Talos Rules 2020-10-27
This release adds and modifies rules in several categories.

Talos has added and modified multiple rules in the browser-chrome, browser-ie, browser-plugins, browser-webkit, exploit-kit, file-flash, file-identify, file-java, file-multimedia, file-office, file-other, file-pdf, malware-backdoor, malware-cnc, malware-other, malware-tools, os-other, os-windows, policy-other, protocol-other, protocol-scada, protocol-telnet, pua-adware, server-apache, server-other and sql rule sets to provide coverage for emerging threats from these technologies.

Change logs

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091601.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)

Modified Rules:


 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091600.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)

Modified Rules:


 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091501.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)

Modified Rules:


 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091500.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)

Modified Rules:


 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091401.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)

Modified Rules:


 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091300.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)

Modified Rules:


 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091101.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)

Modified Rules:


 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3000.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (snort3-malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (snort3-malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (snort3-malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (snort3-malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (snort3-malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (snort3-malware-other.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (snort3-malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (snort3-malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (snort3-malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (snort3-server-webapp.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (snort3-malware-other.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (snort3-malware-other.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (snort3-malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (snort3-malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (snort3-malware-other.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (snort3-malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (snort3-malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (snort3-malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (snort3-malware-other.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (snort3-malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (snort3-server-webapp.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (snort3-malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (snort3-malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (snort3-malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (snort3-malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (snort3-malware-other.rules)
 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (snort3-server-webapp.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (snort3-malware-other.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (snort3-malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (snort3-malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (snort3-malware-other.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (snort3-malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (snort3-malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (snort3-malware-other.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (snort3-server-webapp.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (snort3-malware-other.rules)

Modified Rules:


 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (snort3-file-flash.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (snort3-malware-cnc.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (snort3-exploit-kit.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (snort3-file-identify.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (snort3-malware-tools.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (snort3-file-java.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (snort3-exploit-kit.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (snort3-browser-ie.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (snort3-file-flash.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (snort3-exploit-kit.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (snort3-file-flash.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (snort3-file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (snort3-file-flash.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (snort3-exploit-kit.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (snort3-file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (snort3-file-flash.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (snort3-file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (snort3-file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (snort3-file-flash.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (snort3-file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (snort3-file-flash.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (snort3-file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (snort3-file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (snort3-os-windows.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (snort3-file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (snort3-file-flash.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (snort3-file-flash.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (snort3-file-office.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (snort3-file-flash.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (snort3-malware-cnc.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (snort3-file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (snort3-file-flash.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (snort3-file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (snort3-file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (snort3-file-flash.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (snort3-file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (snort3-file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (snort3-file-flash.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (snort3-file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (snort3-file-office.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (snort3-file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (snort3-file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (snort3-file-flash.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (snort3-file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (snort3-file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (snort3-file-office.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (snort3-file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (snort3-file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (snort3-file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (snort3-file-other.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (snort3-file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (snort3-file-office.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (snort3-file-office.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (snort3-file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (snort3-file-flash.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (snort3-file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (snort3-file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (snort3-file-flash.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (snort3-file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (snort3-file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (snort3-file-flash.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (snort3-file-flash.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (snort3-file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (snort3-file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (snort3-file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (snort3-file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (snort3-file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (snort3-file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (snort3-file-flash.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (snort3-os-windows.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (snort3-file-flash.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (snort3-file-other.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (snort3-file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (snort3-file-office.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (snort3-file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (snort3-file-office.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (snort3-file-other.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (snort3-file-flash.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (snort3-file-flash.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (snort3-malware-cnc.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (snort3-file-pdf.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (snort3-file-identify.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (snort3-file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (snort3-file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (snort3-file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (snort3-file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (snort3-file-flash.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (snort3-file-office.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (snort3-file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (snort3-file-office.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (snort3-file-flash.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (snort3-file-flash.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (snort3-server-apache.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (snort3-server-apache.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (snort3-file-java.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (snort3-file-java.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (snort3-server-other.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (snort3-file-java.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (snort3-exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (snort3-exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (snort3-server-other.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (snort3-exploit-kit.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (snort3-exploit-kit.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (snort3-file-java.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (snort3-exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (snort3-exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (snort3-server-webapp.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (snort3-exploit-kit.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (snort3-exploit-kit.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (snort3-file-pdf.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (snort3-browser-plugins.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (snort3-exploit-kit.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (snort3-file-flash.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (snort3-file-flash.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (snort3-browser-plugins.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (snort3-browser-plugins.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (snort3-file-java.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (snort3-browser-ie.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (snort3-exploit-kit.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (snort3-file-flash.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (snort3-file-java.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (snort3-file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (snort3-file-pdf.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (snort3-browser-ie.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (snort3-file-java.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (snort3-file-pdf.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (snort3-file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (snort3-server-webapp.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (snort3-file-other.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (snort3-exploit-kit.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (snort3-file-flash.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (snort3-file-other.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (snort3-file-java.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (snort3-file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (snort3-sql.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (snort3-exploit-kit.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (snort3-exploit-kit.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (snort3-file-flash.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (snort3-server-other.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (snort3-file-other.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (snort3-file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (snort3-server-webapp.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (snort3-file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (snort3-file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (snort3-file-flash.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (snort3-file-flash.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (snort3-file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (snort3-server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (snort3-browser-ie.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (snort3-server-other.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (snort3-exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (snort3-exploit-kit.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (snort3-exploit-kit.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (snort3-exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (snort3-exploit-kit.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (snort3-exploit-kit.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (snort3-file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (snort3-file-java.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (snort3-exploit-kit.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (snort3-malware-backdoor.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (snort3-file-java.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (snort3-file-java.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (snort3-exploit-kit.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (snort3-exploit-kit.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (snort3-file-java.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (snort3-file-flash.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (snort3-exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (snort3-malware-other.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (snort3-file-java.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (snort3-exploit-kit.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (snort3-exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (snort3-malware-cnc.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (snort3-exploit-kit.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (snort3-file-pdf.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (snort3-file-java.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (snort3-exploit-kit.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (snort3-file-java.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (snort3-file-pdf.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (snort3-file-java.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (snort3-file-other.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (snort3-file-pdf.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (snort3-file-flash.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (snort3-file-flash.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (snort3-file-java.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (snort3-file-flash.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (snort3-exploit-kit.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (snort3-file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (snort3-file-flash.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (snort3-file-flash.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (snort3-browser-ie.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (snort3-file-java.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (snort3-file-java.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (snort3-file-pdf.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (snort3-exploit-kit.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (snort3-file-java.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (snort3-server-other.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (snort3-exploit-kit.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (snort3-exploit-kit.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (snort3-file-java.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (snort3-server-other.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (snort3-server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (snort3-server-other.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (snort3-malware-backdoor.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (snort3-os-other.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (snort3-server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (snort3-file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (snort3-file-flash.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (snort3-file-other.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (snort3-server-other.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (snort3-server-other.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (snort3-file-flash.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (snort3-file-flash.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (snort3-server-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (snort3-file-office.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (snort3-file-office.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (snort3-file-other.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (snort3-file-other.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (snort3-file-java.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (snort3-file-java.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (snort3-os-windows.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (snort3-file-flash.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (snort3-file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (snort3-file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (snort3-file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (snort3-file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (snort3-file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (snort3-exploit-kit.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (snort3-file-flash.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (snort3-exploit-kit.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (snort3-file-flash.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (snort3-file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (snort3-file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (snort3-file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (snort3-file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (snort3-file-flash.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (snort3-file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (snort3-file-pdf.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (snort3-file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (snort3-exploit-kit.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (snort3-file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (snort3-server-webapp.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (snort3-file-flash.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (snort3-file-office.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (snort3-file-flash.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (snort3-protocol-telnet.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (snort3-file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (snort3-file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (snort3-exploit-kit.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (snort3-file-flash.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (snort3-file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (snort3-file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (snort3-file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (snort3-file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (snort3-file-office.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (snort3-exploit-kit.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (snort3-exploit-kit.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (snort3-file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (snort3-file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (snort3-file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (snort3-file-flash.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (snort3-file-other.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (snort3-file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (snort3-file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (snort3-file-multimedia.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (snort3-file-flash.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (snort3-file-flash.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (snort3-pua-adware.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (snort3-file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (snort3-file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (snort3-file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (snort3-file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (snort3-file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (snort3-file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (snort3-file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (snort3-file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (snort3-file-flash.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (snort3-file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (snort3-file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (snort3-file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (snort3-file-office.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (snort3-file-flash.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (snort3-server-webapp.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (snort3-file-office.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (snort3-file-flash.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (snort3-exploit-kit.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (snort3-file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (snort3-file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (snort3-file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (snort3-file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (snort3-exploit-kit.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (snort3-file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (snort3-file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (snort3-file-office.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (snort3-file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (snort3-file-flash.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (snort3-file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (snort3-file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (snort3-file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (snort3-file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (snort3-file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (snort3-file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (snort3-file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (snort3-file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (snort3-file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (snort3-file-flash.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (snort3-file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (snort3-file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (snort3-file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (snort3-file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (snort3-file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (snort3-file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (snort3-file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (snort3-file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (snort3-file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (snort3-file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (snort3-file-flash.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (snort3-file-office.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (snort3-file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (snort3-file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (snort3-file-office.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (snort3-file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (snort3-file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (snort3-file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (snort3-file-other.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (snort3-file-office.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (snort3-file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (snort3-file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (snort3-file-flash.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (snort3-file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (snort3-file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (snort3-file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (snort3-file-flash.rules)
 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (snort3-file-flash.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (snort3-exploit-kit.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (snort3-file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (snort3-file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (snort3-file-flash.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (snort3-file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (snort3-protocol-other.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (snort3-file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (snort3-os-windows.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (snort3-file-flash.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (snort3-file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (snort3-file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (snort3-file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (snort3-file-flash.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (snort3-file-flash.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (snort3-file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (snort3-file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (snort3-file-flash.rules)

2020-10-27 16:37:37 UTC

Snort Subscriber Rules Update

Date: 2020-10-27

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56135 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56106 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56098 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56114 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56118 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56094 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56112 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56095 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (malware-other.rules)
 * 1:56109 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56092 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56113 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (malware-other.rules)
 * 1:56100 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56134 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56116 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56125 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56104 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56119 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (malware-other.rules)
 * 1:56120 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56124 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (malware-other.rules)
 * 1:56102 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56110 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56099 <-> DISABLED <-> MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (malware-other.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56093 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (malware-other.rules)
 * 1:56117 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (malware-other.rules)
 * 1:56121 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (malware-other.rules)
 * 1:56108 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (malware-other.rules)
 * 1:56107 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (malware-other.rules)
 * 1:56105 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (malware-other.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56097 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56101 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (malware-other.rules)
 * 1:56103 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (malware-other.rules)
 * 1:56136 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (server-webapp.rules)
 * 1:56111 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (malware-other.rules)
 * 1:56115 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (malware-other.rules)
 * 1:56096 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (malware-other.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)

Modified Rules:


 * 1:35610 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:35581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36312 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:35588 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:35579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (file-flash.rules)
 * 1:36314 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class scope bypass attempt (file-flash.rules)
 * 1:21513 <-> DISABLED <-> MALWARE-TOOLS HOIC http denial of service attack (malware-tools.rules)
 * 1:48503 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (malware-cnc.rules)
 * 1:36508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:35609 <-> DISABLED <-> FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (file-flash.rules)
 * 1:36554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36346 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36259 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (file-flash.rules)
 * 1:36370 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:36429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (file-office.rules)
 * 1:36292 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:36343 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35646 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:21098 <-> DISABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:21253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:35466 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:36592 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:51320 <-> ENABLED <-> MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (malware-cnc.rules)
 * 1:35606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35945 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (file-flash.rules)
 * 1:42894 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:36339 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35450 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36164 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35366 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35452 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35590 <-> DISABLED <-> FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (file-flash.rules)
 * 1:36581 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36147 <-> DISABLED <-> FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (file-office.rules)
 * 1:36188 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36344 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36500 <-> DISABLED <-> FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (file-other.rules)
 * 1:36528 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36635 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit search uri request attempt (exploit-kit.rules)
 * 1:35635 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36583 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (file-flash.rules)
 * 1:36345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:36168 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35647 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (file-flash.rules)
 * 1:36165 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36324 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35947 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:36128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35824 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:35650 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:36026 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:36315 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit relay traffic detected (exploit-kit.rules)
 * 1:36340 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (file-flash.rules)
 * 1:35504 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:35602 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35652 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:35654 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:35518 <-> DISABLED <-> FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (file-other.rules)
 * 1:35655 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (file-flash.rules)
 * 1:36637 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (exploit-kit.rules)
 * 1:36636 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit index uri request attempt (exploit-kit.rules)
 * 1:35451 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35484 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (file-other.rules)
 * 1:36600 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:36167 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:36588 <-> DISABLED <-> FILE-FLASH Adobe Flash Player message handler array length overflow attempt (file-flash.rules)
 * 1:35465 <-> DISABLED <-> FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (file-flash.rules)
 * 1:7209 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (os-windows.rules)
 * 1:24006 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (file-office.rules)
 * 1:35449 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:35660 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (file-flash.rules)
 * 1:36401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (browser-ie.rules)
 * 1:35673 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:35574 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:35674 <-> DISABLED <-> FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (file-flash.rules)
 * 1:36369 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (file-flash.rules)
 * 1:35690 <-> DISABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (protocol-other.rules)
 * 1:35691 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:35634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (file-flash.rules)
 * 1:36266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:35575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (file-flash.rules)
 * 1:36144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:35601 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (file-flash.rules)
 * 1:35720 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (os-windows.rules)
 * 1:36291 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (file-flash.rules)
 * 1:36372 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (file-flash.rules)
 * 1:35743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:35744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (file-flash.rules)
 * 1:36353 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSS null pointer attempt (file-flash.rules)
 * 1:35586 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (file-flash.rules)
 * 1:36187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display list use after free attempt (file-flash.rules)
 * 1:36555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (file-flash.rules)
 * 1:36575 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (file-flash.rules)
 * 1:35754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:35644 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (file-flash.rules)
 * 1:24026 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24055 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:35823 <-> DISABLED <-> FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (file-flash.rules)
 * 1:24084 <-> DISABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24344 <-> DISABLED <-> EXPLOIT-KIT Unknown exploit kit redirection page (exploit-kit.rules)
 * 1:24594 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (malware-other.rules)
 * 1:24667 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24668 <-> DISABLED <-> EXPLOIT-KIT KaiXin exploit kit attack vector attempt (exploit-kit.rules)
 * 1:24787 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Java Exploit download (exploit-kit.rules)
 * 1:24789 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (exploit-kit.rules)
 * 1:24791 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit Portable Executable download (exploit-kit.rules)
 * 1:24792 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent - Google page (malware-cnc.rules)
 * 1:25122 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25123 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:25270 <-> DISABLED <-> FILE-OTHER overly large XML file MSXML heap overflow attempt (file-other.rules)
 * 1:25467 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (file-pdf.rules)
 * 1:25472 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25473 <-> DISABLED <-> FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (file-java.rules)
 * 1:25536 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25537 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (file-pdf.rules)
 * 1:25677 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:25803 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file dropped (exploit-kit.rules)
 * 1:25830 <-> DISABLED <-> FILE-JAVA Oracle Java malicious class download attempt (file-java.rules)
 * 1:26002 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26004 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26006 <-> DISABLED <-> FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (file-flash.rules)
 * 1:26021 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (file-pdf.rules)
 * 1:26172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (file-flash.rules)
 * 1:26349 <-> DISABLED <-> EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (exploit-kit.rules)
 * 1:26638 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (browser-ie.rules)
 * 1:26651 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26716 <-> DISABLED <-> FILE-JAVA Oracle Java font rendering remote code execution attempt (file-java.rules)
 * 1:26772 <-> DISABLED <-> SERVER-OTHER Apache Struts2 skillName remote code execution attempt (server-other.rules)
 * 1:27005 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (exploit-kit.rules)
 * 1:27076 <-> DISABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27122 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27125 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27141 <-> DISABLED <-> EXPLOIT-KIT Private exploit kit landing page (exploit-kit.rules)
 * 1:27170 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27190 <-> DISABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27217 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27264 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (file-flash.rules)
 * 1:27539 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27571 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27573 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27575 <-> DISABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27617 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27672 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27674 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27676 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27695 <-> DISABLED <-> EXPLOIT-KIT Kore exploit kit landing page (exploit-kit.rules)
 * 1:27739 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit redirection page (exploit-kit.rules)
 * 1:27764 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27765 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27786 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27787 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:27813 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit landing page with payload (exploit-kit.rules)
 * 1:27815 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit malicious redirection attempt (exploit-kit.rules)
 * 1:27816 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit jar file download attempt (exploit-kit.rules)
 * 1:27823 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (server-webapp.rules)
 * 1:27876 <-> ENABLED <-> EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (exploit-kit.rules)
 * 1:27936 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit portable executable download (exploit-kit.rules)
 * 1:28227 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28265 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (exploit-kit.rules)
 * 1:28276 <-> DISABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28414 <-> ENABLED <-> EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (exploit-kit.rules)
 * 1:28466 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> DISABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28579 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28580 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28581 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:28601 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (file-pdf.rules)
 * 1:28612 <-> DISABLED <-> EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (exploit-kit.rules)
 * 1:28619 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28658 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (file-pdf.rules)
 * 1:28695 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28696 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:28699 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed regular expression exploit attempt (file-flash.rules)
 * 1:28854 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (browser-ie.rules)
 * 1:28876 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (browser-ie.rules)
 * 1:28915 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28926 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:29027 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29047 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29051 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:29062 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29167 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit payload download attempt (exploit-kit.rules)
 * 1:29210 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29218 <-> DISABLED <-> FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (file-java.rules)
 * 1:29268 <-> DISABLED <-> FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (file-java.rules)
 * 1:29446 <-> ENABLED <-> EXPLOIT-KIT Styx exploit kit jar outbound connection (exploit-kit.rules)
 * 1:29449 <-> DISABLED <-> EXPLOIT-KIT Styx exploit kit landing page (exploit-kit.rules)
 * 1:29490 <-> DISABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29552 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (file-flash.rules)
 * 1:29631 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29634 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:29830 <-> DISABLED <-> SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (server-webapp.rules)
 * 1:29926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buffer overflow attempt (file-flash.rules)
 * 1:29929 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:30040 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:30100 <-> DISABLED <-> FILE-OTHER ftpchk3.php malicious script upload attempt (file-other.rules)
 * 1:30535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (file-flash.rules)
 * 1:30781 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30787 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30788 <-> DISABLED <-> SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (server-other.rules)
 * 1:30794 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML use after free attempt (browser-ie.rules)
 * 1:30845 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:30965 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30967 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:30975 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (exploit-kit.rules)
 * 1:30976 <-> DISABLED <-> EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (exploit-kit.rules)
 * 1:31025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:31274 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (exploit-kit.rules)
 * 1:31276 <-> ENABLED <-> EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (exploit-kit.rules)
 * 1:31279 <-> DISABLED <-> EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (exploit-kit.rules)
 * 1:31347 <-> DISABLED <-> FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31349 <-> DISABLED <-> FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (file-flash.rules)
 * 1:31366 <-> DISABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31511 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 1:31519 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31558 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31559 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (malware-backdoor.rules)
 * 1:31678 <-> DISABLED <-> FILE-FLASH Adobe Flash valueOf memory leak attempt (file-flash.rules)
 * 1:31732 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (file-flash.rules)
 * 1:31769 <-> DISABLED <-> EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (exploit-kit.rules)
 * 1:31840 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (file-flash.rules)
 * 1:31848 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (file-flash.rules)
 * 1:31975 <-> DISABLED <-> OS-OTHER Bash CGI environment variable injection attempt (os-other.rules)
 * 1:32097 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32098 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:32147 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32148 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (file-office.rules)
 * 1:32167 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (file-other.rules)
 * 1:32186 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (file-flash.rules)
 * 1:32232 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32234 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32236 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (file-flash.rules)
 * 1:32301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player regex denial of service attempt (file-flash.rules)
 * 1:32313 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32316 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:32359 <-> DISABLED <-> FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (file-flash.rules)
 * 1:32387 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit jar file download (exploit-kit.rules)
 * 1:32399 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (exploit-kit.rules)
 * 1:32416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (os-windows.rules)
 * 1:32535 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (file-flash.rules)
 * 1:32542 <-> DISABLED <-> FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (file-flash.rules)
 * 1:32558 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32559 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (file-flash.rules)
 * 1:32568 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32570 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (file-flash.rules)
 * 1:32572 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32573 <-> DISABLED <-> FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (file-flash.rules)
 * 1:32749 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (file-flash.rules)
 * 1:32753 <-> DISABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32766 <-> DISABLED <-> FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (file-flash.rules)
 * 1:32782 <-> DISABLED <-> FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (file-flash.rules)
 * 1:32813 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (file-pdf.rules)
 * 1:32862 <-> DISABLED <-> FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-office.rules)
 * 1:32879 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit payload delivery (exploit-kit.rules)
 * 1:33050 <-> DISABLED <-> PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (protocol-telnet.rules)
 * 1:33078 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (file-flash.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33261 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33266 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33267 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:33271 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33286 <-> DISABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33301 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33302 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (file-flash.rules)
 * 1:33351 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib use after free attempt (file-office.rules)
 * 1:33367 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:33454 <-> DISABLED <-> FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (file-other.rules)
 * 1:33458 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33460 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33461 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33463 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33467 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (file-flash.rules)
 * 1:33470 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (file-flash.rules)
 * 1:33474 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (file-multimedia.rules)
 * 1:33483 <-> DISABLED <-> PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (pua-adware.rules)
 * 1:33484 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (file-flash.rules)
 * 1:33490 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33491 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (file-flash.rules)
 * 1:33497 <-> DISABLED <-> FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (file-flash.rules)
 * 1:33501 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (file-flash.rules)
 * 1:33507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (file-flash.rules)
 * 1:33510 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (file-flash.rules)
 * 1:33533 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33534 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33536 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33538 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (file-flash.rules)
 * 1:33541 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (file-flash.rules)
 * 1:33554 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF use-after-free attempt (file-flash.rules)
 * 1:33715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33716 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (file-office.rules)
 * 1:33812 <-> DISABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33901 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (file-flash.rules)
 * 1:33918 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33920 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (file-flash.rules)
 * 1:33925 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33926 <-> DISABLED <-> FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (file-flash.rules)
 * 1:33968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:33975 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (file-flash.rules)
 * 1:33981 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit flash file download (exploit-kit.rules)
 * 1:33983 <-> DISABLED <-> EXPLOIT-KIT Nuclear exploit kit obfuscated file download (exploit-kit.rules)
 * 1:33999 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (file-flash.rules)
 * 1:34062 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document memory corruption attempt (file-office.rules)
 * 1:34151 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player sound class type confusion attempt (file-flash.rules)
 * 1:34158 <-> DISABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34162 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34163 <-> DISABLED <-> FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (file-flash.rules)
 * 1:34168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34174 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34175 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (file-flash.rules)
 * 1:34187 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (file-flash.rules)
 * 1:34190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:34242 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player text field mask use after free attempt (file-flash.rules)
 * 1:34251 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (file-flash.rules)
 * 1:34257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34260 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash settings manager double free attempt (file-flash.rules)
 * 1:34274 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed pixel bytecode attempt (file-flash.rules)
 * 1:34278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (file-flash.rules)
 * 1:34303 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (file-flash.rules)
 * 1:34354 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (file-flash.rules)
 * 1:34429 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (file-office.rules)
 * 1:34477 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object type confusion attempt (file-flash.rules)
 * 1:34504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (file-flash.rules)
 * 1:34506 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34507 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (file-flash.rules)
 * 1:34508 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34509 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (file-flash.rules)
 * 1:34512 <-> DISABLED <-> FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (file-other.rules)
 * 1:34522 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (file-flash.rules)
 * 1:34543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (file-flash.rules)
 * 1:34555 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:34563 <-> DISABLED <-> FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (file-flash.rules)
 * 1:34743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34744 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (file-office.rules)
 * 1:34795 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:34805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34809 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (file-flash.rules)
 * 1:34821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (file-flash.rules)
 * 1:34850 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:35755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject use after free attempt (file-flash.rules)
 * 1:34851 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (file-flash.rules)
 * 1:34855 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (file-flash.rules)
 * 1:34880 <-> DISABLED <-> SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (server-webapp.rules)
 * 1:35020 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (file-office.rules)
 * 1:35048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (file-office.rules)
 * 1:35151 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (os-windows.rules)
 * 1:35219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (file-flash.rules)
 * 1:35225 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35226 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35227 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35229 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35233 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:36323 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (file-flash.rules)
 * 1:35603 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (file-flash.rules)
 * 1:35234 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:36599 <-> DISABLED <-> FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (file-flash.rules)
 * 1:35237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35238 <-> DISABLED <-> FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (file-flash.rules)
 * 1:35269 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35270 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (file-flash.rules)
 * 1:35273 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35274 <-> DISABLED <-> FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (file-flash.rules)
 * 1:35277 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35278 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (file-flash.rules)
 * 1:35290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:36027 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:35294 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (file-flash.rules)
 * 1:35298 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (file-flash.rules)
 * 1:35761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (file-flash.rules)
 * 1:36166 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:35815 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:36553 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:35816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound type confusion attempt (file-flash.rules)
 * 1:35325 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (file-office.rules)
 * 1:35503 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (file-office.rules)
 * 1:36593 <-> DISABLED <-> FILE-FLASH Adobe Flash Player textLine use-after-free attempt (file-flash.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:23273 <-> DISABLED <-> FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (file-java.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)