:19255 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC ProfileDescriptionTag overflow attempt (file-pdf.rules) * 1:19257 <-> DISABLED <-> FILE-FLASH Adobe ActionScript float index memory corruption attempt (file-flash.rules) * 1:19258 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:19260 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (file-office.rules) * 1:19261 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 invalid Selection.cref exploit attempt (file-office.rules) * 1:19262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:19263 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:19264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:19265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:19266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:19268 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules) * 1:19269 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules) * 1:19292 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:19293 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:19294 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (file-office.rules) * 1:19295 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules) * 1:19296 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules) * 1:19303 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:19306 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher pubconv.dll corruption attempt (file-office.rules) * 1:19308 <-> DISABLED <-> FILE-OTHER Microsoft Windows embedded OpenType EOT font integer overflow attempt (file-other.rules) * 1:19313 <-> DISABLED <-> SERVER-OTHER Symantec Antivirus Intel Service DoS Attempt (server-other.rules) * 1:19314 <-> DISABLED <-> OS-WINDOWS Groove GroovePerfmon.dll dll-load exploit attempt (os-windows.rules) * 1:19315 <-> DISABLED <-> OS-WINDOWS Microsoft Groove GroovePerfmon.dll dll-load exploit attempt (os-windows.rules) * 1:19317 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmTDiagLine80 record parsing stack buffer overflow attempt (file-office.rules) * 1:19321 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products nsCSSValue Array Index Integer Overflow (browser-firefox.rules) * 1:19403 <-> DISABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules) * 1:19405 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:19406 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:19407 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:19408 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules) * 1:19412 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record parsing memory corruption (file-office.rules) * 1:19413 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules) * 1:19414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules) * 1:19436 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CStyleSheetRule array memory corruption attempt (browser-ie.rules) * 1:19441 <-> DISABLED <-> SERVER-WEBAPP Oracle Virtual Server Agent command injection attempt (server-webapp.rules) * 1:19442 <-> DISABLED <-> FILE-OFFICE Microsoft Office embedded Office Art drawings execution attempt (file-office.rules) * 1:19451 <-> DISABLED <-> SERVER-OTHER Oracle VM server agent command injection (server-other.rules) * 1:19452 <-> DISABLED <-> SERVER-OTHER Oracle VM server agent command injection (server-other.rules) * 1:19466 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio mfc71 dll-load exploit attempt (file-office.rules) * 1:19646 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:19647 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:19648 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:19649 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center dbman buffer overflow attempt (server-other.rules) * 1:19670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer telnet.exe file load exploit attempt (browser-ie.rules) * 1:19671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules) * 1:19672 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer stylesheet dynamic access memory corruption attempt (browser-ie.rules) * 1:19674 <-> DISABLED <-> OS-WINDOWS Microsoft Data Access Components bidlab.dll dll-load exploit attempt (os-windows.rules) * 1:19675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid UMLString data length exploit attempt (file-office.rules) * 1:19676 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid UMLDTOptions object exploit attempt (file-office.rules) * 1:19677 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules) * 1:19682 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (file-flash.rules) * 1:19683 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 buffer overflow attempt (file-flash.rules) * 1:19684 <-> DISABLED <-> FILE-OTHER Adobe CFF font storage memory corruption attempt (file-other.rules) * 1:19685 <-> DISABLED <-> FILE-FLASH Adobe Flash regular expression grouping depth buffer overflow attempt (file-flash.rules) * 1:19686 <-> DISABLED <-> FILE-FLASH Adobe Flash uninitialized bitmap structure memory corruption attempt (file-flash.rules) * 1:19687 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionStoreRegister instruction length invalidation attempt (file-flash.rules) * 1:19688 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript BitmapData buffer overflow attempt (file-flash.rules) * 1:19689 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript dynamic calculation double-free attempt (file-flash.rules) * 1:19690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript duplicateDoorInputArguments stack overwrite (file-flash.rules) * 1:19691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript File reference buffer overflow attempt (file-flash.rules) * 1:19693 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules) * 1:19707 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules) * 1:19713 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:19714 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:1975 <-> DISABLED <-> PROTOCOL-FTP DELE overflow attempt (protocol-ftp.rules) * 1:19806 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (browser-webkit.rules) * 1:19807 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (browser-webkit.rules) * 1:19808 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules) * 1:19811 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:19812 <-> DISABLED <-> SERVER-OTHER CA Total Defense Suite UNCWS getDBConfigSettings credential information disclosure attempt (server-other.rules) * 1:19813 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter Agent XMLK parsing stack bugger overflow attempt (server-webapp.rules) * 1:19817 <-> DISABLED <-> NETBIOS Juniper Odyssey Access Client DSSETUPSERVICE_CMD_UNINSTALL overflow attempt (netbios.rules) * 1:19873 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules) * 1:19883 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player libdirectx_plugin.dll AMV parsing buffer overflow attempt (file-multimedia.rules) * 1:19892 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System modem string buffer overflow attempt (server-other.rules) * 1:19893 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Tabular Control ActiveX overflow by CLSID / param tag (browser-plugins.rules) * 1:19894 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint unbound memcpy and remote code execution attempt (file-office.rules) * 1:19910 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules) * 1:19911 <-> DISABLED <-> FILE-OTHER Microsoft SYmbolic LinK stack overflow attempt (file-other.rules) * 1:19925 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX client browser plugin call-back-url buffer overflow attempt (browser-plugins.rules) * 1:19937 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules) * 1:19938 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Directory Server ibmslapd.exe stack buffer overflow attempt (server-other.rules) * 1:19956 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker project file heap buffer overflow attempt (file-multimedia.rules) * 1:20029 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules) * 1:20030 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file operation directory traversal attempt (protocol-scada.rules) * 1:20031 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:20049 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:20050 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory consumption vulnerability (file-flash.rules) * 1:20051 <-> DISABLED <-> SERVER-OTHER SAP MaxDB malformed handshake request buffer overflow attempt (server-other.rules) * 1:20072 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules) * 1:20073 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules) * 1:20118 <-> DISABLED <-> OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (os-windows.rules) * 1:20119 <-> DISABLED <-> OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (os-windows.rules) * 1:20123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules) * 1:20124 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record attempt (file-office.rules) * 1:20125 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:20126 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:20127 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Conditional Formatting record vulnerability (file-office.rules) * 1:20128 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules) * 1:20129 <-> DISABLED <-> FILE-OFFICE Microsoft Office BpscBulletProof uninitialized pointer dereference attempt (file-office.rules) * 1:20134 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector buffer overflow attempt (server-webapp.rules) * 1:20142 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader app.openDoc path vulnerability (file-pdf.rules) * 1:20144 <-> DISABLED <-> FILE-PDF Adobe Acrobat embedded TIFF DotRange structure memory corruption attempt (file-pdf.rules) * 1:20145 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules) * 1:20147 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules) * 1:20148 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (file-pdf.rules) * 1:20149 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded IFF file RGBA chunk memory corruption attempt (file-pdf.rules) * 1:20150 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded PCX parsing corruption attempt (file-pdf.rules) * 1:20152 <-> DISABLED <-> FILE-PDF Adobe Acrobat GDI object leak memory corruption attempt (file-pdf.rules) * 1:20153 <-> DISABLED <-> FILE-PDF Adobe Acrobat embedded JPEG file APP0 chunk memory corruption attempt (file-pdf.rules) * 1:20154 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:20155 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (file-pdf.rules) * 1:20156 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getCosObj file overwrite attempt (file-pdf.rules) * 1:20157 <-> DISABLED <-> SERVER-ORACLE Oracle GlassFish Server war file upload attempt (server-oracle.rules) * 1:20158 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Server default credentials login attempt (server-webapp.rules) * 1:20159 <-> ENABLED <-> SERVER-WEBAPP Oracle GlassFish Server authentication bypass attempt (server-webapp.rules) * 1:20160 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Server successful authentication bypass attempt (server-webapp.rules) * 1:20168 <-> DISABLED <-> BROWSER-PLUGINS ChemView SaveAsMolFile vulnerability ActiveX clsid access (browser-plugins.rules) * 1:20169 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules) * 1:20170 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules) * 1:20171 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (file-pdf.rules) * 1:20176 <-> DISABLED <-> PROTOCOL-SCADA DAQFactory NETB protcol stack overflow attempt (protocol-scada.rules) * 1:20181 <-> DISABLED <-> FILE-FLASH Adobe Flash Speex-encoded audio buffer underflow attempt (file-flash.rules) * 1:20206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pcre ActionScript under allocation (file-flash.rules) * 1:20207 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20208 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20209 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20210 <-> DISABLED <-> PROTOCOL-SCADA Cogent unicode buffer overflow attempt (protocol-scada.rules) * 1:20211 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursive stack overflow attempt (file-flash.rules) * 1:20214 <-> DISABLED <-> PROTOCOL-SCADA Measuresoft ScadaPro msvcrt.dll local command execution attempt (protocol-scada.rules) * 1:20215 <-> DISABLED <-> PROTOCOL-SCADA Measuresoft ScadaPro directory traversal file operation attempt (protocol-scada.rules) * 1:20227 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC webm memory corruption attempt (file-multimedia.rules) * 1:20246 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:20247 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules) * 1:20255 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight inheritance restriction bypass (browser-plugins.rules) * 1:20259 <-> DISABLED <-> FILE-OTHER Microsoft Agent Helper Malicious JAR download attempt (file-other.rules) * 1:20263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer htmlfile null attribute access attempt (browser-ie.rules) * 1:20264 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer form selection reset attempt (browser-ie.rules) * 1:20265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer null attribute DoS attempt (browser-ie.rules) * 1:20266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Javascript negative option index attack attempt (browser-ie.rules) * 1:20267 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer circular reference exploit attempt (browser-ie.rules) * 1:20268 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules) * 1:20273 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer jscript9 parsing corruption attempt (browser-ie.rules) * 1:20288 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer QCP parsing buffer overflow attempt (file-multimedia.rules) * 1:20430 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start BasicServiceImpl security policy bypass attempt (file-java.rules) * 1:20431 <-> DISABLED <-> FILE-OTHER Wireshark DECT packet dissector overflow attempt (file-other.rules) * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules) * 1:20530 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (server-webapp.rules) * 1:20531 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (server-webapp.rules) * 1:20532 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Storage Data Protector get file buffer overflow attempt (server-webapp.rules) * 1:20545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF embedded font null pointer attempt (file-flash.rules) * 1:20547 <-> DISABLED <-> FILE-FLASH Adobe Flash Player overlapping record overflow attempt (file-flash.rules) * 1:20548 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursive doaction stack exhaustion (file-flash.rules) * 1:20549 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion attempt (file-flash.rules) * 1:20550 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Mover3D clipping exploit (file-flash.rules) * 1:20551 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Stage 3D texture format overflow attempt (file-flash.rules) * 1:20555 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules) * 1:20556 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PlaceObjectX null pointer dereference attempt (file-flash.rules) * 1:20557 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionDefineFunction2 length overflow attempt (file-flash.rules) * 1:2056 <-> DISABLED <-> SERVER-WEBAPP TRACE attempt (server-webapp.rules) * 1:20560 <-> DISABLED <-> FILE-FLASH Adobe Flash Player salign null javascript access attempt (file-flash.rules) * 1:20567 <-> DISABLED <-> FILE-FLASH Adobe Flash SWF AVM2 namespace lookup deref exploit (file-flash.rules) * 1:20568 <-> DISABLED <-> FILE-FLASH Adobe Flash SWF ActionScript 3 ByteArray class vulnerability (file-flash.rules) * 1:20572 <-> DISABLED <-> FILE-OTHER Microsoft Windows Font Library file buffer overflow attempt (file-other.rules) * 1:20581 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:20582 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:20590 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:20600 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products SVG text content element getCharNumAtPosition use after free attempt (browser-firefox.rules) * 1:20607 <-> DISABLED <-> SERVER-OTHER Novell Groupwise internet agent http uri buffer overflow attempt (server-other.rules) * 1:20608 <-> DISABLED <-> SERVER-OTHER Novell Groupwise internet agent http uri buffer overflow attempt (server-other.rules) * 1:20622 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules) * 1:20628 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector FinishedCopy SQL Injection attempt (server-webapp.rules) * 1:20634 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules) * 1:20635 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector GetPolicies SQL Injection attempt (server-webapp.rules) * 1:20636 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules) * 1:20637 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules) * 1:20638 <-> DISABLED <-> PROTOCOL-SCADA Progea Movicon/PowerHMI EIDP over HTTP memory corruption attempt (protocol-scada.rules) * 1:20691 <-> DISABLED <-> POLICY-OTHER Cisco Network Registrar default credentials authentication attempt (policy-other.rules) * 1:20692 <-> DISABLED <-> POLICY-OTHER Cisco network registrar default credentials authentication attempt (policy-other.rules) * 1:20704 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer defaulttime behavior attack attempt (browser-plugins.rules) * 1:20705 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (browser-plugins.rules) * 1:20706 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (browser-plugins.rules) * 1:20707 <-> DISABLED <-> BROWSER-PLUGINS Dell IT Assistant ActiveX clsid access (browser-plugins.rules) * 1:20708 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules) * 1:20709 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20710 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20711 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20712 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20713 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20714 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20715 <-> DISABLED <-> BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (browser-plugins.rules) * 1:20716 <-> DISABLED <-> BROWSER-PLUGINS Yahoo! CD Player ActiveX clsid access (browser-plugins.rules) * 1:20717 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE versioned stream missing data stream (file-office.rules) * 1:20718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (file-office.rules) * 1:20719 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:20720 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:20721 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher PLC object memory corruption attempt (file-office.rules) * 1:20722 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:20734 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player digital video recording buffer overflow attempt (file-multimedia.rules) * 1:20735 <-> DISABLED <-> FILE-OTHER Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation of privileges attempt (file-other.rules) * 1:20758 <-> DISABLED <-> POLICY-OTHER Progrea Movicon TCPUploadServer.exe unauthenticated access attempt (policy-other.rules) * 1:20761 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector buffer overflow attempt (server-other.rules) * 1:20766 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20767 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:20768 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20769 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20770 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20771 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20772 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20773 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20774 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20775 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20776 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules) * 1:20777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:20786 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20787 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20788 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20789 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules) * 1:20802 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PRC file MarkupLinkedItem arbitrary code execution attempt (file-pdf.rules) * 1:20804 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20805 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20806 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20807 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20808 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20809 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20810 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20811 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules) * 1:20812 <-> DISABLED <-> PROTOCOL-TELNET FreeBSD telnetd enc_keyid overflow attempt (protocol-telnet.rules) * 1:20813 <-> DISABLED <-> PROTOCOL-TELNET FreeBSD telnetd dec_keyid overflow attempt (protocol-telnet.rules) * 1:20822 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt malicious string (browser-ie.rules) * 1:20829 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules) * 1:20842 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:20843 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:20875 <-> DISABLED <-> BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (browser-plugins.rules) * 1:20878 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules) * 1:20880 <-> DISABLED <-> FILE-OFFICE Microsoft DirectShow Line 21 decoder exploit attempt (file-office.rules) * 1:20889 <-> DISABLED <-> FILE-OTHER Video Spirit visprj buffer overflow (file-other.rules) * 1:20900 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:20902 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules) * 1:20903 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules) * 1:20904 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules) * 1:20997 <-> DISABLED <-> BROWSER-WEBKIT Apple Webkit Display box rendering corruption attempt (browser-webkit.rules) * 1:20999 <-> DISABLED <-> BROWSER-WEBKIT Microsoft Windows 7 x64 Apple Safari abnormally long iframe exploit attempt (browser-webkit.rules) * 1:21029 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules) * 1:21030 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules) * 1:21031 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules) * 1:21032 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules) * 1:21033 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (browser-plugins.rules) * 1:21034 <-> DISABLED <-> BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (browser-plugins.rules) * 1:21050 <-> DISABLED <-> SERVER-OTHER HP Diagnostics Server magentservice.exe stack overflow attempt (server-other.rules) * 1:21057 <-> DISABLED <-> FILE-OTHER Java Applet Rhino script engine remote code execution attempt (file-other.rules) * 1:21076 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (browser-plugins.rules) * 1:21077 <-> DISABLED <-> BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call (browser-plugins.rules) * 1:21078 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectShow GraphEdt closed captioning memory corruption (file-multimedia.rules) * 1:21079 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC HMI Administrator cookie detected (protocol-scada.rules) * 1:21116 <-> DISABLED <-> FILE-OTHER Cisco Webex selector and size2 subrecords corruption attempt (file-other.rules) * 1:21159 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:21167 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:21168 <-> DISABLED <-> FILE-MULTIMEDIA AVI file chunk length integer overflow attempt (file-multimedia.rules) * 1:21170 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules) * 1:21189 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari innerHTML use after free exploit attempt (browser-webkit.rules) * 1:21234 <-> DISABLED <-> SERVER-WEBAPP MKCOL Webdav Stack Buffer Overflow attempt (server-webapp.rules) * 1:21236 <-> DISABLED <-> SERVER-WEBAPP UNLOCK Webdav Stack Buffer Overflow attempt (server-webapp.rules) * 1:21243 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:21281 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules) * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules) * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules) * 1:21291 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid row option attempt (file-office.rules) * 1:21292 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules) * 1:21293 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio corrupted compressed data memory corruption attempt (file-office.rules) * 1:21299 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight privilege escalation attempt (browser-plugins.rules) * 1:21301 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules) * 1:21302 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_OLEChunk code execution attempt (file-office.rules) * 1:21305 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules) * 1:21307 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSheet code execution attempt (file-office.rules) * 1:21308 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules) * 1:21309 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules) * 1:21310 <-> DISABLED <-> OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (os-windows.rules) * 1:21316 <-> DISABLED <-> FILE-OTHER Adobe shockwave director tSAC string termination memory corruption attempt (file-other.rules) * 1:21317 <-> DISABLED <-> FILE-OTHER BACnet OPC client csv file buffer overflow attempt (file-other.rules) * 1:21326 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActiveX URL import attempt (file-flash.rules) * 1:21335 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion null dereference attempt (file-flash.rules) * 1:21336 <-> DISABLED <-> FILE-FLASH Adobe Flash ASConstructor insecure calling attempt (file-flash.rules) * 1:21338 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP4 zero length atom attempt (file-flash.rules) * 1:21339 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom auth field attempt (file-multimedia.rules) * 1:21341 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'dscp' field attempt (file-multimedia.rules) * 1:21342 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom cprt field attempt (file-multimedia.rules) * 1:21357 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (os-windows.rules) * 1:21363 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules) * 1:21371 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director KEY chunk buffer overflow attempt (file-other.rules) * 1:21414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules) * 1:21415 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (file-office.rules) * 1:21422 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (file-office.rules) * 1:21423 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:21439 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (file-image.rules) * 1:21457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:21458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules) * 1:21483 <-> DISABLED <-> PROTOCOL-SCADA Moxa Device Manager buffer overflow attempt (protocol-scada.rules) * 1:21484 <-> DISABLED <-> FILE-OTHER ZIP file name overflow attempt (file-other.rules) * 1:21491 <-> DISABLED <-> PROTOCOL-SCADA Sielco Sistemi Winlog Pro stack buffer overflow attempt (protocol-scada.rules) * 1:21503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXDB memory corruption (file-office.rules) * 1:21504 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21505 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21506 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21507 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21508 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:21533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Stage3D null dereference attempt (file-flash.rules) * 1:21534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules) * 1:21535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules) * 1:21536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Stage3D null dereference attempt (file-flash.rules) * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules) * 1:21567 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules) * 1:21647 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules) * 1:21653 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript getURL target null reference attempt (file-flash.rules) * 1:21654 <-> DISABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules) * 1:21655 <-> DISABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules) * 1:21752 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot request buffer overflow attempt (server-other.rules) * 1:21754 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules) * 1:21790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:21791 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:21792 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (file-executable.rules) * 1:21793 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (browser-ie.rules) * 1:21795 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:21796 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:21806 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:21858 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules) * 1:21859 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules) * 1:21878 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:21881 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules) * 1:21882 <-> DISABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules) * 1:21883 <-> DISABLED <-> BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (browser-plugins.rules) * 1:21914 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot opcode 6C request buffer overflow attempt (server-other.rules) * 1:21918 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX clsid access attempt (browser-plugins.rules) * 1:21919 <-> DISABLED <-> BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express Buffer Overflow ActiveX function call access attempt (browser-plugins.rules) * 1:21929 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:21930 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:21942 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules) * 1:21943 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules) * 1:22004 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22005 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22006 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22007 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22008 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22009 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22010 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22011 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22012 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:22038 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:22042 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (file-executable.rules) * 1:22063 <-> DISABLED <-> SERVER-WEBAPP PHP-CGI remote file include attempt (server-webapp.rules) * 1:22069 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22070 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio IndexDirectorySize greater than ChildrenSize memory access attempt (file-office.rules) * 1:22077 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules) * 1:22079 <-> DISABLED <-> OS-WINDOWS Microsoft .NET framework EvidenceBase class remote code execution attempt (os-windows.rules) * 1:22080 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer xbap custom ISeralizable object exception attempt (browser-ie.rules) * 1:22085 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (file-office.rules) * 1:22086 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (file-office.rules) * 1:22087 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font maxComponentPoints overflow attempt (file-other.rules) * 1:22090 <-> DISABLED <-> OS-WINDOWS Microsoft .NET framework malicious XBAP attempt (os-windows.rules) * 1:22091 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules) * 1:22092 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules) * 1:22093 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules) * 1:22094 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules) * 1:22915 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22916 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:22938 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:22942 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:22952 <-> DISABLED <-> SERVER-OTHER Iron Mountain connected backup opcode 13 processing command injection attempt (server-other.rules) * 1:23004 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23005 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23006 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23007 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:23008 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules) * 1:23009 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (file-office.rules) * 1:23010 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (file-office.rules) * 1:23048 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid attempt (browser-plugins.rules) * 1:23049 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules) * 1:23050 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX function call attempt (browser-plugins.rules) * 1:23056 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules) * 1:23059 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules) * 1:23060 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules) * 1:23098 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules) * 1:23099 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceHex denial of service attempt (server-other.rules) * 1:23102 <-> DISABLED <-> POLICY-OTHER Seagate BlackArmor administrator password reset attempt (policy-other.rules) * 1:23111 <-> DISABLED <-> POLICY-OTHER PHP uri tag injection attempt (policy-other.rules) * 1:23116 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 CTreeNode use after free attempt (browser-ie.rules) * 1:23117 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 DOM element use after free attempt (browser-ie.rules) * 1:23118 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer console object use after free attempt (browser-ie.rules) * 1:23121 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (browser-ie.rules) * 1:23122 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules) * 1:23124 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:23125 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:23126 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer insertAdjacentText memory corruption attempt (browser-ie.rules) * 1:23127 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET xbap STGMEDIUM.unionmember arbitrary number overwrite attempt (file-executable.rules) * 1:23129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SecureSocket use without Connect attempt (file-flash.rules) * 1:23130 <-> DISABLED <-> FILE-FLASH Adobe Flash Player X509 direct instantiation property access attempt (file-flash.rules) * 1:23131 <-> DISABLED <-> FILE-FLASH Adobe Flash Player X500 DistinguishedName property access attempt (file-flash.rules) * 1:23132 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineSound tag long recordheader length field attempt (file-flash.rules) * 1:23133 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash.display.BitmapData constuctor overflow attempt (file-flash.rules) * 1:23134 <-> DISABLED <-> FILE-FLASH Adobe Flash Player broker destructor DoS attempt (file-flash.rules) * 1:23135 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash.DisplayObject memory corruption attempt (file-flash.rules) * 1:23142 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23143 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23144 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23145 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23146 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23174 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules) * 1:23175 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (browser-plugins.rules) * 1:23178 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement flood attempt (protocol-icmp.rules) * 1:23181 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework xbap DataObject object pointer attempt (file-executable.rules) * 1:23212 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:23239 <-> DISABLED <-> SERVER-OTHER Wireshark console.lua file load exploit attempt (server-other.rules) * 1:23240 <-> DISABLED <-> SERVER-SAMBA Samba malicious user defined array size and buffer attempt (server-samba.rules) * 1:23241 <-> DISABLED <-> SERVER-OTHER HP DPNECentral RequestCopy type SQL injection attempt (server-other.rules) * 1:23263 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules) * 1:23264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:23265 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:23269 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules) * 1:23270 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules) * 1:23278 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested list memory corruption attempt (browser-ie.rules) * 1:23280 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer corrupted HROW instance write access violation attempt (browser-ie.rules) * 1:23285 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:23286 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23287 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23288 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23289 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23290 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23291 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23292 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23293 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23294 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23295 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23296 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23297 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23299 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23300 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23301 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23302 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23304 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (browser-plugins.rules) * 1:23330 <-> DISABLED <-> PROTOCOL-SCADA ScadaTec Procyon Core server password overflow attempt (protocol-scada.rules) * 1:23352 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (browser-plugins.rules) * 1:23353 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX function call access attempt (browser-plugins.rules) * 1:23355 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager AddTask stack buffer overflow attempt (server-other.rules) * 1:23371 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:23400 <-> DISABLED <-> FILE-OTHER Apple Quicktime JPEG2000 length integer underflow attempt (file-other.rules) * 1:23445 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox use-after free remote code execution attempt (browser-firefox.rules) * 1:23461 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules) * 1:23462 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23463 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules) * 1:23464 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules) * 1:23465 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23478 <-> DISABLED <-> FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (file-other.rules) * 1:23479 <-> DISABLED <-> FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (file-other.rules) * 1:23508 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules) * 1:23509 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules) * 1:23510 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules) * 1:23511 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules) * 1:23512 <-> DISABLED <-> FILE-PDF Adobe flash player newfunction memory corruption attempt (file-pdf.rules) * 1:23513 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23514 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23515 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23516 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:23526 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:23527 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:23528 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules) * 1:23530 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:23531 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:23532 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:23533 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record (file-office.rules) * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules) * 1:23545 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules) * 1:23546 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules) * 1:23547 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules) * 1:23548 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:23549 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules) * 1:23550 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (file-office.rules) * 1:23551 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:23552 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules) * 1:23553 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules) * 1:23554 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules) * 1:23555 <-> DISABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules) * 1:23558 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:23559 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules) * 1:23577 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules) * 1:23579 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules) * 1:23582 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (file-other.rules) * 1:23583 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23584 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (file-other.rules) * 1:23585 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules) * 1:23586 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules) * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules) * 1:23591 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules) * 1:23592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules) * 1:23609 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules) * 1:23611 <-> DISABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules) * 1:23612 <-> DISABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules) * 1:23614 <-> DISABLED <-> FILE-JAVA Oracle JavaScript heap exploitation library usage attempt (file-java.rules) * 1:23624 <-> DISABLED <-> SERVER-OTHER Ubisoft Uplay browser plugin backdoor attempt (server-other.rules) * 1:23631 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - POST parameter (server-apache.rules) * 1:23632 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23783 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (server-webapp.rules) * 1:23789 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (browser-firefox.rules) * 1:23790 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (browser-firefox.rules) * 1:23805 <-> DISABLED <-> BROWSER-WEBKIT WebKit button column memory corruption attempt (browser-webkit.rules) * 1:23834 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (browser-ie.rules) * 1:23835 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (browser-ie.rules) * 1:23836 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules) * 1:23837 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB host announcement format string exploit attempt (os-windows.rules) * 1:23838 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NetServerEnum response host format string exploit attempt (os-windows.rules) * 1:23840 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:23841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:23842 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23846 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Terminal server RDP freed memory write attempt (os-windows.rules) * 1:23853 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:23854 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:23864 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (file-pdf.rules) * 1:23865 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (file-pdf.rules) * 1:23866 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23867 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23868 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23869 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23870 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23871 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid inline image attempt (file-pdf.rules) * 1:23874 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (file-pdf.rules) * 1:23875 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (file-pdf.rules) * 1:23878 <-> DISABLED <-> BROWSER-PLUGINS Oracle JRE Deployment Toolkit ActiveX clsid access attempt (browser-plugins.rules) * 1:23879 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules) * 1:23880 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules) * 1:23881 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23882 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23883 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (file-pdf.rules) * 1:23884 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (file-pdf.rules) * 1:23889 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23890 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23891 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23892 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (file-pdf.rules) * 1:23950 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules) * 1:23951 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (os-windows.rules) * 1:23956 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules) * 1:23958 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23959 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23960 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23961 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:23964 <-> DISABLED <-> PROTOCOL-SCADA BroadWin WebAccess Client format string exploit attempt (protocol-scada.rules) * 1:23965 <-> DISABLED <-> PROTOCOL-SCADA BroadWin WebAccess Client arbitrary memory corruption attempt (protocol-scada.rules) * 1:23967 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt - compressed (file-flash.rules) * 1:23979 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23980 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23981 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23982 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23983 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (server-other.rules) * 1:23985 <-> DISABLED <-> BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (browser-plugins.rules) * 1:23986 <-> DISABLED <-> BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (browser-plugins.rules) * 1:23989 <-> DISABLED <-> FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (file-office.rules) * 1:23992 <-> DISABLED <-> FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (file-office.rules) * 1:23993 <-> DISABLED <-> SERVER-OTHER Dhcpcd packet size buffer overflow attempt (server-other.rules) * 1:23996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:23997 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:23999 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24000 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24001 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24002 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24003 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:24007 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules) * 1:24090 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV invalid character argument injection attempt (os-windows.rules) * 1:24129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel catLabel pointer manipulation attempt (file-office.rules) * 1:24130 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel catLabel pointer manipulation attempt (file-office.rules) * 1:24138 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules) * 1:24139 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules) * 1:24140 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed RTMP response attempt (file-flash.rules) * 1:24142 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules) * 1:24147 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules) * 1:24148 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious charstring stream attempt (file-pdf.rules) * 1:24149 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious charstring stream attempt (file-pdf.rules) * 1:24150 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TrueType font corrupt header attempt (file-pdf.rules) * 1:24151 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TrueType font corrupt header attempt (file-pdf.rules) * 1:24152 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (file-pdf.rules) * 1:24153 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (file-pdf.rules) * 1:24154 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader free text annotation invalid IT value denial of service attempt (file-pdf.rules) * 1:24155 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader free text annotation invalid IT value denial of service attempt (file-pdf.rules) * 1:2417 <-> DISABLED <-> PROTOCOL-FTP format string attempt (protocol-ftp.rules) * 1:24187 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:24188 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules) * 1:24196 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules) * 1:24197 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules) * 1:24199 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules) * 1:24200 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (server-mail.rules) * 1:24203 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:24204 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:24205 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:24207 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules) * 1:24208 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules) * 1:24209 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules) * 1:24212 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer execCommand use-after-free attempt (browser-ie.rules) * 1:24220 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules) * 1:24221 <-> DISABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules) * 1:24222 <-> DISABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules) * 1:24223 <-> DISABLED <-> SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (server-other.rules) * 1:24239 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Internet Agent content-length integer overflow attempt (server-webapp.rules) * 1:24240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:24242 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules) * 1:24244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:24245 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:24252 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer execCommand use embedded within javascript tags (browser-ie.rules) * 1:24272 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:24273 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules) * 1:24277 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:24278 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:24279 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:24280 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules) * 1:24281 <-> DISABLED <-> BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX clsid access (browser-plugins.rules) * 1:24282 <-> DISABLED <-> BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX function call access (browser-plugins.rules) * 1:24283 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC webm memory corruption attempt (file-multimedia.rules) * 1:24291 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules) * 1:24292 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules) * 1:24296 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement invalid prefix option attempt (protocol-icmp.rules) * 1:24314 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24315 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24316 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24317 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24318 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24319 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24320 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24338 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (file-other.rules) * 1:24351 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 use-after-free attempt (file-office.rules) * 1:24352 <-> DISABLED <-> FILE-OFFICE Microsoft Works 9 use-after-free attempt (file-office.rules) * 1:24353 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF malformed listid attempt (file-office.rules) * 1:24354 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF malformed listid attempt (file-office.rules) * 1:24357 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rgfc value overflow attempt (file-office.rules) * 1:24358 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rgfc value overflow attempt (file-office.rules) * 1:24362 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24363 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24364 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24365 <-> DISABLED <-> FILE-FLASH Adobe Flash null reference JIT compilation attempt (file-flash.rules) * 1:24366 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed record stack exhaustion attempt (file-flash.rules) * 1:24367 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed record stack exhaustion attempt (file-flash.rules) * 1:24380 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules) * 1:24414 <-> DISABLED <-> FILE-FLASH Adobe Flash Player stsz box heap overflow attempt (file-flash.rules) * 1:24415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player stsz box heap overflow attempt (file-flash.rules) * 1:24428 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24429 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24431 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24446 <-> DISABLED <-> SERVER-OTHER EMC NetWorker SunRPC format string exploit attempt (server-other.rules) * 1:24476 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24477 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24478 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24479 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24480 <-> DISABLED <-> PROTOCOL-SCADA WellinTech Kingview HMI history server buffer overflow attempt (protocol-scada.rules) * 1:24481 <-> DISABLED <-> PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (protocol-scada.rules) * 1:24485 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules) * 1:24486 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules) * 1:24506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader null pointer dereference attempt (file-pdf.rules) * 1:24507 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:24508 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:24510 <-> DISABLED <-> FILE-JAVA Oracle Java XGetSamplePtrFromSnd memory corruption attempt (file-java.rules) * 1:24511 <-> DISABLED <-> FILE-JAVA Oracle Java XGetSamplePtrFromSnd memory corruption attempt (file-java.rules) * 1:24518 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code injection attempt (server-webapp.rules) * 1:24519 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code execution attempt (server-webapp.rules) * 1:24520 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules) * 1:24536 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules) * 1:24537 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules) * 1:24538 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules) * 1:24549 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (file-multimedia.rules) * 1:24550 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (file-multimedia.rules) * 1:24551 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:24552 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:24553 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:24556 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:24557 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:24558 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:24570 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24571 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24572 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24573 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24574 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules) * 1:24578 <-> DISABLED <-> BROWSER-PLUGINS Viscom Movie Player Pro DrawText ActiveX clsid access (browser-plugins.rules) * 1:24579 <-> DISABLED <-> BROWSER-PLUGINS Viscom Movie Player Pro DrawText ActiveX function call access (browser-plugins.rules) * 1:24580 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24581 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:24582 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24583 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24584 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX clsid access (protocol-scada.rules) * 1:24585 <-> DISABLED <-> PROTOCOL-SCADA Broadwin WebAccess ActiveX function call access (protocol-scada.rules) * 1:24587 <-> DISABLED <-> FILE-OFFICE Microsoft Works Word document use after free attempt (file-office.rules) * 1:24588 <-> DISABLED <-> FILE-OFFICE Microsoft Works Word document use after free attempt (file-office.rules) * 1:24643 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX function call access (browser-plugins.rules) * 1:24644 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24645 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24646 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET exetension ActiveX clsid access (browser-plugins.rules) * 1:24649 <-> DISABLED <-> FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (file-other.rules) * 1:24650 <-> DISABLED <-> FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (file-other.rules) * 1:24653 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 table th element use after free attempt (browser-ie.rules) * 1:24654 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 table th element use after free attempt (browser-ie.rules) * 1:24657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules) * 1:24658 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules) * 1:24659 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (file-office.rules) * 1:24660 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 style properties use after free attempt (browser-ie.rules) * 1:24661 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 style properties use after free attempt (browser-ie.rules) * 1:24662 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer button object use after free memory corruption attempt (browser-ie.rules) * 1:24663 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer button object use after free memory corruption attempt (browser-ie.rules) * 1:24664 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (file-executable.rules) * 1:24665 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (file-executable.rules) * 1:24672 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules) * 1:24673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SST record invalid length memory corruption attempt (file-office.rules) * 1:24674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SST record invalid length memory corruption attempt (file-office.rules) * 1:24675 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX realm parameter overflow attempt (browser-plugins.rules) * 1:24676 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX real parameter overflow attempt (browser-plugins.rules) * 1:24678 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24679 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24680 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24681 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24682 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24683 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24684 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24685 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24687 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:24688 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:24689 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX function call access (browser-plugins.rules) * 1:24690 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24691 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX clsid access (browser-plugins.rules) * 1:24692 <-> DISABLED <-> BROWSER-PLUGINS Tom Sawyer GET exetension ActiveX clsid access (browser-plugins.rules) * 1:24693 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:24694 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules) * 1:24695 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (file-image.rules) * 1:24696 <-> DISABLED <-> PROTOCOL-RPC EMC Networker nsrindexd.exe procedure 0x01 buffer overflow attempt (protocol-rpc.rules) * 1:24699 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules) * 1:24700 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules) * 1:24701 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules) * 1:24702 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24703 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24704 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (server-webapp.rules) * 1:24705 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (server-webapp.rules) * 1:24723 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX clsid access attempt (browser-plugins.rules) * 1:24724 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX function call access (browser-plugins.rules) * 1:24725 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX clsid access (browser-plugins.rules) * 1:24726 <-> DISABLED <-> BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX function call access (browser-plugins.rules) * 1:24761 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24762 <-> DISABLED <-> FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (file-other.rules) * 1:24765 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request heap overflow attempt (server-webapp.rules) * 1:24767 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter FSFUI request directory traversal attempt (server-webapp.rules) * 1:24802 <-> DISABLED <-> SERVER-OTHER HP Database Archiving Software GIOP parsing buffer overflow attempt (server-other.rules) * 1:24804 <-> DISABLED <-> SERVER-WEBAPP Invision IP Board PHP unserialize code execution attempt (server-webapp.rules) * 1:24808 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer premature unload of Flash plugin use after free attempt (file-flash.rules) * 1:24809 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer premature unload of Flash plugin use after free attempt (file-flash.rules) * 1:24810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24811 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24812 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24813 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (file-flash.rules) * 1:24823 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:24827 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24828 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24829 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24830 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24831 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24832 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24833 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24834 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24835 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24836 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (server-webapp.rules) * 1:24868 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint bad text header txttype attempt (file-office.rules) * 1:24869 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24870 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24871 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24872 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules) * 1:24874 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24875 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24876 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24877 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:24879 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid JPEG index attempt (file-flash.rules) * 1:24882 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid JPEG index attempt (file-flash.rules) * 1:24892 <-> DISABLED <-> FILE-FLASH Action InitArray stack overflow attempt (file-flash.rules) * 1:24893 <-> DISABLED <-> FILE-FLASH Action InitArray stack overflow attempt (file-flash.rules) * 1:24895 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt (file-flash.rules) * 1:24896 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt (file-flash.rules) * 1:24898 <-> DISABLED <-> SERVER-OTHER ABB Multiple Product RobNetScanHost.exe buffer overflow attempt (server-other.rules) * 1:24913 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules) * 1:24914 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (server-webapp.rules) * 1:24915 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules) * 1:24955 <-> DISABLED <-> FILE-MULTIMEDIA AVI file chunk length integer overflow attempt (file-multimedia.rules) * 1:24956 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property use after free memory corruption attempt (browser-ie.rules) * 1:24957 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24958 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24959 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24960 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24961 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24962 <-> DISABLED <-> BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24963 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectPlay ActiveX clsid access (browser-plugins.rules) * 1:24964 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24965 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24966 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24967 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24968 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24969 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24970 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:24980 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24981 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24982 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24983 <-> DISABLED <-> FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (file-flash.rules) * 1:24984 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadPCMFromByteArray bad sample count attempt (file-flash.rules) * 1:24985 <-> DISABLED <-> FILE-FLASH Adobe Flash Player index overflow attempt (file-flash.rules) * 1:24986 <-> DISABLED <-> FILE-FLASH Adobe Flash Player index overflow attempt (file-flash.rules) * 1:24989 <-> DISABLED <-> FILE-FLASH Adobe Flash Player specially invalid traits structure attempt (file-flash.rules) * 1:24990 <-> DISABLED <-> FILE-FLASH Adobe Flash Player specially invalid traits structure attempt (file-flash.rules) * 1:24991 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DoInitAction invalid action overflow attempt (file-flash.rules) * 1:24992 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DoInitAction invalid action overflow attempt (file-flash.rules) * 1:24993 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules) * 1:24994 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox onChannelRedirect method attempt (browser-firefox.rules) * 1:24997 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24998 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:24999 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:25000 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording format buffer overflow attempt (file-other.rules) * 1:25003 <-> DISABLED <-> SERVER-OTHER HP Archive Query Server stack overflow attempt (server-other.rules) * 1:25006 <-> DISABLED <-> FILE-JAVA Oracle JavaScript heap exploitation library usage attempt (file-java.rules) * 1:25017 <-> DISABLED <-> SERVER-WEBAPP httpdx tolog function format string code execution attempt (server-webapp.rules) * 1:25035 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight inheritance restriction bypass (browser-plugins.rules) * 1:25059 <-> DISABLED <-> SERVER-OTHER SAP Business One License Manager buffer overflow attempt (server-other.rules) * 1:25078 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:25079 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules) * 1:25225 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules) * 1:25226 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules) * 1:25227 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox iframe and xul element reload crash attempt (browser-firefox.rules) * 1:25228 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox iframe and xul element reload crash attempt (browser-firefox.rules) * 1:25246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:25247 <-> DISABLED <-> FILE-OTHER Lattice PAC Designer symbol value buffer overflow attempt (file-other.rules) * 1:25248 <-> DISABLED <-> FILE-OTHER Lattice PAC Designer symbol value buffer overflow attempt (file-other.rules) * 1:25250 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules) * 1:25251 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules) * 1:25252 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules) * 1:25253 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules) * 1:25254 <-> DISABLED <-> BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (browser-plugins.rules) * 1:25287 <-> DISABLED <-> SERVER-OTHER Rails XML parameter parsing vulnerability exploitation attempt (server-other.rules) * 1:25288 <-> DISABLED <-> SERVER-OTHER Rails XML parameter parsing vulnerability exploitation attempt (server-other.rules) * 1:25297 <-> DISABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules) * 1:25298 <-> DISABLED <-> FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (file-multimedia.rules) * 1:25299 <-> DISABLED <-> BROWSER-PLUGINS IBM VsVIEW ActiveX control directory traversal attempt (browser-plugins.rules) * 1:25300 <-> DISABLED <-> BROWSER-PLUGINS IBM VsVIEW ActiveX control directory traversal attempt (browser-plugins.rules) * 1:25303 <-> DISABLED <-> FILE-OTHER Cisco WebEx WRF memory corruption attempt (file-other.rules) * 1:25304 <-> DISABLED <-> FILE-OTHER Cisco WebEx WRF memory corruption attempt (file-other.rules) * 1:25309 <-> DISABLED <-> FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (file-other.rules) * 1:25310 <-> DISABLED <-> FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (file-other.rules) * 1:25311 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules) * 1:25312 <-> DISABLED <-> SERVER-OTHER Microsoft Forefront Threat Management Gateway remote code execution attempt (server-other.rules) * 1:25316 <-> DISABLED <-> BROWSER-PLUGINS InduSoft ISSymbol InternationalSeparator heap overflow attempt (browser-plugins.rules) * 1:25318 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules) * 1:25319 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules) * 1:25320 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules) * 1:25321 <-> DISABLED <-> SERVER-ORACLE Oracle Database tablefunc_asown buffer overflow attempt (server-oracle.rules) * 1:25330 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel conditional code execution attempt (file-office.rules) * 1:25331 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel conditional code execution attempt (file-office.rules) * 1:25332 <-> DISABLED <-> FILE-OTHER Adobe Audition Session file tkrm stack buffer overflow attempt (file-other.rules) * 1:25341 <-> DISABLED <-> FILE-OTHER Cisco WebEx player remote code execution attempt (file-other.rules) * 1:25343 <-> DISABLED <-> BROWSER-PLUGINS Citrix Access Gateway plug-in ActiveX code execution attempt (browser-plugins.rules) * 1:25344 <-> DISABLED <-> BROWSER-PLUGINS Citrix Access Gateway plug-in ActiveX code execution attempt (browser-plugins.rules) * 1:25346 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules) * 1:25347 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules) * 1:25348 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules) * 1:25353 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:25354 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:25355 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:25357 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:25366 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules) * 1:25367 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules) * 1:25376 <-> DISABLED <-> FILE-IMAGE Apple QuickTime Targa image file buffer overflow attempt (file-image.rules) * 1:25378 <-> DISABLED <-> FILE-IMAGE Apple QuickTime Targa image file buffer overflow attempt (file-image.rules) * 1:25381 <-> DISABLED <-> SERVER-OTHER Microsoft Forefront Threat Management Gateway remote code execution attempt (server-other.rules) * 1:25392 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules) * 1:25474 <-> DISABLED <-> SERVER-OTHER Citrix Access Gateway legacy authentication attempt (server-other.rules) * 1:25475 <-> DISABLED <-> FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (file-pdf.rules) * 1:25527 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint unbound memcpy and remote code execution attempt (file-office.rules) * 1:25535 <-> DISABLED <-> PROTOCOL-SERVICES Cisco Prime Lan Management rsh command execution attempt (protocol-services.rules) * 1:25542 <-> DISABLED <-> PROTOCOL-RPC EMC NetWorker nsrindexd service buffer overflow attempt (protocol-rpc.rules) * 1:25549 <-> DISABLED <-> SERVER-OTHER Novell eDirectory NCP stack buffer overflow attempt (server-other.rules) * 1:25550 <-> DISABLED <-> SERVER-OTHER Novell eDirectory NCP stack buffer overflow attempt (server-other.rules) * 1:25589 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25601 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25612 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25617 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25618 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25619 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25620 <-> DISABLED <-> SERVER-OTHER libupnp command buffer overflow attempt (server-other.rules) * 1:25644 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25645 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25646 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25647 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25648 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25649 <-> DISABLED <-> FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (file-other.rules) * 1:25654 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (server-other.rules) * 1:25655 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (server-other.rules) * 1:25768 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (file-office.rules) * 1:25779 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules) * 1:25835 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (file-flash.rules) * 1:26027 <-> DISABLED <-> FILE-OTHER Adobe Director file file rcsL overflow attempt (file-other.rules) * 1:26028 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules) * 1:26029 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules) * 1:26066 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26067 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26068 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26069 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules) * 1:26103 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra ping request buffer overflow attempt (server-other.rules) * 1:26105 <-> DISABLED <-> SERVER-OTHER BigAnt IM Server buffer overflow attempt (server-other.rules) * 1:26110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:26111 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:26112 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:26113 <-> DISABLED <-> FILE-PDF Adobe Flash Player memory corruption attempt (file-pdf.rules) * 1:26176 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SXDB memory corruption attempt (file-office.rules) * 1:26181 <-> DISABLED <-> BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX clsid access attempt (browser-plugins.rules) * 1:26182 <-> DISABLED <-> BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX function call access attempt (browser-plugins.rules) * 1:26183 <-> DISABLED <-> BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX clsid access attempt (browser-plugins.rules) * 1:26184 <-> DISABLED <-> BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX function call access attempt (browser-plugins.rules) * 1:26187 <-> DISABLED <-> BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid attempt (browser-plugins.rules) * 1:26209 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules) * 1:26210 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules) * 1:26258 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules) * 1:26259 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules) * 1:26295 <-> DISABLED <-> FILE-OTHER Watering Hole Campaign applet download (file-other.rules) * 1:26333 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules) * 1:26334 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules) * 1:26336 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra snmp request buffer overflow attempt (server-other.rules) * 1:26378 <-> DISABLED <-> BROWSER-PLUGINS Viscom Software Image Viewer ActiveX function call access (browser-plugins.rules) * 1:26393 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX function call access (browser-plugins.rules) * 1:26414 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server executable file upload attempt (protocol-scada.rules) * 1:26415 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server directory traversal attempt (protocol-scada.rules) * 1:26416 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules) * 1:26417 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules) * 1:26471 <-> DISABLED <-> PROTOCOL-FTP VanDyke AbsoluteFTP LIST command stack buffer overflow attempt (protocol-ftp.rules) * 1:26488 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server directory traversal attempt (protocol-scada.rules) * 1:26495 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules) * 1:26496 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules) * 1:26502 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules) * 1:26503 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules) * 1:26504 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules) * 1:26548 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (server-webapp.rules) * 1:26584 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (browser-ie.rules) * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules) * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules) * 1:26661 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:26662 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules) * 1:26682 <-> DISABLED <-> BROWSER-PLUGINS Oracle JRE Deployment Toolkit ActiveX clsid access attempt (browser-plugins.rules) * 1:26699 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:26700 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:26701 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (file-image.rules) * 1:26769 <-> DISABLED <-> SERVER-OTHER MIT Kerberos kpasswd process_chpw_request denial of service attempt (server-other.rules) * 1:26973 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (file-office.rules) * 1:27006 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager URI rping stack buffer overflow attempt (server-webapp.rules) * 1:27173 <-> DISABLED <-> BROWSER-PLUGINS Cisco AnyConnect mobility client activex clsid access attempt (browser-plugins.rules) * 1:27179 <-> DISABLED <-> BROWSER-PLUGINS Oracle document capture EMPOP3Lib ActiveX clsid access attempt (browser-plugins.rules) * 1:27220 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer virtual function table corruption attempt (browser-ie.rules) * 1:27221 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer virtual function table corruption attempt (browser-ie.rules) * 1:27222 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:27223 <-> DISABLED <-> BROWSER-PLUGINS Oracle document capture Actbar2.ocx ActiveX clsid access attempt (browser-plugins.rules) * 1:27576 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font maxComponentPoints overflow attempt (file-other.rules) * 1:27598 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Admin Server command injection attempt (server-webapp.rules) * 1:27656 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:27657 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:27658 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules) * 1:27754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (file-flash.rules) * 1:27796 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure POST SQL injection attempt (server-webapp.rules) * 1:27797 <-> DISABLED <-> SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure SQL injection attempt (server-webapp.rules) * 1:27798 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (browser-plugins.rules) * 1:27799 <-> DISABLED <-> BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (browser-plugins.rules) * 1:27862 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules) * 1:27908 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules) * 1:27909 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (browser-ie.rules) * 1:27945 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (file-office.rules) * 1:28088 <-> DISABLED <-> POLICY-SOCIAL Pidgin MXIT emoticon integer overflow attempt (policy-social.rules) * 1:28103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (file-office.rules) * 1:28137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules) * 1:28257 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC remote memory corruption attempt (file-pdf.rules) * 1:28258 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:28259 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules) * 1:28260 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC remote memory corruption attempt (file-pdf.rules) * 1:28262 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28263 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules) * 1:28266 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (file-pdf.rules) * 1:28267 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28268 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28269 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28270 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer option element use after free attempt (browser-ie.rules) * 1:28271 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer htmlfile null attribute access attempt (browser-ie.rules) * 1:28272 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer htmlfile ActiveX object access attempt (browser-plugins.rules) * 1:28278 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (server-webapp.rules) * 1:28306 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS expression defined to empty selection attempt (browser-ie.rules) * 1:28331 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28332 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28333 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28334 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28335 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28336 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28337 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28338 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28339 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28340 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28341 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28342 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28343 <-> DISABLED <-> FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (file-office.rules) * 1:28349 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:28350 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:28351 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules) * 1:28354 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28355 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28356 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28357 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28358 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28359 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28360 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules) * 1:28363 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:28364 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:28388 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28389 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28390 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:28391 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (file-office.rules) * 1:28393 <-> DISABLED <-> SERVER-OTHER EMC Replication Manager irccd remote command execution attempt (server-other.rules) * 1:28426 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28427 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28448 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center BIMS bimsDownload directory traversal attempt (server-webapp.rules) * 1:28451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28453 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28461 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28462 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28492 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer freed CTreePos object use-after-free attempt (browser-ie.rules) * 1:28494 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer execCommand CTreePos memory corruption attempt (browser-ie.rules) * 1:28498 <-> ENABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules) * 1:28623 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28624 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules) * 1:28625 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules) * 1:28626 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D RHAdobeMeta Buffer Overflow (file-pdf.rules) * 1:28627 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28628 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules) * 1:28633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules) * 1:28634 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (file-pdf.rules) * 1:28635 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28636 <-> DISABLED <-> FILE-FLASH Adobe Flash Player multimedia file DefineSceneAndFrameLabelData code execution attempt (file-flash.rules) * 1:28637 <-> DISABLED <-> FILE-FLASH Adobe Flash Player multimedia file DefineSceneAndFrameLabelData code execution attempt (file-flash.rules) * 1:28638 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28639 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (file-pdf.rules) * 1:28642 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28643 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules) * 1:28687 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28688 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28689 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (file-flash.rules) * 1:28691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28692 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28693 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28694 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:28703 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:28704 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (file-flash.rules) * 1:28705 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28706 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28707 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28708 <-> DISABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules) * 1:28709 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules) * 1:28710 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28711 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28712 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28713 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28714 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28715 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (file-pdf.rules) * 1:28716 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compact font format memory corruption attempt (file-pdf.rules) * 1:28717 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compact font format memory corruption attempt (file-pdf.rules) * 1:28718 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28719 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28720 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28721 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader memory corruption attempt (file-pdf.rules) * 1:28722 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules) * 1:28723 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules) * 1:28725 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (file-pdf.rules) * 1:28744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:28745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (file-flash.rules) * 1:28747 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules) * 1:28748 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules) * 1:28790 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D stream memory corruption attempt (file-pdf.rules) * 1:28794 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules) * 1:28849 <-> DISABLED <-> SERVER-WEBAPP WordPress XMLRPC potential port-scan attempt (server-webapp.rules) * 1:28867 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28868 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28869 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28870 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28871 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28872 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules) * 1:28880 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CElement Use After Free exploit attempt (browser-ie.rules) * 1:28902 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28903 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28904 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28905 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28906 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28907 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:28908 <-> DISABLED <-> SERVER-OTHER Nagios core config manager tfpassword sql injection attempt (server-other.rules) * 1:28917 <-> DISABLED <-> PROTOCOL-SCADA Microsys Promotic directory traversal attempt (protocol-scada.rules) * 1:28956 <-> DISABLED <-> SERVER-WEBAPP Novell Zenworks configuration management umaninv information disclosure attempt (server-webapp.rules) * 1:28961 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules) * 1:28962 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules) * 1:29014 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules) * 1:29018 <-> DISABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin getReport SQL injection attempt (server-webapp.rules) * 1:29036 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CElement Use After Free exploit attempt (browser-ie.rules) * 1:29040 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules) * 1:29105 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral agentLogUploader servlet directory traversal attempt (server-webapp.rules) * 1:29118 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger Server process memory information disclosure attempt (server-webapp.rules) * 1:29168 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EUC-JP encoding cross site scripting attempt (browser-ie.rules) * 1:29169 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EUC-JP encoding cross site scripting attempt (browser-ie.rules) * 1:29192 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules) * 1:29193 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules) * 1:29214 <-> DISABLED <-> FILE-JAVA Oracle Java JPEGImageWriter memory corruption attempt (file-java.rules) * 1:29265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object property use after free memory corruption attempt (browser-ie.rules) * 1:29326 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (file-office.rules) * 1:29327 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (file-office.rules) * 1:29328 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (file-office.rules) * 1:29502 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:29503 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products SVG text content element getCharNumAtPosition use after free attempt (browser-firefox.rules) * 1:29505 <-> DISABLED <-> PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (protocol-scada.rules) * 1:29511 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM jovgraph.exe CGI hostname parameter bugger overflow attempt (server-webapp.rules) * 1:29515 <-> DISABLED <-> PROTOCOL-SCADA ScadaTec Procyon Core server password overflow attempt (protocol-scada.rules) * 1:29522 <-> DISABLED <-> SERVER-WEBAPP Alcatel-Lucent OmniPCX Office remote code execution attempt (server-webapp.rules) * 1:29526 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:29527 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules) * 1:29533 <-> DISABLED <-> BROWSER-PLUGINS Quest InTrust Annotation Objects ActiveX function call access attempt (browser-plugins.rules) * 1:29534 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server invalid memory access attempt (protocol-scada.rules) * 1:29535 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules) * 1:29537 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APIMonitorImpl information disclosure attempt (server-webapp.rules) * 1:29539 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29540 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29541 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29542 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29543 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29544 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29545 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29546 <-> DISABLED <-> FILE-MULTIMEDIA WAV processing buffer overflow attempt (file-multimedia.rules) * 1:29570 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29571 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29572 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29573 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29574 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29575 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29576 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29577 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules) * 1:29582 <-> DISABLED <-> SERVER-OTHER Mediawiki DjVu and PDF handling code execution attempt (server-other.rules) * 1:29583 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center information disclosure attempt (server-webapp.rules) * 1:29584 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector LogClientInstallation SQL Injection attempt (server-webapp.rules) * 1:29585 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 3 buffer overflow attempt (server-other.rules) * 1:29586 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 6 buffer overflow attempt (server-other.rules) * 1:29587 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 6 buffer overflow attempt (server-other.rules) * 1:29588 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 7 buffer overflow attempt (server-other.rules) * 1:29589 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 7 buffer overflow attempt (server-other.rules) * 1:29590 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type A buffer overflow attempt (server-other.rules) * 1:29591 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type A buffer overflow attempt (server-other.rules) * 1:29593 <-> DISABLED <-> SERVER-WEBAPP Airlive IP Camera CSRF attempt (server-webapp.rules) * 1:29595 <-> DISABLED <-> SERVER-WEBAPP Airlive IP Camera directory traversal attempt (server-webapp.rules) * 1:29603 <-> DISABLED <-> SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (server-other.rules) * 1:29604 <-> DISABLED <-> OS-OTHER CoDeSys Gateway Server Denial of Service attempt detected (os-other.rules) * 1:29617 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules) * 1:29626 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29627 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29628 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29629 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules) * 1:29630 <-> DISABLED <-> SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (server-other.rules) * 1:29646 <-> DISABLED <-> SERVER-WEBAPP SkyBlueCanvas CMS remote command execution attempt (server-webapp.rules) * 1:29647 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (server-apache.rules) * 1:29648 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (server-apache.rules) * 1:29649 <-> DISABLED <-> SERVER-APACHE Apache Roller allowStaticMethodAccess invocation attempt (server-apache.rules) * 1:29667 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos deleted object access attempt (browser-ie.rules) * 1:29680 <-> DISABLED <-> BROWSER-PLUGINS Microsoft XML Core Services same origin policy bypass attempt (browser-plugins.rules) * 1:29681 <-> DISABLED <-> BROWSER-PLUGINS Microsoft XML Core Services same origin policy bypass attempt (browser-plugins.rules) * 1:29709 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer fontFamily attribute deleted object access memory corruption attempt (browser-ie.rules) * 1:29715 <-> DISABLED <-> SERVER-IIS Microsoft Windows ASP .NET denial of service attempt (server-iis.rules) * 1:29741 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (browser-ie.rules) * 1:29746 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway languagetest.php language parameter directory traversal attempt (server-webapp.rules) * 1:29747 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirect (server-apache.rules) * 1:29748 <-> ENABLED <-> SERVER-APACHE Apache Struts2 blacklisted method redirect (server-apache.rules) * 1:29751 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (server-webapp.rules) * 1:29756 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (server-webapp.rules) * 1:29758 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Javascript negative option index attack attempt (browser-ie.rules) * 1:29796 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:29797 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules) * 1:29823 <-> DISABLED <-> OS-WINDOWS Microsoft Windows secure channel malformed certificate request memory corruption attempt (os-windows.rules) * 1:29871 <-> DISABLED <-> SERVER-ORACLE Oracle Reports server remote code execution attempt (server-oracle.rules) * 1:29932 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regexp out of bounds memory leak ASLR bypass attempt (file-flash.rules) * 1:29933 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regexp out of bounds memory leak ASLR bypass attempt (file-flash.rules) * 1:29934 <-> DISABLED <-> FILE-FLASH Adobe Flash regular expression grouping depth buffer overflow attempt (file-flash.rules) * 1:29936 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - CookieInterceptor (server-apache.rules) * 1:29937 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules) * 1:29954 <-> DISABLED <-> PROTOCOL-SCADA CODESYS Gateway-Server heap buffer overflow attempt (protocol-scada.rules) * 1:29959 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (protocol-scada.rules) * 1:29964 <-> DISABLED <-> PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime directory traversal attempt (protocol-scada.rules) * 1:29979 <-> DISABLED <-> SERVER-WEBAPP Symantec Endpoint Protection Manager Unauthenticated XML External Entity Injection attempt (server-webapp.rules) * 1:30011 <-> DISABLED <-> SERVER-WEBAPP GE Proficy CIMPLICITY CimWebServer remote code execution attempt (server-webapp.rules) * 1:30031 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino stack buffer overflow attempt (server-webapp.rules) * 1:30032 <-> DISABLED <-> SERVER-OTHER Borland VisiBroker Smart Agent heap overflow attempt (server-other.rules) * 1:30144 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer ruby text tag heap-based buffer overflow attempt (browser-ie.rules) * 1:30146 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30147 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30148 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30149 <-> DISABLED <-> FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (file-flash.rules) * 1:30202 <-> DISABLED <-> SERVER-MAIL Mortal Universe POP Peeper uidl header overflow attempt (server-mail.rules) * 1:30209 <-> DISABLED <-> SERVER-WEBAPP Microsoft Forefront Unified Access Gateway null session cookie denial of service (server-webapp.rules) * 1:30236 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader field flags exploit attempt (file-pdf.rules) * 1:30244 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (file-office.rules) * 1:30245 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:30246 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules) * 1:30247 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:30248 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (file-office.rules) * 1:30280 <-> DISABLED <-> SERVER-WEBAPP FreePBX config.php remote code execution attempt (server-webapp.rules) * 1:30291 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules) * 1:30292 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules) * 1:30293 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules) * 1:30297 <-> DISABLED <-> SERVER-WEBAPP Katello update_roles method privilege escalation attempt (server-webapp.rules) * 1:30305 <-> DISABLED <-> SERVER-WEBAPP Horde Framework variables.php unserialize PHP code execution attempt (server-webapp.rules) * 1:30307 <-> DISABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (server-webapp.rules) * 1:30329 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (server-other.rules) * 1:30330 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (server-other.rules) * 1:30564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime long rnet atom size buffer overflow attempt (file-multimedia.rules) * 1:30565 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime long rnet atom size buffer overflow attempt (file-multimedia.rules) * 1:30790 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30791 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30792 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30793 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules) * 1:30939 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows NtUserMessageCall implementation exploitation attempt (file-executable.rules) * 1:30940 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows NtUserMessageCall implementation exploitation attempt (file-executable.rules) * 1:30941 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules) * 1:30944 <-> DISABLED <-> SERVER-APACHE Apache Struts CookieInterceptor classloader access attempt (server-apache.rules) * 1:30951 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint ThemeOverride XSS Attempt (server-webapp.rules) * 1:31067 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess ChartThemeConfig SQL injection attempt (server-webapp.rules) * 1:31143 <-> DISABLED <-> SERVER-WEBAPP CA ERwin Web Portal ConfigServiceProvider directory traversal attempt (server-webapp.rules) * 1:31157 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31158 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31159 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31160 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules) * 1:31162 <-> DISABLED <-> SERVER-OTHER Beetel 450TC2 CSRF attempt (server-other.rules) * 1:31180 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS handshake recursion denial of service attempt (server-other.rules) * 1:31206 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 CTreePos child element use-after-free attempt (browser-ie.rules) * 1:31208 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CDispNode use after free attempt (browser-ie.rules) * 1:31209 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CDispNode use after free attempt (browser-ie.rules) * 1:31217 <-> DISABLED <-> OS-WINDOWS Microsoft Lync Server meeting URL XSS attempt (os-windows.rules) * 1:31238 <-> DISABLED <-> SERVER-OTHER Symantec pcAnywhere remote code execution attempt (server-other.rules) * 1:31245 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules) * 1:31246 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules) * 1:31281 <-> DISABLED <-> FILE-FLASH Adobe Flash Player redirect attempt (file-flash.rules) * 1:31282 <-> DISABLED <-> FILE-FLASH Adobe Flash Player redirect attempt (file-flash.rules) * 1:31283 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31291 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader DynamicAnnotStore exploit attempt (file-pdf.rules) * 1:31292 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader DynamicAnnotStore exploit attempt (file-pdf.rules) * 1:31296 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules) * 1:31297 <-> DISABLED <-> SERVER-WEBAPP VMWare vSphere API SOAP request RetrieveProperties remote denial of service attempt (server-webapp.rules) * 1:31301 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules) * 1:31325 <-> DISABLED <-> FILE-OTHER Apple OSX Finder DMG volume name memory corruption attempt (file-other.rules) * 1:31373 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules) * 1:31375 <-> DISABLED <-> SERVER-WEBAPP Hp OpenView CGI parameter buffer overflow attempt (server-webapp.rules) * 1:31378 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules) * 1:31379 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules) * 1:31388 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer improper object cast memory corruption attempt (browser-ie.rules) * 1:31392 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31393 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31394 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31395 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31396 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31397 <-> DISABLED <-> FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (file-flash.rules) * 1:31411 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31412 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31413 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31415 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (os-windows.rules) * 1:31420 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:31421 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules) * 1:31427 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules) * 1:31428 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules) * 1:31438 <-> DISABLED <-> PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (protocol-scada.rules) * 1:31460 <-> DISABLED <-> SERVER-WEBAPP PHP DNS parsing heap overflow attempt (server-webapp.rules) * 1:31461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules) * 1:31462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (file-office.rules) * 1:31473 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31474 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31475 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31476 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules) * 1:31477 <-> DISABLED <-> SERVER-OTHER OpenSSL SSL ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31478 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.0 ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31479 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31480 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 ChangeCipherSpec man-in-the-middle exploitation attempt (server-other.rules) * 1:31495 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31496 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:31497 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (server-webapp.rules) * 1:31498 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (server-webapp.rules) * 1:31504 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (browser-ie.rules) * 1:31560 <-> DISABLED <-> SERVER-WEBAPP Wordpress MailPoet plugin theme file upload attempt (server-webapp.rules) * 1:31561 <-> DISABLED <-> SERVER-WEBAPP Wordpress MailPoet plugin successful theme file upload detected (server-webapp.rules) * 1:31571 <-> DISABLED <-> FILE-IMAGE GIMP XWD BlueMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31572 <-> DISABLED <-> FILE-IMAGE GIMP XWD GreenMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31573 <-> DISABLED <-> FILE-IMAGE GIMP XWD RedMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31574 <-> DISABLED <-> FILE-IMAGE GIMP XWD BlueMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31575 <-> DISABLED <-> FILE-IMAGE GIMP XWD GreenMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31576 <-> DISABLED <-> FILE-IMAGE GIMP XWD RedMask file-handling stack buffer overflow attempt (file-image.rules) * 1:31579 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Lbl record attempt (file-office.rules) * 1:31580 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:31581 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:31582 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:31583 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (browser-ie.rules) * 1:31584 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSS .ipsum layout use-after-free attempt (browser-ie.rules) * 1:31608 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:31609 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:31610 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:31611 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (browser-ie.rules) * 1:31623 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EventListener use after free attempt (browser-ie.rules) * 1:31624 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EventListener use after free attempt (browser-ie.rules) * 1:31629 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CMarkup insertMarquee use after free attempt (browser-ie.rules) * 1:31651 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (server-webapp.rules) * 1:31652 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (server-webapp.rules) * 1:31670 <-> DISABLED <-> FILE-OTHER Symantec Endpoint Protection Sysplant kernel pool overflow exploit attempt (file-other.rules) * 1:31671 <-> DISABLED <-> FILE-OTHER Symantec Endpoint Protection Sysplant kernel pool overflow exploit attempt (file-other.rules) * 1:31674 <-> DISABLED <-> FILE-FLASH Adobe Flash Broker write to junction exploit attempt (file-flash.rules) * 1:31677 <-> DISABLED <-> FILE-FLASH Adobe Flash Broker write to junction exploit attempt (file-flash.rules) * 1:31684 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-origin security policy bypass attempt (file-flash.rules) * 1:31685 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-origin security policy bypass attempt (file-flash.rules) * 1:31728 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central LinkViewFetchServlet SQL injection attempt (server-webapp.rules) * 1:31729 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Password Manager MetadataServlet SQL injection attempt (server-webapp.rules) * 1:31747 <-> DISABLED <-> SERVER-WEBAPP Gitlab ssh key upload command injection attempt (server-webapp.rules) * 1:31749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player marshallException through JavaScript XSS attempt (file-flash.rules) * 1:31750 <-> DISABLED <-> FILE-FLASH Adobe Flash Player marshallException through JavaScript XSS attempt (file-flash.rules) * 1:31799 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CTableCell Use After Free exploit attempt (browser-ie.rules) * 1:31809 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer integer overflow exploit attempt (browser-ie.rules) * 1:31818 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral statusUpdate servlet directory traversal attempt (server-webapp.rules) * 1:31838 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules) * 1:31843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules) * 1:31844 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules) * 1:31845 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules) * 1:31860 <-> DISABLED <-> SERVER-OTHER Apple CUPS web interface cross site scripting attempt (server-other.rules) * 1:31942 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Admin Service FileUploadServlet directory traversal attempt (server-webapp.rules) * 1:31943 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope EmailServlet directory traversal attempt (server-webapp.rules) * 1:31945 <-> DISABLED <-> SERVER-WEBAPP PhpWiki Ploticus plugin command injection attempt (server-webapp.rules) * 1:31956 <-> DISABLED <-> SERVER-WEBAPP Rejetto HttpFileServer command injection attempt (server-webapp.rules) * 1:32044 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules) * 1:32056 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:32057 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules) * 1:32062 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:32063 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:32064 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules) * 1:32076 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules) * 1:32102 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX clsid access (browser-plugins.rules) * 1:32103 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX clsid access (browser-plugins.rules) * 1:32104 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX function call access (browser-plugins.rules) * 1:32105 <-> DISABLED <-> BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX function call access (browser-plugins.rules) * 1:32141 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32142 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32143 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32144 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32145 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32146 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (os-windows.rules) * 1:32157 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 11 CMarkup GetMarkupTitle use-after-free attempt (browser-ie.rules) * 1:32184 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CFunctionPointer use after free exploit attempt (browser-ie.rules) * 1:32199 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 directory traversal attempt (server-other.rules) * 1:32262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Active X installer broker privilege elevation attempt (browser-ie.rules) * 1:32263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Active X installer broker privilege elevation attempt (browser-ie.rules) * 1:32264 <-> DISABLED <-> BROWSER-IE ActiveX installer broker object sandbox escape attempt (browser-ie.rules) * 1:32265 <-> DISABLED <-> BROWSER-IE ActiveX installer broker object sandbox escape attempt (browser-ie.rules) * 1:32266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 out of bounds array access attempt (browser-ie.rules) * 1:32267 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 out of bounds array access attempt (browser-ie.rules) * 1:32276 <-> DISABLED <-> SERVER-WEBAPP WordPress Infusionsoft Gravity Forms Plugin arbitrary code execution attempt (server-webapp.rules) * 1:32277 <-> DISABLED <-> SERVER-OTHER Novell ZENworks PreBoot directory traversal attempt (server-other.rules) * 1:32319 <-> DISABLED <-> BROWSER-CHROME Google Chrome Blink locationAttributeSetter use after free attempt (browser-chrome.rules) * 1:32320 <-> DISABLED <-> BROWSER-CHROME Google Chrome Blink locationAttributeSetter use after free attempt (browser-chrome.rules) * 1:32346 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules) * 1:32347 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:32348 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:32349 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules) * 1:32350 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules) * 1:32351 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules) * 1:32358 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JpxDecode invalid crgn memory corruption attempt (file-pdf.rules) * 1:32377 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules) * 1:32381 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules) * 1:32382 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules) * 1:32430 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CHeaderElement object use-after-free remote code execution attempt (browser-ie.rules) * 1:32436 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer document.URL override information disclosure attempt (browser-ie.rules) * 1:32437 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer document.URL override information disclosure attempt (browser-ie.rules) * 1:32458 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer clipboardData unauthorized JavaScript read and write attempt (browser-ie.rules) * 1:32459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer clipboardData unauthorized JavaScript read and write attempt (browser-ie.rules) * 1:32460 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CPtsTextParaclient out of bounds error remote code execution attempt (browser-ie.rules) * 1:32482 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer pasteHTML use after free attempt (browser-ie.rules) * 1:32483 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer pasteHTML use after free attempt (browser-ie.rules) * 1:32484 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer immutable application settings sandbox escape attempt (browser-ie.rules) * 1:32485 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer immutable application settings sandbox escape attempt (browser-ie.rules) * 1:32489 <-> DISABLED <-> OS-WINDOWS Microsoft Windows tcpip.sys null pointer dereference attempt (os-windows.rules) * 1:32490 <-> DISABLED <-> OS-WINDOWS Microsoft Windows tcpip.sys null pointer dereference attempt (os-windows.rules) * 1:32491 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer information disclosure attempt (browser-ie.rules) * 1:32492 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer information disclosure attempt (browser-ie.rules) * 1:32499 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer EPM sandbox escape attempt (file-other.rules) * 1:32500 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer EPM sandbox escape attempt (file-other.rules) * 1:32514 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:32515 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:32516 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:32517 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules) * 1:32518 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer registry symbolic link attack attempt (file-other.rules) * 1:32519 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer registry symbolic link attack attempt (file-other.rules) * 1:32532 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules) * 1:32581 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules) * 1:32582 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules) * 1:32587 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Series record exploit attempt (file-office.rules) * 1:32588 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules) * 1:32589 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules) * 1:32626 <-> DISABLED <-> BROWSER-PLUGINS Adobe Flash broker privilege escalation file creation attempt (browser-plugins.rules) * 1:32627 <-> DISABLED <-> BROWSER-PLUGINS Adobe Flash broker privilege escalation file creation attempt (browser-plugins.rules) * 1:32632 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX clsid access (browser-plugins.rules) * 1:32633 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX function call access (browser-plugins.rules) * 1:32634 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX clsid access (browser-plugins.rules) * 1:32635 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality ActiveX function call access (browser-plugins.rules) * 1:32637 <-> DISABLED <-> PROTOCOL-TFTP UDP UFO large packet denial of service attempt (protocol-tftp.rules) * 1:32681 <-> DISABLED <-> SERVER-WEBAPP Microsoft Outlook Web Access parameter cross site scripting attempt (server-webapp.rules) * 1:32682 <-> DISABLED <-> SERVER-WEBAPP Microsoft Outlook Web Access parameter cross site scripting attempt (server-webapp.rules) * 1:32693 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS out-of-bounds buffer access attempt (browser-ie.rules) * 1:32694 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS out-of-bounds buffer access attempt (browser-ie.rules) * 1:32697 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32698 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32699 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32700 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32701 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32702 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (browser-ie.rules) * 1:32720 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer element type confusion use after free attempt (browser-ie.rules) * 1:32730 <-> DISABLED <-> FILE-OTHER Microsoft Windows XP .theme file remote code execution attempt (file-other.rules) * 1:32744 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer DisplayChartPDF directory traversal attempt (server-webapp.rules) * 1:32745 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer information disclosure attempt (server-webapp.rules) * 1:32746 <-> DISABLED <-> SERVER-WEBAPP Wordpress OptimizePress plugin theme upload attempt (server-webapp.rules) * 1:32773 <-> DISABLED <-> SERVER-WEBAPP Symantec messaging gateway management console cross-site scripting attempt (server-webapp.rules) * 1:32777 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CheaderElement use after free attempt (browser-ie.rules) * 1:32778 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CheaderElement use after free attempt (browser-ie.rules) * 1:32787 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:32788 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:32789 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:32790 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (file-pdf.rules) * 1:32797 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:32798 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:32799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:32800 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (file-pdf.rules) * 1:32805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32806 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32807 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32811 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32812 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex buffer overflow attempt (file-flash.rules) * 1:32821 <-> DISABLED <-> FILE-PDF Cross Domain potentially malicious redirection attempt (file-pdf.rules) * 1:32822 <-> DISABLED <-> FILE-PDF Cross Domain potentially malicious redirection attempt (file-pdf.rules) * 1:32838 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ANTrustPropgateAll privilege propagation attempt (file-pdf.rules) * 1:32839 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ANTrustPropgateAll privilege propagation attempt (file-pdf.rules) * 1:32840 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:32841 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (browser-plugins.rules) * 1:32842 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:32843 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules) * 1:32844 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules) * 1:32872 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff exploit attempt (file-office.rules) * 1:32885 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules) * 1:32886 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules) * 1:32894 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX clsid access attempt (browser-plugins.rules) * 1:32895 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX function call access attempt (browser-plugins.rules) * 1:32896 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX clsid access attempt (browser-plugins.rules) * 1:32897 <-> DISABLED <-> BROWSER-PLUGINS HP Sprinter Tidestone ActiveX function call access attempt (browser-plugins.rules) * 1:32901 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules) * 1:32902 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules) * 1:32940 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed Label record exploit attempt (file-office.rules) * 1:32941 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:32942 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules) * 1:32943 <-> DISABLED <-> FILE-OTHER Microsoft SYmbolic LinK stack overflow attempt (file-other.rules) * 1:32960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:32961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules) * 1:32965 <-> DISABLED <-> OS-WINDOWS Microsoft Windows identity token authorization bypass attempt (os-windows.rules) * 1:32966 <-> DISABLED <-> OS-WINDOWS Microsoft Windows identity token authorization bypass attempt (os-windows.rules) * 1:32968 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules) * 1:32969 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules) * 1:32970 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules) * 1:33005 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:33006 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:33007 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:33008 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules) * 1:33009 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules) * 1:33011 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules) * 1:33012 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules) * 1:33048 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebdavRedirector privilege escalation attempt (os-windows.rules) * 1:33049 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebdavRedirector privilege escalation attempt (os-windows.rules) * 1:33155 <-> DISABLED <-> OS-WINDOWS CryptProtectMemory Impersonation Check Bypass attempt (os-windows.rules) * 1:33156 <-> DISABLED <-> OS-WINDOWS CryptProtectMemory Impersonation Check Bypass attempt (os-windows.rules) * 1:33159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVM2 opcode type confusion denial of service attempt (file-flash.rules) * 1:33160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVM2 opcode type confusion denial of service attempt (file-flash.rules) * 1:33162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:33163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:33178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:33179 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:33180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:33181 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules) * 1:33197 <-> DISABLED <-> SERVER-OTHER BMC Track-It FileStorageService directory traversal attempt (server-other.rules) * 1:33205 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC 2.1.5 Media Player libavcodex memory corruption attempt (file-multimedia.rules) * 1:33206 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC 2.1.5 Media Player libavcodex memory corruption attempt (file-multimedia.rules) * 1:33213 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader newfunction memory corruption attempt (file-pdf.rules) * 1:33214 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader newfunction memory corruption attempt (file-pdf.rules) * 1:33287 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer same origin policy bypass attempt (browser-ie.rules) * 1:33288 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer same origin policy bypass attempt (browser-ie.rules) * 1:33307 <-> DISABLED <-> FILE-OTHER Microsoft Visio packed object parsing memory corruption attempt (file-other.rules) * 1:33308 <-> DISABLED <-> FILE-OTHER Microsoft Visio packed object parsing memory corruption attempt (file-other.rules) * 1:33319 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:33320 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:33321 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:33322 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (browser-ie.rules) * 1:33343 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 x64 linked cursor double free attempt (os-windows.rules) * 1:33344 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 x64 linked cursor double free attempt (os-windows.rules) * 1:33352 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 error handler XSS exploit attempt (browser-ie.rules) * 1:33355 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys use-after-free attempt (os-windows.rules) * 1:33363 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:33364 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:33413 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer unitialized memory access attempt (browser-ie.rules) * 1:33414 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer unitialized memory access attempt (browser-ie.rules) * 1:33423 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CHeaderElement object use after free attempt (browser-ie.rules) * 1:33424 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CHeaderElement object use after free attempt (browser-ie.rules) * 1:33436 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font integer overflow attempt (file-other.rules) * 1:33437 <-> DISABLED <-> FILE-OTHER Microsoft Windows True Type Font integer overflow attempt (file-other.rules) * 1:33441 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules) * 1:33442 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules) * 1:33577 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33578 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules) * 1:33615 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules) * 1:33651 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules) * 1:33652 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules) * 1:33653 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules) * 1:33657 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules) * 1:33658 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules) * 1:33659 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules) * 1:33676 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway restore.php command injection attempt (server-webapp.rules) * 1:33682 <-> DISABLED <-> SERVER-OTHER PHP unserialize use after free attempt (server-other.rules) * 1:33683 <-> DISABLED <-> SERVER-OTHER PHP unserialize use after free attempt (server-other.rules) * 1:33684 <-> DISABLED <-> FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (file-other.rules) * 1:33717 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Task Scheduler access control bypass attempt (os-windows.rules) * 1:33720 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 sandbox bypass attempt (browser-ie.rules) * 1:33721 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 sandbox bypass attempt (browser-ie.rules) * 1:33728 <-> DISABLED <-> OS-WINDOWS ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt (os-windows.rules) * 1:33729 <-> DISABLED <-> OS-WINDOWS ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt (os-windows.rules) * 1:33732 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font atlmfd.dll uninitialized memory read attempt (file-other.rules) * 1:33733 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font atlmfd.dll uninitialized memory read attempt (file-other.rules) * 1:33760 <-> DISABLED <-> FILE-IMAGE Microsoft Internet Explorer PNG tRNS chuck size 1 information disclosure attempt (file-image.rules) * 1:33761 <-> DISABLED <-> FILE-IMAGE Microsoft Internet Explorer PNG tRNS chuck size 1 information disclosure attempt (file-image.rules) * 1:33762 <-> DISABLED <-> SERVER-WEBAPP Microsoft Outlook WebAccess msgParam cross site scripting attempt (server-webapp.rules) * 1:33765 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetClipboardAccessToken privilege escalation attempt (os-windows.rules) * 1:33766 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetClipboardAccessToken privilege escalation attempt (os-windows.rules) * 1:33767 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserFnINOUTNCCALCSIZE kernel memory leak attempt (os-windows.rules) * 1:33768 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserFnINOUTNCCALCSIZE kernel memory leak attempt (os-windows.rules) * 1:33769 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserfnINSTRINGNULL memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:33770 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserfnINSTRINGNULL memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:33771 <-> DISABLED <-> FILE-OTHER Microsoft Windows jxr information disclosure attempt (file-other.rules) * 1:33772 <-> DISABLED <-> FILE-OTHER Microsoft Windows jxr information disclosure attempt (file-other.rules) * 1:33773 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CmpGetVirtualizationID race condition user impersonation attempt (os-windows.rules) * 1:33774 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CmpGetVirtualizationID race condition user impersonation attempt (os-windows.rules) * 1:33777 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33778 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33779 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33780 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33781 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33782 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33783 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33784 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33785 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33786 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33787 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33788 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33789 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33790 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33791 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33792 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33793 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33794 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33795 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33796 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33797 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33798 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33799 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33800 <-> DISABLED <-> SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (server-other.rules) * 1:33801 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33802 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33803 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33804 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33805 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33806 <-> DISABLED <-> SERVER-OTHER SSL request for export grade ciphersuite attempt (server-other.rules) * 1:33807 <-> DISABLED <-> SERVER-MAIL Microsoft Exchange OWA X-OWA-CANARY command injection attempt (server-mail.rules) * 1:33808 <-> DISABLED <-> SERVER-OTHER Microsoft Sharepoint Server Newsfeed XSS attempt (server-other.rules) * 1:33809 <-> DISABLED <-> SERVER-OTHER Microsoft Sharepoint user display name XSS attempt (server-other.rules) * 1:33810 <-> DISABLED <-> SERVER-OTHER Microsoft Exchange Server custom DLP policy name cross-site scripting attempt (server-other.rules) * 1:33811 <-> DISABLED <-> SERVER-MAIL Microsoft Exchange UM Management user stored XSS attempt (server-mail.rules) * 1:33814 <-> DISABLED <-> SERVER-OTHER ElasticSearch script remote code execution attempt (server-other.rules) * 1:33824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules) * 1:33830 <-> DISABLED <-> SERVER-OTHER ElasticSearch script remote code execution attempt (server-other.rules) * 1:33897 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript iframe injection attempt (browser-ie.rules) * 1:33898 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript iframe injection attempt (browser-ie.rules) * 1:33903 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:33904 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:33971 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross domain policy bypass attempt (file-flash.rules) * 1:33972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross domain policy bypass attempt (file-flash.rules) * 1:33973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed file cross domain policy bypass attempt (file-flash.rules) * 1:33974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed file cross domain policy bypass attempt (file-flash.rules) * 1:34068 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 invalid array element read attempt (browser-ie.rules) * 1:34069 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 11 invalid array element read attempt (browser-ie.rules) * 1:34078 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:34079 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:34080 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:34081 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (file-executable.rules) * 1:34088 <-> DISABLED <-> SERVER-IIS Web.config information disclosure attempt (server-iis.rules) * 1:34095 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtCreateTransactionManager type confusion attempt (os-windows.rules) * 1:34096 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtCreateTransactionManager type confusion attempt (os-windows.rules) * 1:34097 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML3 external entity injection attempt (browser-ie.rules) * 1:34098 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML3 external entity injection attempt (browser-ie.rules) * 1:34099 <-> DISABLED <-> SERVER-OTHER Microsoft SharePoint projectdetails.aspx ret parameter XSS attempt (server-other.rules) * 1:34109 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:34110 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (browser-firefox.rules) * 1:34123 <-> DISABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:34124 <-> DISABLED <-> SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (server-webapp.rules) * 1:34141 <-> DISABLED <-> SERVER-OTHER Oracle CorelDRAW file parser heap buffer overflow attempt (server-other.rules) * 1:34142 <-> DISABLED <-> SERVER-OTHER Oracle CorelDRAW file parser heap buffer overflow attempt (server-other.rules) * 1:34147 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:34148 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:34149 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:34150 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (file-flash.rules) * 1:34232 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:34233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:34234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:34235 <-> DISABLED <-> FILE-FLASH Adobe Flash Player potential information disclosure attempt (file-flash.rules) * 1:34306 <-> DISABLED <-> SERVER-WEBAPP Subversion HTTP excessive REPORT requests denial of service attempt (server-webapp.rules) * 1:34349 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34350 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34351 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34352 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34353 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34365 <-> DISABLED <-> SERVER-WEBAPP Magento remote code execution attempt (server-webapp.rules) * 1:34377 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetComboBoxInfo information disclosure attempt (os-windows.rules) * 1:34378 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetComboBoxInfo information disclosure attempt (os-windows.rules) * 1:34379 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox privilege escalation attempt (browser-ie.rules) * 1:34380 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox privilege escalation attempt (browser-ie.rules) * 1:34391 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer TextData out of bounds read attempt (browser-ie.rules) * 1:34392 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer TextData out of bounds read attempt (browser-ie.rules) * 1:34393 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:34394 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:34407 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox bypass attempt (browser-ie.rules) * 1:34408 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer protected mode sandbox bypass attempt (browser-ie.rules) * 1:34413 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetScrollBarInfo information disclosure attempt (os-windows.rules) * 1:34414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserGetScrollBarInfo information disclosure attempt (os-windows.rules) * 1:34426 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:34427 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:34434 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET XML recursive call denial of service attempt (os-windows.rules) * 1:34435 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET XML recursive call denial of service attempt (os-windows.rules) * 1:34438 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Explorer .msc file stack overflow attempt (os-windows.rules) * 1:34439 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Explorer .msc file stack overflow attempt (os-windows.rules) * 1:34442 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NTUserGetTitleBarInfo information disclosure attempt (os-windows.rules) * 1:34443 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NTUserGetTitleBarInfo information disclosure attempt (os-windows.rules) * 1:34472 <-> DISABLED <-> SERVER-WEBAPP Symantec Critical System Protection SQL injection attempt (server-webapp.rules) * 1:34479 <-> DISABLED <-> FILE-EXECUTABLE Adobe Flash Player Internet Explorer broker process directory traversal attempt (file-executable.rules) * 1:34480 <-> DISABLED <-> FILE-EXECUTABLE Adobe Flash Player Internet Explorer broker process directory traversal attempt (file-executable.rules) * 1:34481 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34482 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34483 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34484 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34485 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34486 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34487 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34488 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules) * 1:34492 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:34493 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:34494 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:34495 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules) * 1:34528 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader AVDoc use-after-free attempt (file-pdf.rules) * 1:34529 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader AVDoc use-after-free attempt (file-pdf.rules) * 1:34532 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader customDictionaryExport information disclosure attempt (file-pdf.rules) * 1:34533 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader customDictionaryExport information disclosure attempt (file-pdf.rules) * 1:34534 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PRC invalid index attempt (file-pdf.rules) * 1:34535 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PRC invalid index attempt (file-pdf.rules) * 1:34536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules) * 1:34537 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules) * 1:34566 <-> DISABLED <-> FILE-OTHER Microsoft Windows Font Library file buffer overflow attempt (file-other.rules) * 1:34573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34576 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:34578 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:34579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:34580 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules) * 1:34585 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34587 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (file-flash.rules) * 1:34603 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules) * 1:34643 <-> DISABLED <-> BROWSER-PLUGINS Schneider Electric Pelco Rvctl.RVControl.1 ActiveX clsid access attempt ActiveX clsid access (browser-plugins.rules) * 1:34644 <-> DISABLED <-> BROWSER-PLUGINS Schneider Electric Pelco Rvctl.RVControl.1 ActiveX clsid access attempt ActiveX function call (browser-plugins.rules) * 1:34751 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ieframe.dll privilege escalation attempt (browser-ie.rules) * 1:34752 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ieframe.dll privilege escalation attempt (browser-ie.rules) * 1:34769 <-> DISABLED <-> SERVER-IIS Microsoft Active Directory Federation Services wct parameter cross site scripting attempt (server-iis.rules) * 1:34770 <-> DISABLED <-> OS-WINDOWS Microsoft Windows bitmap menu item use after free attempt (os-windows.rules) * 1:34771 <-> DISABLED <-> OS-WINDOWS Microsoft Windows bitmap menu item use after free attempt (os-windows.rules) * 1:34772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MOTW.dll sandbox escape attempt (browser-ie.rules) * 1:34773 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MOTW.dll sandbox escape attempt (browser-ie.rules) * 1:34774 <-> DISABLED <-> OS-WINDOWS Microsoft Windows multiple linked fonts memory corruption attempt (os-windows.rules) * 1:34775 <-> DISABLED <-> OS-WINDOWS Microsoft Windows multiple linked fonts memory corruption attempt (os-windows.rules) * 1:34776 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserMessageCall information disclosure attempt (os-windows.rules) * 1:34777 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserMessageCall information disclosure attempt (os-windows.rules) * 1:34780 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context visible region memory corruption attempt (file-other.rules) * 1:34781 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context visible region memory corruption attempt (file-other.rules) * 1:34782 <-> DISABLED <-> OS-WINDOWS Microsoft Windows BrushAttributes use-after-free attempt (os-windows.rules) * 1:34783 <-> DISABLED <-> OS-WINDOWS Microsoft Windows BrushAttributes use-after-free attempt (os-windows.rules) * 1:34784 <-> DISABLED <-> OS-WINDOWS Microsoft Windows window placement invalid memory write attempt (os-windows.rules) * 1:34785 <-> DISABLED <-> OS-WINDOWS Microsoft Windows window placement invalid memory write attempt (os-windows.rules) * 1:34786 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context memory corruption attempt (file-other.rules) * 1:34787 <-> DISABLED <-> FILE-OTHER Microsoft Windows device context memory corruption attempt (file-other.rules) * 1:34788 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 CreateWindowEx privilege escalation attempt (os-windows.rules) * 1:34789 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 8 CreateWindowEx privilege escalation attempt (os-windows.rules) * 1:34792 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:34793 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (os-windows.rules) * 1:34812 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:34813 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:34814 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:34815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (file-flash.rules) * 1:34836 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:34837 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:34838 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:34839 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (file-flash.rules) * 1:34858 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:34859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:34860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:34861 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (file-flash.rules) * 1:34889 <-> DISABLED <-> SERVER-OTHER OpenSSL denial-of-service via crafted x.509 certificate attempt (server-other.rules) * 1:34960 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (server-webapp.rules) * 1:34961 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (server-webapp.rules) * 1:34962 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (server-webapp.rules) * 1:34979 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (server-webapp.rules) * 1:34980 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (server-webapp.rules) * 1:34981 <-> DISABLED <-> SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (server-webapp.rules) * 1:34984 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:34985 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:34986 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:34987 <-> DISABLED <-> FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (file-other.rules) * 1:35022 <-> DISABLED <-> FILE-MULTIMEDIA Apple Quicktime corrupt stbl atom out of bounds read attempt (file-multimedia.rules) * 1:35023 <-> DISABLED <-> FILE-MULTIMEDIA Apple Quicktime corrupt stbl atom out of bounds read attempt (file-multimedia.rules) * 1:35038 <-> DISABLED <-> SERVER-OTHER Trustwave ModSecurity chunked transfer encoding policy bypass attempt (server-other.rules) * 1:35105 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:35106 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:35107 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:35108 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (os-windows.rules) * 1:35116 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer svg elements use after free attempt (browser-ie.rules) * 1:35117 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer svg elements use after free attempt (browser-ie.rules) * 1:35127 <-> DISABLED <-> BROWSER-IE Microsoft Windows Internet Explorer local file information disclosure attempt (browser-ie.rules) * 1:35128 <-> DISABLED <-> BROWSER-IE Microsoft Windows Internet Explorer local file information disclosure attempt (browser-ie.rules) * 1:35129 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid table information disclosure attempt (file-office.rules) * 1:35130 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid table information disclosure attempt (file-office.rules) * 1:35131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserDisableProcessWindowFiltering information disclosure attempt (os-windows.rules) * 1:35132 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserDisableProcessWindowFiltering information disclosure attempt (os-windows.rules) * 1:35133 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox read permission bypass attempt (browser-ie.rules) * 1:35134 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox read permission bypass attempt (browser-ie.rules) * 1:35135 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DeferWindowPos access after release code injection attempt (os-windows.rules) * 1:35136 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DeferWindowPos access after release code injection attempt (os-windows.rules) * 1:35149 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop reference use after free attempt (os-windows.rules) * 1:35150 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop reference use after free attempt (os-windows.rules) * 1:35160 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:35161 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:35162 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:35163 <-> DISABLED <-> FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (file-flash.rules) * 1:35166 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF object remote code execution attempt (file-office.rules) * 1:35167 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF object remote code execution attempt (file-office.rules) * 1:35174 <-> DISABLED <-> OS-WINDOWS DCOM DCE/RPC NTLM reflection elevation of privilege attempt (os-windows.rules) * 1:35175 <-> DISABLED <-> OS-WINDOWS DCOM DCE/RPC NTLM reflection elevation of privilege attempt (os-windows.rules) * 1:35186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:35187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:35188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:35189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (file-flash.rules) * 1:35282 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:35283 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:35284 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:35285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (file-flash.rules) * 1:35310 <-> DISABLED <-> SERVER-WEBAPP Centreon getStats.php command injection attempt (server-webapp.rules) * 1:35311 <-> DISABLED <-> SERVER-WEBAPP Centreon getStats.php command injection attempt (server-webapp.rules) * 1:35354 <-> DISABLED <-> SERVER-WEBAPP Cacti graphs local_graph_id SQL injection attempt (server-webapp.rules) * 1:35376 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:35377 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:35378 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:35379 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site file download attempt (file-flash.rules) * 1:35419 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:35420 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:35421 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:35422 <-> DISABLED <-> BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (browser-plugins.rules) * 1:35440 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:35441 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:35442 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:35443 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules) * 1:35444 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:35445 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:35446 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:35447 <-> DISABLED <-> BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (browser-plugins.rules) * 1:35487 <-> DISABLED <-> OS-WINDOWS Windows Notepad remote printer file access attempt (os-windows.rules) * 1:35488 <-> DISABLED <-> OS-WINDOWS Windows Notepad remote printer file access attempt (os-windows.rules) * 1:35513 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtGdiGetTextMetricsW TEXTMETRICW kernel mode ASLR bypass attempt (os-windows.rules) * 1:35514 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtGdiGetTextMetricsW TEXTMETRICW kernel mode ASLR bypass attempt (os-windows.rules) * 1:35560 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules) * 1:35561 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (file-multimedia.rules) * 1:35562 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (file-multimedia.rules) * 1:35563 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime esds atom buffer overread attempt (file-multimedia.rules) * 1:35564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime esds atom buffer overread attempt (file-multimedia.rules) * 1:35567 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid mvhd atom size out of bounds read attempt (file-multimedia.rules) * 1:35568 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid mvhd atom size out of bounds read attempt (file-multimedia.rules) * 1:35594 <-> DISABLED <-> SERVER-WEBAPP Websense Triton Content Manager handle_debug_network stack buffer overflow attempt (server-webapp.rules) * 1:35614 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:35615 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:35616 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:35617 <-> DISABLED <-> BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (browser-plugins.rules) * 1:35628 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime tkhd atom matrix integer overflow attempt (file-multimedia.rules) * 1:35629 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime tkhd atom matrix integer overflow attempt (file-multimedia.rules) * 1:35638 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (file-flash.rules) * 1:35639 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (file-flash.rules) * 1:35640 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object after free attempt (file-flash.rules) * 1:35641 <-> DISABLED <-> FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (file-flash.rules) * 1:35687 <-> DISABLED <-> SERVER-WEBAPP Semantec Endpoint Protection Manager server elevated privilege code execution attempt (server-webapp.rules) * 1:35707 <-> DISABLED <-> SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (server-webapp.rules) * 1:35708 <-> DISABLED <-> SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (server-webapp.rules) * 1:35709 <-> DISABLED <-> SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (server-webapp.rules) * 1:35731 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV invalid character argument injection attempt (os-windows.rules) * 1:35739 <-> DISABLED <-> FILE-PDF Adobe Reader GoToE javascript execution attempt (file-pdf.rules) * 1:35740 <-> DISABLED <-> FILE-PDF Adobe Reader GoToE javascript execution attempt (file-pdf.rules) * 1:35747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:35748 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:35771 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:35772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (browser-ie.rules) * 1:35779 <-> DISABLED <-> FILE-PDF Adobe Reader out of bounds memory read attempt (file-pdf.rules) * 1:35780 <-> DISABLED <-> FILE-PDF Adobe Reader out of bounds memory read attempt (file-pdf.rules) * 1:35784 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm null pointer dereference attempt (file-pdf.rules) * 1:35785 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm null pointer dereference attempt (file-pdf.rules) * 1:35805 <-> DISABLED <-> FILE-EXECUTABLE Adobe Reader NtSetInformationFile privilege escalation attempt (file-executable.rules) * 1:35806 <-> DISABLED <-> FILE-EXECUTABLE Adobe Reader NtSetInformationFile privilege escalation attempt (file-executable.rules) * 1:35807 <-> DISABLED <-> FILE-PDF Adobe Reader validation bypass privilege escalation attempt (file-pdf.rules) * 1:35808 <-> DISABLED <-> FILE-PDF Adobe Reader validation bypass privilege escalation attempt (file-pdf.rules) * 1:35817 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server RenameFile method directory traversal attempt (server-webapp.rules) * 1:35818 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server RenameFile method directory traversal attempt (server-webapp.rules) * 1:35843 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server MoveFile method directory traversal attempt (server-webapp.rules) * 1:35844 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca Server MoveFile method directory traversal attempt (server-webapp.rules) * 1:35847 <-> DISABLED <-> SERVER-WEBAPP Oracle Endeca server directory traversal attempt (server-webapp.rules) * 1:35859 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime traf atom out of bounds read attempt (file-multimedia.rules) * 1:35860 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime traf atom out of bounds read attempt (file-multimedia.rules) * 1:35967 <-> DISABLED <-> BROWSER-IE Microsoft Windows Edge sandbox CreateFileW arbitrary file delete attempt (browser-ie.rules) * 1:35968 <-> DISABLED <-> BROWSER-IE Microsoft Windows Edge sandbox CreateFileW arbitrary file delete attempt (browser-ie.rules) * 1:35977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CreateObjectTask privilege escalation attempt (os-windows.rules) * 1:35978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CreateObjectTask privilege escalation attempt (os-windows.rules) * 1:35986 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserSetWindowsHook memory disclosure attempt (os-windows.rules) * 1:35987 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NtUserSetWindowsHook memory disclosure attempt (os-windows.rules) * 1:35988 <-> DISABLED <-> FILE-EXECUTABLE NtGdiStretchBlt buffer overflow privilege escalation attempt (file-executable.rules) * 1:35989 <-> DISABLED <-> FILE-EXECUTABLE NtGdiStretchBlt buffer overflow privilege escalation attempt (file-executable.rules) * 1:35994 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop window privilege escalation attempt (os-windows.rules) * 1:35995 <-> DISABLED <-> OS-WINDOWS Microsoft Windows desktop window privilege escalation attempt (os-windows.rules) * 1:35998 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer msGetRegionContent memory corruption attempt (browser-ie.rules) * 1:35999 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer msGetRegionContent memory corruption attempt (browser-ie.rules) * 1:36010 <-> DISABLED <-> OS-WINDOWS Microsoft Windows task scheduler race condition attempt (os-windows.rules) * 1:36011 <-> DISABLED <-> OS-WINDOWS Microsoft Windows task scheduler race condition attempt (os-windows.rules) * 1:36012 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kernel SettingsSyncDiagnostics privilege escalation attempt (os-windows.rules) * 1:36013 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kernel SettingsSyncDiagnostics privilege escalation attempt (os-windows.rules) * 1:36016 <-> DISABLED <-> OS-WINDOWS Microsoft Windows use after free kernel privilege escalation attempt (os-windows.rules) * 1:36017 <-> DISABLED <-> OS-WINDOWS Microsoft Windows use after free kernel privilege escalation attempt (os-windows.rules) * 1:36020 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM SetValue sandbox bypass attempt (browser-ie.rules) * 1:36021 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EPM SetValue sandbox bypass attempt (browser-ie.rules) * 1:36028 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Win32k.sys use after free attempt (os-windows.rules) * 1:36029 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Win32k.sys use after free attempt (os-windows.rules) * 1:36057 <-> DISABLED <-> SERVER-WEBAPP Apache ActiveMQ directory traversal attempt (server-webapp.rules) * 1:36067 <-> DISABLED <-> SERVER-OTHER ElasticSearch script remote code execution attempt (server-other.rules) * 1:36277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:36278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:36279 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:36280 <-> DISABLED <-> FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (file-flash.rules) * 1:36331 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Alina variant outbound connection (malware-cnc.rules) * 1:36403 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SepReferenceLowBoxObjects privilege escalation attempt (os-windows.rules) * 1:36404 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SepReferenceLowBoxObjects privilege escalation attempt (os-windows.rules) * 1:36405 <-> DISABLED <-> OS-WINDOWS Microsoft Windows sandbox policy bypass attempt (os-windows.rules) * 1:36406 <-> DISABLED <-> OS-WINDOWS Microsoft Windows sandbox policy bypass attempt (os-windows.rules) * 1:36407 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:36408 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:36409 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:36410 <-> DISABLED <-> OS-WINDOWS RDP client dll-load exploit attempt (os-windows.rules) * 1:36411 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:36412 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:36413 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:36414 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (browser-ie.rules) * 1:36415 <-> DISABLED <-> OS-WINDOWS Microsoft Windows kernel ALPC synchronous requests memory corruption attempt (os-windows.rules) * 1:36416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows kernel ALPC synchronous requests memory corruption attempt (os-windows.rules) * 1:36431 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:36432 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:36445 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (os-windows.rules) * 1:36446 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (os-windows.rules) * 1:36447 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSharedStyle object out-of-bounds read attempt (browser-ie.rules) * 1:36448 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSharedStyle object out-of-bounds read attempt (browser-ie.rules) * 1:36452 <-> DISABLED <-> BROWSER-IE Microsoft Edge cross site scripting filter bypass attempt (browser-ie.rules) * 1:36458 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:36459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (browser-ie.rules) * 1:36463 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack Server opcode 1332 buffer overflow attempt (server-other.rules) * 1:36476 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:36477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:36478 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:36479 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (file-flash.rules) * 1:36559 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:36560 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (browser-ie.rules) * 1:36562 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:36563 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules) * 1:36606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36607 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36608 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (file-flash.rules) * 1:36615 <-> DISABLED <-> SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (server-webapp.rules) * 1:36616 <-> DISABLED <-> SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (server-webapp.rules) * 1:36617 <-> DISABLED <-> SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (server-webapp.rules) * 1:36693 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer style object stylesheet use after free attempt (browser-ie.rules) * 1:36694 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer style object stylesheet use after free attempt (browser-ie.rules) * 1:4155 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer htmlfile ActiveX object access attempt (browser-plugins.rules) * 1:7002 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel url unicode overflow attempt (file-office.rules)
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
