Talos Rules 2020-10-27
This release adds and modifies rules in several categories.

Talos has added and modified multiple rules in the browser-chrome, browser-ie, browser-plugins, browser-webkit, exploit-kit, file-flash, file-identify, file-java, file-multimedia, file-office, file-other, file-pdf, malware-backdoor, malware-cnc, malware-other, malware-tools, os-other, os-windows, policy-other, protocol-other, protocol-scada, protocol-telnet, pua-adware, server-apache, server-other and sql rule sets to provide coverage for emerging threats from these technologies.

For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.

Change logs

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091601.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)

Modified Rules:


 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091600.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)

Modified Rules:


 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091501.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)

Modified Rules:


 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091500.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)

Modified Rules:


 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091401.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)

Modified Rules:


 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091300.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)

Modified Rules:


 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091101.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)

Modified Rules:


 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3000.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (snort3-malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (snort3-malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (snort3-malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (snort3-malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (snort3-malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (snort3-malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (snort3-malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (snort3-malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (snort3-malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (snort3-server-webapp.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (snort3-malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (snort3-malware-other.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (snort3-malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (snort3-malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (snort3-malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (snort3-malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (snort3-malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (snort3-malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (snort3-malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (snort3-malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (snort3-server-webapp.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (snort3-malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (snort3-malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (snort3-malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (snort3-malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (snort3-malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (snort3-server-webapp.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (snort3-malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (snort3-malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (snort3-malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (snort3-malware-other.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (snort3-malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (snort3-malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (snort3-malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (snort3-server-webapp.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (snort3-malware-other.rules)

Modified Rules:


 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (snort3-file-flash.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (snort3-malware-cnc.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (snort3-exploit-kit.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (snort3-file-identify.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (snort3-malware-tools.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (snort3-file-java.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (snort3-exploit-kit.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (snort3-browser-ie.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (snort3-file-flash.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (snort3-exploit-kit.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (snort3-file-flash.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (snort3-file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (snort3-file-flash.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (snort3-exploit-kit.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (snort3-file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (snort3-file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (snort3-file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (snort3-file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (snort3-file-flash.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (snort3-file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (snort3-file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (snort3-file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (snort3-file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (snort3-os-windows.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (snort3-file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (snort3-file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (snort3-file-flash.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (snort3-file-office.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (snort3-file-flash.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (snort3-malware-cnc.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (snort3-file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (snort3-file-flash.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (snort3-file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (snort3-file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (snort3-file-flash.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (snort3-file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (snort3-file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (snort3-file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (snort3-file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (snort3-file-office.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (snort3-file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (snort3-file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (snort3-file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (snort3-file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (snort3-file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (snort3-file-office.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (snort3-file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (snort3-file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (snort3-file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (snort3-file-other.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (snort3-file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (snort3-file-office.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (snort3-file-office.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (snort3-file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (snort3-file-flash.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (snort3-file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (snort3-file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (snort3-file-flash.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (snort3-file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (snort3-file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (snort3-file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (snort3-file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (snort3-file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (snort3-file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (snort3-file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (snort3-file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (snort3-file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (snort3-file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (snort3-file-flash.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (snort3-os-windows.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (snort3-file-flash.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (snort3-file-other.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (snort3-file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (snort3-file-office.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (snort3-file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (snort3-file-office.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (snort3-file-other.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (snort3-file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (snort3-file-flash.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (snort3-malware-cnc.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (snort3-file-pdf.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (snort3-file-identify.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (snort3-file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (snort3-file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (snort3-file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (snort3-file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (snort3-file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (snort3-file-office.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (snort3-file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (snort3-file-office.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (snort3-file-flash.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (snort3-file-flash.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (snort3-server-apache.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (snort3-server-apache.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (snort3-file-java.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (snort3-file-java.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (snort3-server-other.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (snort3-file-java.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (snort3-exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (snort3-exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (snort3-server-other.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (snort3-exploit-kit.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (snort3-exploit-kit.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (snort3-file-java.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (snort3-exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (snort3-exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (snort3-server-webapp.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (snort3-exploit-kit.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (snort3-exploit-kit.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (snort3-file-pdf.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (snort3-browser-plugins.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (snort3-exploit-kit.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (snort3-file-flash.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (snort3-file-flash.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (snort3-browser-plugins.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (snort3-browser-plugins.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (snort3-file-java.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (snort3-browser-ie.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (snort3-exploit-kit.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (snort3-file-flash.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (snort3-file-java.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (snort3-file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (snort3-file-pdf.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (snort3-browser-ie.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (snort3-file-java.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (snort3-file-pdf.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (snort3-file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (snort3-server-webapp.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (snort3-file-other.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (snort3-exploit-kit.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (snort3-file-flash.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (snort3-file-other.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (snort3-file-java.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (snort3-file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (snort3-sql.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (snort3-exploit-kit.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (snort3-exploit-kit.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (snort3-file-flash.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (snort3-server-other.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (snort3-file-other.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (snort3-file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (snort3-server-webapp.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (snort3-file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (snort3-file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (snort3-file-flash.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (snort3-file-flash.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (snort3-file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (snort3-server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (snort3-browser-ie.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (snort3-server-other.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (snort3-exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (snort3-exploit-kit.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (snort3-exploit-kit.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (snort3-exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (snort3-exploit-kit.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (snort3-exploit-kit.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (snort3-file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (snort3-file-java.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (snort3-exploit-kit.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (snort3-malware-backdoor.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (snort3-file-java.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (snort3-file-java.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (snort3-exploit-kit.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (snort3-exploit-kit.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (snort3-file-java.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (snort3-file-flash.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (snort3-exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (snort3-malware-other.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (snort3-file-java.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (snort3-exploit-kit.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (snort3-exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (snort3-malware-cnc.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (snort3-exploit-kit.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (snort3-file-pdf.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (snort3-file-java.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (snort3-exploit-kit.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (snort3-file-java.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (snort3-file-pdf.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (snort3-file-java.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (snort3-file-other.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (snort3-file-pdf.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (snort3-file-flash.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (snort3-file-flash.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (snort3-file-java.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (snort3-file-flash.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (snort3-exploit-kit.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (snort3-file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (snort3-file-flash.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (snort3-file-flash.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (snort3-browser-ie.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (snort3-file-java.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (snort3-file-java.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (snort3-file-pdf.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (snort3-exploit-kit.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (snort3-file-java.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (snort3-server-other.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (snort3-exploit-kit.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (snort3-exploit-kit.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (snort3-file-java.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (snort3-server-other.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (snort3-server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (snort3-server-other.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (snort3-malware-backdoor.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (snort3-os-other.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (snort3-server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (snort3-file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (snort3-file-flash.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (snort3-file-other.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (snort3-server-other.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (snort3-server-other.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (snort3-file-flash.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (snort3-file-flash.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (snort3-server-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (snort3-file-office.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (snort3-file-office.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (snort3-file-other.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (snort3-file-other.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (snort3-file-java.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (snort3-file-java.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (snort3-os-windows.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (snort3-file-flash.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (snort3-file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (snort3-file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (snort3-file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (snort3-file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (snort3-file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (snort3-exploit-kit.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (snort3-file-flash.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (snort3-exploit-kit.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (snort3-file-flash.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (snort3-file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (snort3-file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (snort3-file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (snort3-file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (snort3-file-flash.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (snort3-file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (snort3-file-pdf.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (snort3-file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (snort3-exploit-kit.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (snort3-file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (snort3-server-webapp.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (snort3-file-flash.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (snort3-file-office.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (snort3-file-flash.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (snort3-protocol-telnet.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (snort3-file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (snort3-file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (snort3-exploit-kit.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (snort3-file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (snort3-file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (snort3-file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (snort3-file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (snort3-file-office.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (snort3-exploit-kit.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (snort3-exploit-kit.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (snort3-file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (snort3-file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (snort3-file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (snort3-file-flash.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (snort3-file-other.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (snort3-file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (snort3-file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (snort3-file-multimedia.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (snort3-file-flash.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (snort3-file-flash.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (snort3-pua-adware.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (snort3-file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (snort3-file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (snort3-file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (snort3-file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (snort3-file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (snort3-file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (snort3-file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (snort3-file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (snort3-file-flash.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (snort3-file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (snort3-file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (snort3-file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (snort3-file-office.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (snort3-file-flash.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (snort3-server-webapp.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (snort3-file-office.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (snort3-file-flash.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (snort3-exploit-kit.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (snort3-file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (snort3-file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (snort3-file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (snort3-file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (snort3-exploit-kit.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (snort3-file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (snort3-file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (snort3-file-office.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (snort3-file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (snort3-file-flash.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (snort3-file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (snort3-file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (snort3-file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (snort3-file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (snort3-file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (snort3-file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (snort3-file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (snort3-file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (snort3-file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (snort3-file-flash.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (snort3-file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (snort3-file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (snort3-file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (snort3-file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (snort3-file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (snort3-file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (snort3-file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (snort3-file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (snort3-file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (snort3-file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (snort3-file-flash.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (snort3-file-office.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (snort3-file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (snort3-file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (snort3-file-office.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (snort3-file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (snort3-file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (snort3-file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (snort3-file-other.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (snort3-file-office.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (snort3-file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (snort3-file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (snort3-file-flash.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (snort3-file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (snort3-file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (snort3-file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (snort3-file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (snort3-exploit-kit.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (snort3-file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (snort3-file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (snort3-file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (snort3-file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (snort3-protocol-other.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (snort3-file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (snort3-os-windows.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (snort3-file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (snort3-file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (snort3-file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (snort3-file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (snort3-file-flash.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (snort3-file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (snort3-file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (snort3-file-flash.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)

Modified Rules:


 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)