SIG1=101,"Winlogon Registry Key Modification","" SIG2=102,"Winlogon Registry Value Modification","" SIG3=103,"LSA Registry Key Modification","" SIG4=104,"LSA Registry Value Modification","" SIG5=105,"Memory Management Registry Key Modification","" SIG6=106,"Memory Management Registry Value Modification","" SIG7=107,"CrashControl Registry Key Modification","" SIG8=108,"CrashControl Registry Value Modification","" SIG9=111,"Event Log Registry Setting Modified","" SIG10=112,"Event Log Service Setting Modification","" SIG11=113,"Event Log Service State Change","" SIG12=114,"Security Event Log Shutdown Setting Modified","" SIG13=121,"Windows File Protection Activity","" SIG14=122,"Windows File Protection Cache or Catalog Modified","" SIG15=123,"Source Path Setting Modified","" SIG17=132,"System Executable Creation or Deletion","" SIG18=338,"Automatic Logon at Startup Enabled","" SIG19=342,"List of Trusted System Processes Modified","" SIG20=344,"New Startup Program Creation","" SIG21=345,"Registry Access Limitations Lifted","" SIG22=347,"Non-interactive Floppy Access Enabled","" SIG23=348,"Notification Packages Modification","" SIG24=349,"Non-interactive CD-ROM Access Enabled","" SIG25=350,"Shutdown without Logon Enabled","" SIG26=352,"Null User Sessions Enabled","" SIG27=354,"Drive AutoPlay Settings Modified","" SIG28=355,"AllowSpecialCharsInShell RegKey Modification","" SIG29=356,"IIS Shielding - CGI Script Security Context Mod.","" SIG30=357,"IIS Shielding - Remote ODBC RegKey Creation","" SIG31=367,"IIS Shielding - EnablePortAttack RegKey Mod.","" SIG32=371,"Local IP Routing Enabled","" SIG33=372,"SNMP Service Activation","" SIG34=373,"SNMP Service Startup Mode Modification","" SIG35=374,"Remote Command Service Activation","" SIG36=375,"Remote Command Service Startup Mode Modification","" SIG37=379,"Alerter Service Activation","" SIG38=380,"Alerter Service Startup Mode Modification","" SIG39=384,"NETMON Network Agent Activation","" SIG40=385,"NETMON Network Agent Startup Mode Modification","" SIG41=392,"Service Started","" SIG42=393,"Service Stopped","" SIG43=399,"Remote Shell Service Installation","" SIG44=404,"Authentication Packages Modification","" SIG45=412,"Double File Extension Execution","" SIG46=413,"Suspicious Double File Extension Execution","" SIG47=415,"Suspicious File Extension Execution","" SIG48=428,"Generic Buffer Overflow","" SIG49=431,"IIS 4.0 FTP Buffer Overflow","" SIG50=432,"Suspicious Function Invocation","" SIG51=433,"Remote Shell Service Activated","" SIG52=436,"OS/2 Subsystem Pointer Modified","" SIG53=437,"POSIX Subsystem Pointer Modified","" SIG54=438,"Pagefile Clearing Disabled","" SIG55=445,"ProfileImagePath RegKey Modification","" SIG56=500,"MSSQL Core Shielding - File Access","" SIG57=501,"MSSQL Core Shielding - File Modification","" SIG58=502,"MSSQL Core Shielding - File Execution","" SIG59=503,"MSSQL Core Shielding - Registry Modification","" SIG60=504,"MSSQL Core Shielding - Service Modification","" SIG61=505,"MSSQL Core Shielding - Service Reg. Modification",""SIG62=507,"MSSQL Core Shielding - Log File Access","" SIG63=508,"MSSQL Core Shielding - Log File Modification","" SIG64=510,"MSSQL Aux. Shielding - File Access","" SIG65=511,"MSSQL Aux. Shielding - File Modification","" SIG66=512,"MSSQL Aux. Shielding - File Execution","" SIG67=513,"MSSQL Aux. Shielding - Registry Modification","" SIG68=514,"MSSQL Aux. Shielding - Service Modification","" SIG69=515,"MSSQL Aux. Shielding - Service Reg. Modification","" SIG70=519,"MSSQL Aux. Shielding - Service Started","" SIG71=520,"MSSQL Core Envelope - File Access by MSSQL","" SIG72=521,"MSSQL Core Envelope - File Modification by MSSQL","" SIG73=522,"MSSQL Core Envelope - File Execution by MSSQL","" SIG74=523,"MSSQL Core Envelope - Registry Mod. by MSSQL","" SIG75=524,"MSSQL Core Envelope - Service Mod. by MSSQL","" SIG76=530,"MSSQL Aux. Envelope - File Access by MSSQL","" SIG77=531,"MSSQL Aux. Envelope - File Modification by MSSQL","" SIG78=532,"MSSQL Aux. Envelope - File Execution by MSSQL","" SIG79=533,"MSSQL Aux. Envelope - Registry Mod. by MSSQL","" SIG80=534,"MSSQL Aux. Envelope - Service Mod. by MSSQL","" SIG81=540,"MSSQL Stored Procedure Buffer Overflow","" SIG82=541,"MSSQL Server Installation File Vulnerability","" SIG83=542,"MSSQL Blank Password Logon","" SIG84=550,"MSSQL Distributed Query","" SIG85=551,"MSSQL SQL Injection With Comments","" SIG86=552,"MSSQL SQL Injection With DELAY","" SIG87=553,"MSSQL SQL Injection With BULK INSERT","" SIG88=554,"MSSQL SQL Injection With Batch Commands","" SIG89=555,"MSSQL SQL Injection With Audit Evasion","" SIG90=556,"MSSQL SQL Shutdown","" SIG91=557,"MSSQL Job Scheduling","" SIG92=558,"MSSQL sp_MScopyscriptfile Privilege Escalation","" SIG93=559,"MSSQL sp_attachsubscription Privilege Escalation","" SIG94=560,"SQL Injection With CAST","" SIG95=561,"MSSQL xp_cmdshell Privilege Escalation","" SIG96=562,"MSSQL xp_availablemedia Privilege Escalation","" SIG97=563,"MSSQL xp_dirtree Privilege Escalation","" SIG98=564,"MSSQL xp_subdirs Privilege Escalation","" SIG99=565,"MSSQL xp_fileexist Privilege Escalation","" SIG100=566,"MSSQL xp_getfiledetails Privilege Escalation","" SIG101=567,"MSSQL sp_OACreate Privilege Escalation","" SIG102=568,"MSSQL sp_OAGetErrorInfo Privilege Escalation","" SIG103=569,"MSSQL sp_OAGetProperty Privilege Escalation","" SIG104=570,"MSSQL sp_OAMethod Privilege Escalation","" SIG105=571,"MSSQL sp_OASetProperty Privilege Escalation","" SIG106=572,"MSSQL sp_OADestroy Privilege Escalation","" SIG107=573,"MSSQL sp_OAStop Privilege Escalation","" SIG108=574,"MSSQL sp_addextendedproc Privilege Escalation","" SIG109=575,"MSSQL xp_makewebtask Privilege Escalation","" SIG110=576,"MSSQL sp_addlogin Privilege Escalation","" SIG111=577,"MSSQL xp_readerrorlog Privilege Escalation","" SIG112=578,"MSSQL xp_regenumvalues Privilege Escalation","" SIG113=579,"MSSQL xp_regread Privilege Escalation","" SIG114=580,"MSSQL xp_regwrite Privilege Escalation","" SIG115=581,"MSSQL xp_regdeletevalue Privilege Escalation","" SIG116=582,"MSSQL xp_regaddmultistring Privilege Escalation","" SIG117=583,"MSSQL xp_regremovemultistring Privilege Escalation","" SIG118=584,"MSSQL xp_regdeletekey Privilege Escalation","" SIG119=585,"MSSQL xp_servicecontrol Privilege Escalation","" SIG120=586,"MSSQL xp_enumdsn Privilege Escalation","" SIG121=587,"MSSQL xp_loginconfig Privilege Escalation",""SIG122=588,"MSSQL xp_terminate_process Privilege Escalation","" SIG123=589,"MSSQL xp_proxiedadata Privilege Escalation","" SIG124=590,"MSSQL Server Configuration Manipulation","" SIG125=591,"MSSQL raiserror Execution","" SIG126=592,"MSSQL formatmessage Execution","" SIG127=593,"MSSQL xp_sprintf Execution","" SIG128=594,"MSSQL Web Task Abuse","" SIG129=595,"MSSQL sp_set_sqlagent_properties Priv. Escalation","" SIG130=596,"MSSQL sp_addsrvrolemember Privilege Escalation","" SIG131=597,"MSSQL sp_msdropretry Privilege Escalation","" SIG132=598,"MSSQL DTS Packages Privilege Escalation","" SIG133=599,"MSSQL Core Shielding - Use of Administrative Tools","" SIG134=601,"MSSQL sp_MSget_publisher_rpc Privilege Escalation","" SIG135=602,"MSSQL xp_fileexist Privilege Escalation","" SIG136=603,"MSSQL xp_instance_regwrite Privilege Escalation","" SIG137=604,"MSSQL xp_instance_regread Privilege Escalation","" SIG138=605,"MSSQL xp_instance_regenumkeys Privilege Escalation","" SIG139=606,"MSSQL xp_instance_regenumvalues Privilege Escalation","" SIG140=607,"MSSQL xp_instance_regremovemultistring Privilege Escalation","" SIG141=608,"MSSQL xp_instance_regaddmultistring Privilege Escalation","" SIG142=609,"MSSQL xp_instance_regdeletevalue Privilege Escalation","" SIG143=610,"MSSQL xp_instance_regdeletekey Privilege Escalation","" SIG144=752,"Windows Explorer CLSID File Execution","" SIG145=797,"Unattended Installation File Illegal Access","" SIG146=801,"Anonymous User Name Lookup","" SIG147=803,"CD-ROM AutoRun Enabled","" SIG148=804,"BackOffice Installation Log File Access","" SIG149=812,"File System Tunneling RegKey Modification","" SIG150=814,"System File Modification","" SIG151=825,"BackOrifice 2000 Trojan","" SIG152=828,"NetBus Trojan Installation","" SIG153=829,"NetBus Trojan Activation","" SIG154=832,"Print Spooler Buffer Overflow","" SIG155=834,"SAM Permissions Modification","" SIG156=835,"Repair Directory Access","" SIG157=836,"SAM Config File Access","" SIG158=837,"Print Provider Modification","" SIG159=838,"Spoolhack.dll File Creation","" SIG160=840,"Wordpad Help File Modification","" SIG161=841,"Winhlp32 Buffer Overflow","" SIG162=843,"NT4All Privilege Escalation","" SIG163=844,"Authentication Library Modification","" SIG165=846,"Server Operator Privilege Escalation","" SIG166=847,"Common User Startup Folder RegKey Modification","" SIG167=850,"Change of Service Executable","" SIG168=853,"IIS Code.asp File Access","" SIG169=854,"IIS CodeBrws.asp File Access","" SIG170=855,"IIS Index Server Webhits Source Disclosure","" SIG171=856,"IIS Malformed Extension Data DoS","" SIG172=857,"IIS Illegal DSN File Creation","" SIG173=858,"IIS Showcode.asp Illegal File Access","" SIG174=860,"IIS ShowFile.asp Illegal File Access","" SIG175=862,"IIS Jet Database Command Execution","" SIG176=863,"IIS ASP Alternate Data Streams","" SIG177=866,"IIS FrontPage imagemap.exe DoS","" SIG178=869,"IIS catalog_type ASP Sample Page","" SIG179=872,"IIS MiniVend view_page.html Sample Page","" SIG180=873,"IIS ASP Sample Site advsearch.asp DoS","" SIG181=874,"IIS ASP Sample Site search.asp DoS","" SIG182=875,"IIS ASP Sample Site query.asp DoS",""SIG183=876,"IIS +.htr File Fragment Reading","" SIG184=877,"IIS FrontPage htimage.exe DoS","" SIG185=880,"IIS Sun Java HotSpot DoS","" SIG186=885,"Screen Saver logon.scr","" SIG187=891,"Change of Debugger Executable","" SIG188=892,"HKLM Classes Registry Modification","" SIG189=893,"RAS PhoneBook Buffer Overflow","" SIG190=894,"RAS PhoneBook File Modification","" SIG191=895,"Phone Dialer Buffer Overflow","" SIG192=896,"Dialer Initialization File Modification","" SIG193=899,"Fpnwclnt.dll Password Filter Modified","" SIG194=900,"Startup Password Stored in Registry","" SIG195=901,"Startup Userid Stored in Registry","" SIG196=902,"Wordpad DCOM Server RegKey Modification","" SIG197=904,"Schedule Service Startup Mode Modification","" SIG198=905,"Schedule Service Activation","" SIG199=906,"Microsoft Registry Keys Modification","" SIG200=907,"PWDump Tool Activation","" SIG201=909,"Rdisk Temp File Access","" SIG202=910,"Uninstall Registry Key Modification","" SIG203=911,"Event Log File or Related File Deleted","" SIG204=912,"Event Log File or Related File Attribute Modified","" SIG205=913,"Event Log Registry Permissions Modified","" SIG206=914,"Event Log File Path Modified","" SIG207=915,"Event Log Guest Access Enabled","" SIG208=916,"Display of Last Logon Name Enabled","" SIG209=917,"Caching of Logon Information Enabled","" SIG210=918,"Strong Password Enforcement Disabled","" SIG211=919,"Strong Password Enforcer Modified","" SIG212=920,"Microsoft Installer Registry Key Modified","" SIG213=922,"IIS Idq.dll Directory Traversal","" SIG214=923,"IIS Directory Traversal","" SIG215=924,"IIS Directory Traversal and Code Execution","" SIG216=927,"WinVNC Installation","" SIG217=928,"WinVNC Activation","" SIG218=933,"Network DoS Protection Settings Modified","" SIG219=935,"IIS JsBrwPop.asp Source Disclosure","" SIG220=936,"IIS IISHack 1.5 (IIS ASP $19.95 hack)","" SIG221=937,"IIS Executable File Parsing","" SIG222=938,"IIS Phone Book Service Buffer Overflow","" SIG223=939,"IIS Perl Command Execution","" SIG224=940,"IIS Cross-Site Scripting","" SIG225=941,"IIS .htw Cross-Site Scripting","" SIG226=942,"IIS .shtml Cross-Site Scripting","" SIG227=943,"IIS FrontPage shtml.dll Cross-Site Scripting","" SIG228=944,"Administrative Shares Enabled","" SIG229=945,"Required SMB Message Signing Disabled on Server","" SIG231=947,"SMB Message Signing Disabled on Server","" SIG232=948,"SMB Message Signing Disabled on Client","" SIG233=949,"Null Session Access Enabled","" SIG234=950,"Null Session Access to Named Pipes Modified","" SIG235=951,"Null Session Access to Shares Modified","" SIG236=952,"MS-CHAPv2 Authentication Protocol Settings Changed","" SIG237=953,"Authentication Protocol Settings Modified","" SIG238=954,"Failed Logon Attempt (Windows)","" SIG239=957,"Indirect Registry Modification","" SIG240=958,"Dr. Watson user.dmp Permissions Vulnerability","" SIG241=959,"Msgina Registry Key Modified","" SIG242=960,"Msgina.dll File Modified","" SIG243=961,"Autorun File Created",""SIG244=962,"SNMP Authentication Traps Disabled","" SIG245=963,"SNMP Authentication Traps Enabled","" SIG246=964,"SNMP World-Writable Trap Configuration","" SIG247=965,"SNMP World-Writable Extension Agents","" SIG248=966,"SNMP World-Writable Communities","" SIG249=967,"SNMP World-Writable Permitted Managers","" SIG250=968,"SNMP Registry Key Permissions Modification","" SIG251=969,"Machine Shutdown","" SIG252=972,"Elevation of Privileges With Debug Registers","" SIG253=973,"TCP/IP Registry Keys Modified","" SIG254=974,"IP Address Changed","" SIG255=975,"Remote Access Service Registry Key Modified","" SIG256=976,"Remote Access Service Deleted","" SIG257=977,"Remote Access Service Started","" SIG258=978,"System File Modification in Root Drive","" SIG259=980,"ODBC.ini File Modification","" SIG260=982,"Trojaned System File Execution","" SIG261=983,"Windows File Protection RegKey Modified","" SIG262=984,"Nimda Worm Installation or Activation","" SIG263=985,"Illegal Execution","" SIG264=986,"Task Manager Process Termination Vulnerability","" SIG265=987,"Event Log File or Related File Modification","" SIG266=988,"RunAs Service Startup Mode Modification","" SIG267=989,"RunAs Service Deactivated","" SIG268=990,"New Startup Folder Program Creation","" SIG269=992,"SMSS Process Handle Privilege Elevation","" SIG270=993,"System Drive Executable Modification","" SIG271=994,"Group Policy Object Access","" SIG272=999,"Service Created","" SIG273=1000,"Windows Agent Shielding - Service Access","" SIG274=1001,"Windows Agent Shielding - File Modification","" SIG275=1002,"Windows Agent Shielding - Registry Access","" SIG276=1003,"Windows Agent Shielding - Process Access","" SIG277=1020,"Windows Agent Shielding - File Access","" SIG278=1023,"Windows McAfee Agent Shielding - Service Access","" SIG279=1024,"Windows McAfee Agent Shielding - File Modification","" SIG280=1025,"Windows McAfee Agent Shielding - Registry Access","" SIG281=1100,"IIS Site Server ViewCode.asp File Access","" SIG282=1101,"IIS Password Change","" SIG283=1102,"IIS ism.dll Remote Administration Access","" SIG284=1103,"IIS Site Server AdSamples site.csc Info Leak","" SIG285=1104,"IIS Index Server Sample Site queryhit.htm","" SIG286=1105,"IIS bdir.htr Directory Listing","" SIG287=1106,"IIS details.idc Remote Command Execution","" SIG288=1107,"IIS ctguestb.idc Remote Command Execution","" SIG289=1108,"IIS Translate: f Source Disclosure","" SIG290=1109,"IIS Indexed Directory Disclosure","" SIG291=1110,"IIS FrontPage Extensions shtml.exe Device DoS","" SIG292=1112,"IIS WebDAV Search Request DoS","" SIG293=1113,"IIS WebDAV Propfind Request DoS","" SIG294=1114,"IIS cpshost.dll File Upload","" SIG295=1116,"IIS FrontPage Admin Access","" SIG296=1117,"IIS FrontPage .pwd File Permissions","" SIG297=1119,"IIS IPP .printer Buffer Overflow","" SIG298=1120,"IIS Double Hex Encoding Directory Traversal","" SIG299=1121,"IIS CodeRed / Index Server idq.dll Buffer Overflow","" SIG300=1122,"IIS FrontPage fp30reg.dll Buffer Overflow","" SIG301=1123,"IIS FrontPage dvwssr.dll Buffer Overflow","" SIG302=1124,"IIS Remote Command Execution","" SIG303=1125,"IIS In-process Privilege Escalation",""SIG304=1126,"IIS Index Server File and Path Disclosure","" SIG305=1127,"IIS %u (UTF) Encoding","" SIG306=1128,"IIS Newline/Carriage Return Characters","" SIG307=1129,"IIS Authentication Method Disclosure","" SIG308=1130,"IIS Samples Script Request","" SIG309=1131,"IIS Unicode in Filename","" SIG310=1132,"IIS Chunked Encoding Heap Overflow","" SIG311=1133,"IIS COM Extension Request","" SIG312=1134,"Custom Debugger Attached to a Process","" SIG313=1135,"Successful Logon (Windows)","" SIG314=1136,"IIS WebDAV Buffer Overflow","" SIG315=1137,"Ntdll.dll Buffer Overflow","" SIG316=1138,"Nimda Installation or Activation (riched20.dll)","" SIG317=1139,"svchost Buffer Overflow (RPC DCOM)","" SIG318=1140,"Windows service process Buffer Overflow","" SIG319=1141,"Exchange Server Buffer Overflow","" SIG320=1142,"Windows Explorer Buffer Overflow","" SIG321=1143,"Windows Help Facility Buffer Overflow","" SIG322=1144,"Outlook Express Buffer Overflow","" SIG323=1145,"Windows Media Player Buffer Overflow","" SIG324=1146,"Internet Explorer Buffer Overflow","" SIG325=1147,"Windows Help and Support Center Buffer Overflow","" SIG326=1148,"CMD Tool Access by a Network Aware Application","" SIG327=1149,"CMD Tool Access by a Windows Mail Client or IE","" SIG328=1150,"CMD Tool Access by FTP Client","" SIG329=1151,"Message Queue Service Buffer Overflow","" SIG330=1152,"Sys File Mod in Root Drive of inactive partition","" SIG331=1153,"Windows Utility Mgr privilege elevation","" SIG332=1154,"SSL-PCT Buffer Overflow","" SIG333=1156,"Windows Explorer Illegal Execution","" SIG334=1157,"USB Storage Device Inserted","" SIG335=1200,"IIS Shielding - File Access","" SIG336=1201,"IIS Shielding - File Modification","" SIG337=1202,"IIS Shielding - Service Modification","" SIG338=1204,"IIS Shielding - Registry Modification","" SIG339=1205,"IIS Envelope - File Access by IIS Web User","" SIG340=1206,"IIS Shielding - File Modification in System Folder","" SIG341=1207,"IIS Envelope - File Execution by IIS Process","" SIG343=1210,"IIS Envelope - Registry Mod. by IIS Process","" SIG344=1211,"IIS Shielding - Log Files Modification","" SIG345=1212,"IIS Shielding - Log File Access","" SIG346=1216,"IIS .printer File Extension Request","" SIG347=1217,"IIS .HTR File Extension Request","" SIG348=1218,"IIS SSI File Extension Request","" SIG349=1219,"IIS Index Server File Ext. Request","" SIG350=1220,"IIS .IDC File Extension Request","" SIG351=1221,"IIS Shielding - Conf. File Activ. (ADMCOMConnect)","" SIG352=1222,"IIS Illegal Request Method","" SIG353=1223,"IIS Envelope - File Modification by IIS Web User","" SIG354=1224,"IIS Envelope - File Execution by IIS Web User","" SIG355=1225,"IIS Envelope - File Access by IIS Process","" SIG356=1226,"IIS Envelope - File Modification by IIS Process","" SIG357=1227,"IIS Envelope - Service Mod. by IIS Web User","" SIG358=1229,"IIS Envelope - Registry Mod. by IIS Web User","" SIG359=1230,"IIS Shielding - Conf. File Activ.","" SIG360=1240,"IIS Shielding - FTP File Access","" SIG361=1241,"IIS Shielding - FTP File Modification","" SIG362=1250,"IIS Shielding - FTP Log File Modification","" SIG363=1251,"IIS Shielding - FTP Log File Access","" SIG364=1253,"IIS Shielding - FTP File Execution",""SIG365=1254,"IIS Shielding - FTP File Creation","" SIG366=1256,"IIS Shielding - File Execution","" SIG367=1260,"IIS6 Envelope - File Access by IIS Process","" SIG368=1261,"IIS6 Envelope - File Access by IIS Web User","" SIG369=1262,"IIS6 Envelope - File Execution by IIS Process","" SIG370=1263,"IIS6 Envelope - File Execution by IIS Web User","" SIG371=1264,"IIS6 Envelope - File Modification by IIS Process","" SIG372=1265,"IIS6 Envelope - File Modification by IIS Web User","" SIG373=1266,"IIS6 Envelope - Registry Mod. by IIS Process","" SIG374=1267,"IIS6 Envelope - Registry Mod. by IIS Web User","" SIG375=1268,"IIS6 Envelope - Service Mod. by IIS Process","" SIG376=1269,"IIS6 Envelope - Service Mod. by IIS Web User","" SIG377=1280,"IIS6 Shielding - File Access","" SIG378=1281,"IIS6 Shielding - File Execution","" SIG379=1282,"IIS6 Shielding - File Modification","" SIG380=1283,"IIS6 Shielding: File Mod in System Folder","" SIG381=1284,"IIS6 Shielding - Log File Access","" SIG382=1285,"IIS6 Shielding - Log Files Modification","" SIG383=1286,"IIS6 Shielding - Conf. File Activ.","" SIG384=1287,"IIS6 Shielding - Conf. File Activ. (ADMCOMConnect)","" SIG385=1288,"IIS6 Shielding - Registry Modification","" SIG386=1289,"IIS6 Shielding - Service Modification","" SIG387=1354,"Locator Service Buffer Overflow","" SIG388=2300,"Internet Explorer Hardening Disabled","" SIG389=2400,"IIS6 Web Admin Cross-Site Scripting Attack","" SIG390=2600,"IE Envelope - Mail Files Access","" SIG391=2601,"IE Envelope - Source Code File Access","" SIG392=2602,"IE Envelope - Office Document File Access","" SIG393=2603,"IE Envelope - Confidential Office Doc. File Access","" SIG394=2604,"IE Envelope - Crypto File Access","" SIG395=2620,"IE Envelope - Windows Executable Modification","" SIG396=2621,"IE Envelope - Abnormal Executable Modification","" SIG397=2622,"IE Envelope - Software Installation By Explorer","" SIG398=2640,"IE Envelope - Abnormal Program Execution","" SIG399=2641,"IE Envelope - Execution Of Temp. Internet Files","" SIG400=2660,"IE Envelope - HTML Application Execution","" SIG401=2661,"IE Envelope - Suspicious Executable Modification","" SIG402=2662,"IE Envelope - Compiled Help File Execution","" SIG403=2663,"IE Envelope - NTVDM Execution","" SIG404=2664,"IE Envelope - Windows Help Execution","" SIG405=2720,"Outlook Envelope - Windows Executable Mod.","" SIG406=2721,"Outlook Envelope - Abnormal Executable Mod.","" SIG407=2722,"Outlook Envelope - Dangerous File Creation","" SIG408=2740,"Outlook Envelope - Abnormal Program Execution","" SIG409=2741,"Outlook Envelope - Execution Temp. Internet Files","" SIG410=2760,"Outlook Envelope - HTML Application Execution","" SIG411=2761,"Outlook Envelope - Suspicious Executable Mod.","" SIG412=2762,"Outlook Envelope - Compiled Help File Execution","" SIG413=2763,"Outlook Envelope - NTVDM Execution","" SIG414=3700,"TCP Port Scan","" SIG415=3701,"UDP Port Scan","" SIG416=3702,"Firewall Event Marked As Intrusion","" SIG417=3718,"Network Share Provider Denial of Service (SMBdie)","" SIG418=3720,"MSSQL Resolution Service Buffer Overflow (Slammer)","" SIG419=3721,"RPC DCOM Stack Buffer Overflow (Blaster, Nachi)","" SIG420=3722,"RPC Service Denial of Service (WinNuke)","" SIG421=3723,"Windows PPTP Server Buffer Overflow","" SIG422=3724,"LSASS Dcpromo Log File Buffer Overflow (Sasser)","" SIG423=3725,"IP Options Validation Overflow","" SIG425=3727,"IE drag and drop file installation",""SIG426=3728,"MSRPC LLSSRV Buffer Overflow","" SIG427=3730,"Windows Explorer MSHTA Script Execution","" SIG428=3731,"URL Decoding Zone Spoofing Vulnerability","" SIG429=3732,"IE DHTML edit ActiveX control Cross-Zone/domain Scripting","" SIG430=3733,"Windows Messenger Service Buffer Overflow","" SIG431=3734,"Print Spooler Service Buffer Overflow","" SIG432=3735,"Plug and Play Buffer Overflow (Zotob)","" SIG433=3736,"Telephony Service Buffer Overflow","" SIG434=3737,"COM Object Instantiation Memory Corruption Vulnerability","" SIG435=3738,"MSDTC RPC Vulnerability","" SIG436=3739,"Windows Plug-and-Play Buffer Overflow Vulnerability 2","" SIG437=3740,"Client Services For Netware Vulnerability","" SIG438=3741,"Windows Metafile Heap Overflow Vulnerability","" SIG439=3742,"Windows Enhanced Metafile Heap Overflow Vulnerability","" SIG440=3744,"Graphics Rendering Engine Vulnerability","" SIG441=3745,"Korean Input Method Editor Vulnerability","" SIG443=3747,"Microsoft Windows Service ACLs Privilege Escalation Vulnerability", "" SIG444=3748,"MDAC Code Execution Vulnerability","" SIG445=3749,"Internet Explorer HTA Execution Vulnerability","" SIG446=3750,"Remote COM Activation by Desktop.ini Vulnerability","" SIG447=3752,"MSDTC RPC DoS Vulnerability","" SIG449=3754,"Illegal Execution in winword.exe","" SIG452=3757,"MSHTA Directory Traversal Vulnerability","" SIG453=3758,"Management Console Vulnerability","" SIG454=3759,"MHTML Parsing Vulnerability","" SIG455=3760,"Internet Explorer FTP Command Injection Vulnerability","" SIG456=3761,"Winsock Hostname Vulnerability","" SIG457=3762,"IE SourceURL NULL Dereference Vulnerability","" SIG458=3763,"Windows Kernel Elevation of Privilege Vulnerability","" SIG459=3764,"Illegal Execution in services.exe","" SIG460=3765,"Illegal Execution in svchost.exe","" SIG462=3767,"Windows Server Service Buffer Overflow Vulnerability (2)","" SIG463=3768,"Windows Server Service Buffer Overflow Vulnerability (Tighter Secur ity)","" SIG464=3769,"Windows Metafile Denial of Service Vulnerability","" SIG465=3771,"Vulnerability in Indexing Service Could Allow Cross-Site Scripting" ,"" SIG466=3772,"Client Services for Netware BO Vulnerability","" SIG467=3773,"COM Object Instantiation Memory Corruption Vulnerability for daxctl e.ocx","" SIG468=3774,"Microsoft Internet Explorer Vector Markup Language Vulnerability (1 )","" SIG469=3775,"Windows Shell Vulnerability in WebViewFolderIcon","" SIG470=3776,"Microsoft Internet Explorer Vector Markup Language Vulnerability (2 )","" SIG471=3777,"Windows ASN.1 Heap Overflow Vulnerability","" SIG472=3778,"Internet Explorer 7 Address Bar Spoofing Vulnerability","" SIG473=3779,"Windows IE ADODB.Connection Vulnerability","" SIG474=3780,"IPNATHLP.DLL Malformed DNS Denial of Service","" SIG475=3781,"Netware Driver Denial of Service Vulnerability","" SIG476=3782,"Vulnerability in Workstation Service Could Allow Remote Code Execut ion","" SIG477=3783,"Vulnerability in Visual Studio 2005 Could Allow Remote Code Executi on","" SIG478=3784,"Vulnerability in Microsoft Agent Could Allow Remote Code Execution" ,"" SIG479=3785,"Microsoft XML Core Services Vulnerability","" SIG480=3786,"Vulnerability in Visual Studio 2005 Could Allow Remote Code Executi on (2)",""SIG482=3788,"COM Object Instantiation Memory Corruption Vulnerability (2)","" SIG483=3789,"Vulnerability in Microsoft Step-by-Step Interactive Training","" SIG484=3790,"Windows Address Book Contact Record Vulnerability","" SIG485=3791,"Vulnerability in Microsoft Rich Edit and Microsoft MFC","" SIG486=3792,"Vulnerability in Windows Media Player Could Allow Remote Code Execu tion","" SIG487=3793,"Adobe Reader and Acrobat ActiveX Control Remote Code Execution Vuln erabilities","" SIG488=3797,"Microsoft Windows Message Queuing Buffer Overflow Vulnerability","" SIG489=3798,"Vulnerability in Remote Installation Service Could Allow Remote Cod e Execution","" SIG490=3799,"Vulnerability in Windows Media Player ASX PlayList File","" SIG491=3800,"Vulnerability in Windows Media Player Could Allow Remote Code Execu tion (2)","" SIG492=3801,"Vulnerability in TCP/IP Could Allow Remote Code Execution","" SIG493=3802,"Vulnerability in Server Service Could Allow Remote Code Execution", "" SIG494=3803,"Vulnerabilities in DNS Resolution Could Allow Remote Code Execution ","" SIG495=3804,"Vulnerability in Server Service Could Allow Denial of Service","" SIG496=3805,"Adobe Download Manager Stack Overflow Vulnerability","" SIG497=3806,"FTP Username/Password Overflow","" SIG498=3807,"Microsoft Outlook Advanced Find Vulnerability","" SIG499=3808,"Microsoft Outlook Advanced Find Vulnerability (2)","" SIG500=3809,"Microsoft Outlook VEVENT Vulnerability","" SIG501=3810,"Office 2003 Brazilian Grammar Checker Vulnerability","" SIG502=3811,"Adobe Reader Plug-in Cross-Site Scripting Vulnerability","" SIG503=3812,"Adobe Reader Plug-in Cross-Site Scripting Vulnerability (2)","" SIG504=3813,"Acer LunchApp.APlunch ActiveX Control Run Insecure Method Vulnerabi lity","" SIG505=3814,"Microsoft Word Enveloping - Illegal file creation","" SIG506=3815,"Vulnerability in Windows Image Acquisition Service Could Allow Elev ation of Privilege","" SIG507=3816,"COM Object Instantiation Memory Corruption Vulnerability (4)","" SIG508=3817,"COM Object Instantiation Memory Corruption Vulnerability (3)","" SIG509=3818,"Microsoft XML Core Services Vulnerability (3)","" SIG510=3819,"Vulnerability in HTML Help ActiveX Control","" SIG512=3821,"Vulnerability in Microsoft Word Macro Security","" SIG513=3822,"Vulnerability in Windows Shell Could Allow Elevation of Privilege", "" SIG514=3823,"Installation of BackDoor-CPX","" SIG515=3824,"Google Desktop JavaScript Injection Vulnerability","" SIG516=3825,"CAPICOM.DLL Improper Arguments Vulnerability","" SIG517=3826,"Multiple buffer overflows in the SupportSoft ActiveX controls","" SIG518=3827,"Microsoft Content Management Service Vulnerability","" SIG519=3828,"Cross-site Scripting in Microsoft Content Management Service Vulner ability","" SIG520=3829,"Sticky Keys File Replacement Backdoor","" SIG521=3830,"Internet Explorer 7 ''navcancl'' Address Bar Spoofing Vulnerability ","" SIG522=3831,"Windows IE ADODB.Recordset Vulnerability","" SIG523=3832,"EMF Elevation of Privilege Vulnerability","" SIG524=3833,"Vulnerability in Research in Motion ActiveX control","" SIG525=3834,"Vulnerability in mdsauth ActiveX control","" SIG526=3835,"COM Object Instantiation Memory Corruption Vulnerability (5)","" SIG527=3836,"GDI Incorrect Parameter Elevation of Privilege Vulnerability","" SIG528=3837,"Font Rasterizer Elevation of Privilege Vulnerability","" SIG529=3838,"Windows Animated Cursor Handling vulnerability","" SIG530=3839,"Microsoft Agent URL Parsing Vulnerability","" SIG531=3840,"Vulnerability in RPC on Windows DNS Server Could Allow Remote CodeExecution","" SIG532=3841,"Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability ","" SIG534=3844,"Microsoft Exchange DoS Vulnerability","" SIG535=3845,"Vulnerability in Universal Plug and Play (UPnP) Service Could Allow Remote Code Execution","" SIG536=3846,"Vulnerability in processing FTP Reply Could Allow Remote Code Execu tion","" SIG537=3847,"Vulnerability in Win32 API Could Allow Remote Code Execution","" SIG538=3848,"Speech Control Memory Corruption Vulnerability","" SIG539=3849,"URL Redirect Vulnerability in MHTML Protocol Handler via Internet E xplorer","" SIG540=3850,"IE and OE Cross Domain Security Bypass Vulnerability","" SIG541=3851,"MHTML Prefix Vulnerability could allow Information Disclosure","" SIG542=3852,"ASP.NET Null Byte Termination Vulnerability","" SIG543=3853,"Command Injection flaw in IE/Firefox","" SIG544=3854,"Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability","" SIG545=3855,"Firefox Illegal URL Quotes Vulnerability","" SIG546=3858,"Vulnerability in OLE Automation Could Allow Remote Code Execution", "" SIG547=3859,"Buffer Overflow in Microsoft Virtual PC","" SIG548=3860,"Vulnerability in TypeLibInfo ActiveX Control Could Allow Remote Cod e Execution","" SIG549=3861,"Vulnerability in Windows Media Player Could Allow Remote Code Execu tion","" SIG550=3862,"Vulnerability in pdwizard.ocx Memory Corruption Vulnerability","" SIG551=3864,"Vulnerability in Microsoft Agent","" SIG552=3865,"Vulnerability in Windows UNIX Services could allow elevation of pri vilege","" SIG553=3866,"Vulnerability in Apple QuickTime ''qtnext'' attribute could allow r emote code execution","" SIG554=3867,"Vulnerability in Kodak Preview could allow remote code execution"," " SIG555=3868,"Vulnerability in ShellExecute Could Allow Remote Code Execution","" SIG556=3869,"Vulnerability in RealPlayer ActiveX Control Could Allow Remote Code Execution","" SIG557=3870,"VMWare Workstation Shielding - Service Modification","" SIG558=3871,"VMWare Workstation Shielding - Registry Modification","" SIG559=3872,"VMWare Workstation Shielding - File Modification","" SIG560=3873,"VMWare Server Shielding - Service Modification","" SIG561=3874,"VMWare Server Shielding - Registry Modification","" SIG562=3875,"VMWare Server Shielding - File Modification","" SIG563=3876,"Vulnerability in Macrovision FLEXnet ActiveX Control Could Allow Re mote Code Execution","" SIG565=3879,"VMware Workstation Core Envelope - File Modification","" SIG566=3882,"VMware Workstation Core Envelope - Service Modification","" SIG567=3883,"Access Protection - Prevent Registry Editor and Task Manager from b eing disabled","" SIG568=3884,"Access Protection - Prevent user rights policies from being altered ","" SIG569=3885,"Access Protection - Prevent remote creation/modification of executa ble and configuration files","" SIG570=3886,"Access Protection - Prevent remote creation of autorun files","" SIG571=3887,"Access Protection - Prevent hijacking of .EXE and other executable extensions","" SIG572=3888,"Access Protection - Prevent Windows Process spoofing","" SIG573=3889,"Access Protection - Prevent use of tftp.exe","" SIG574=3890,"Access Protection - Protect Internet Explorer favorites and setting s","" SIG575=3891,"Access Protection - Prevent installation of new CLSIDs, APPIDs andTYPELIBs","" SIG576=3893,"Access Protection - Prevent execution of scripts from the Temp fold er","" SIG577=3894,"Access Protection - Prevent svchost executing non-Windows executabl es","" SIG578=3895,"Access Protection - Protect phonebook files from password and email address stealers","" SIG579=3896,"Access Protection - Prevent alteration of all file extension regist rations","" SIG580=3897,"Access Protection - Protect cached files from password and email ad dress stealers","" SIG581=3898,"Access Protection - Prevent modification of McAfee files and settin gs","" SIG582=3899,"Access Protection - Prevent modification of McAfee Common Managemen t Agent files and settings","" SIG583=3900,"Access Protection - Prevent modification of McAfee Scan Engine file s and settings","" SIG584=3901,"Access Protection - Protect Mozilla and FireFox files and settings" ,"" SIG585=3902,"Access Protection - Protect Internet Explorer settings","" SIG586=3903,"Access Protection - Prevent installation of Browser Helper Objects and Shell Extensions","" SIG587=3904,"Access Protection - Protect network settings","" SIG588=3905,"Access Protection - Prevent all programs from running files from th e Temp folder","" SIG589=3906,"Access Protection - Prevent programs registering to autorun","" SIG590=3907,"Access Protection - Prevent programs registering as a service","" SIG591=3908,"Access Protection - Prevent creation of new executable files in the Windows folder","" SIG592=3909,"Access Protection - Prevent creation of new executable files in the Program Files folder","" SIG593=3910,"Access Protection - Prevent launching of files from the Downloaded Program Files folder","" SIG594=3911,"Vulnerability in HP Virtual Rooms ActiveX Control Could Allow Remot e Code Execution","" SIG595=3912,"Vulnerability in Microsoft Office Web Components ActiveX Control Co uld Allow Remote Code Execution","" SIG596=3913,"Vulnerability in Microsoft Word Could Allow Remote Code Execution", "" SIG597=3915,"Vulnerability in IE Argument Validation Handling in dxtmsft.dll Cou ld Allow Remote Code Execution","" SIG598=3916,"Vulnerability in Visual Studio 6 Could Allow Remote Code Execution" ,"" SIG599=3917,"Windows File Share Creation","" SIG600=3918,"Outlook mailto URI Handling Vulnerability","" SIG601=3919,"VMware Server Core Envelope - File Modification","" SIG602=3920,"VMware Server Core Envelope - Service Modification","" SIG603=3921,"MS Word Mail Merge Vulnerability","" SIG604=3922,"Illegal Execution in Microsoft Excel","" SIG605=3923,"Vulnerability in Microsoft HxVz ActiveX Control Could Allow Remote Code Execution","" SIG606=3924,"Vulnerability in Windows GDI32 Could Allow Remote Code Execution"," " SIG607=3925,"VMware VMX Process Hijacking","" SIG608=3926,"IBM Lotus Expeditor cai: URI handling Vulnerability","" SIG610=3928,"Safari Desktop Download Vulnerability","" SIG611=3929,"Microsoft Speech Components ActiveX Object Memory Corruption Vulner ability","" SIG612=3930,"Vulnerability in BackWeb ActiveX Control Could Allow Remote Code Ex ecution",""SIG613=3931,"Creative Software AutoUpdate Engine ActiveX Stack Buffer Overflow V ulnerability","" SIG614=3933,"Vulnerability in the ActiveX Control for the Snapshot Viewer for Mi crosoft Access Could Allow Remote Code Execution","" SIG615=3934,"Vulnerability in the ActiveX Control for Aurigma Image Uploader Cou ld Allow Remote Code Execution","" SIG616=3935,"Vulnerability in the ActiveX Control for HP Instant Support Could A llow Remote Code Execution","" SIG617=3937,"Vulnerability in Microsoft Office WPG Image Converter Filter Could Allow Remote Code Execution","" SIG618=3938,"Vulnerability in Microsoft Office PICT Image Converter Filter Could Allow Remote Code Execution","" SIG619=3939,"Vulnerability in Microsoft Windows Image Color Management System Co uld Allow Remote Code Execution","" SIG620=3941,"Microsoft Visual Studio Msmask32 ActiveX Control Could Allow Remote Code Execution","" SIG621=3945,"Adobe Flash Clipboard Poisoning Vulnerability","" SIG622=3946,"Microsoft Windows Media Encoder 9 Could Allow Remote Code Execution ","" SIG623=3947,"OneNote URI Validation Error Vulnerability","" SIG624=3948,"Windows Metafile Remote Code Execution Vulnerability","" SIG625=3952,"Novell iPrint Client ActiveX Control Stack Buffer Overflow Vulnerab ility","" SIG626=3953,"RealNetworks RealPlayer Rmoc3260.dll ActiveX Control Memory Corrupt ion Vulnerability","" SIG627=3954,"ComponentOne VSFlexGrid v. 7/8 ActiveX Control ''Archive()'' method Local Buffer Overflow Vulnerability","" SIG628=3956,"VMWare COM API Remote Buffer Overflow Vulnerability","" SIG629=3957,"Microsoft KB956391 Cumulative Update of ActiveX Kill Bits","" SIG630=3958,"Vulnerability in Message Queuing Could Allow Remote Code Execution" ,"" SIG631=3959,"Vulnerability in Host Integration Server Could Allow Remote Code Ex ecution","" SIG632=3960,"CDO Protocol Handler Vulnerability Could Allow Information Disclosu re","" SIG633=3961,"Vulnerability in Server Service Could Allow Remote Code Execution", "" SIG634=3965,"Adobe Acrobat util.printf Buffer Overflow","" SIG635=2201,"Vulnerabilities in Windows Search Could Allow Remote Code Execution (CVE-2008-4269)","" SIG636=2202,"Vulnerabilities in GDI Could Allow Remote Code Execution (CVE-20082249)","" SIG637=2200,"Vulnerability in Microsoft Office Sharepoint Server Could Cause Ele vation of Privilege","" SIG638=2204,"Vulnerability in the ActiveX Control for IE Navigate Could Allow Re mote Code Execution","" SIG639=2207,"WMP Vulnerability Could Allow an Authentication Reflection Attack b y WMS","" SIG640=2205,"CVE-2008-4255 Vulnerability in Microsoft Windows Common AVI Control ","" SIG641=2206,"CVE-2008-4256 Vulnerability in Microsoft Charts Control","" SIG642=2208,"Vulnerability in Internet Explorer Could Allow Remote Code Executio n (CVE-2008-4844)","" SIG643=2210,"Microsoft SQL Server sp_replwritetovarbin Stored Procedure Buffer O verflow","" SIG644=2211,"Vulnerability in Visual Studio 2005 Could Allow Remote Code Executi on (3)","" SIG645=2212,"Vulnerabilities in Windows Win32k Kernel Could Allow Remote Code Ex ecution","" SIG646=2213,"Vulnerability in Microsoft Exchange EMSMDB32 Could Allow Denial ofService","" SIG647=2214,"Vulnerabilities in Akamai Download Manager Could Allow Remote Code Execution","" SIG648=2215,"Vulnerabilities in Research in Motion (RIM) AxLoader Could Allow Re mote Code Execution","" SIG649=2216,"Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution","" SIG650=2219,"Vulnerabilities in Internet Information Services 5.0 Could Allow Au thentication Bypass","" SIG651=2220,"Vulnerabilities in Internet Information Services 5.1 and 6.0 Could Allow Authentication Bypass","" SIG652=2217,"Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote C ode Execution","" SIG653=2218,"Autorun File Read Blocked","" SIG654=2222,"Print Spooler Load Library Vulnerability","" SIG655=2223,"Microsoft KB969898 Update Rollup of ActiveX Kill Bits","" SIG656=2221,"Vulnerability in the Embedded OpenType Font Engine Could Allow Remo te Code Execution","" SIG658=6003,"Generic SQL Injection - I","" SIG659=6004,"Generic SQL Injection - II","" SIG660=6005,"Generic SQL Injection - III","" SIG661=6006,"Generic SQL Injection - IV","" SIG662=6007,"Generic SQL Injection - V","" SIG663=6008,"Generic SQL Injection - VI","" SIG664=6010,"Generic Application Hooking Protection","" SIG665=6011,"Generic Application Invocation Protection","" SIG666=2225,"Vulnerability in Office Web Components Could Allow Remote Code Exec ution","" SIG667=2226,"Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution","" SIG668=2227,"Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution","" SIG669=2228,"Vulnerability in Workstation Service Could Allow Elevation of Privi lege","" SIG670=2229,"Vulnerabilities in Remote Desktop Client Could Allow Remote Code Ex ecution","" SIG671=2230,"Tiny Or Overlap Fragment Attack Vulnerability","" SIG672=2231,"Vulnerability in SMB Could Allow Remote Code Execution","" SIG673=2232,"SMB Buffer Overflow Remote Code Execution Vulnerability","" SIG674=2233,"SMB Validation Remote Code Execution Vulnerability","" SIG675=2234,"Vulnerability in DHTML Editing Component ActiveX Control Could Allo w Remote Code Execution","" SIG676=2235,"Vulnerability in Windows Media Player Could Allow Remote Code Execu tion","" SIG677=2236,"Suspicious ActiveX Control Instantiation by Internet Explorer (Oct. ''09)","" SIG678=2237,"Vulnerability in Indexing Service Could Allow Remote Code Execution ","" SIG679=2238,"Vulnerability in Symantec Altiris Deployment Solution ActiveX Could Allow Remote Code Execution","" SIG680=2239,"Vulnerability in License Logging Server Could Allow Remote Code Exe cution","" SIG681=2240,"Windows Metafile Denial of Service Vulnerability (2)","" SIG682=2241,"Apache (ePO) Shielding - Log File Access","" SIG683=2242,"Apache (ePO) Shielding - Log File Modification","" SIG684=2243,"Apache (ePO) Shielding - File Modification in apache System Folder" ,"" SIG685=2244,"Apache (ePO) Shielding - File Access Conf. Folder","" SIG686=2245,"Apache (ePO) Shielding - File Modification Conf. Folder","" SIG687=2246,"Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution","" SIG688=2247,"NTVDM Execution Prevention","" SIG689=6012,"Suspicious Function Invocation - Return to API","" SIG690=6013,"Suspicious Function Invocation - CALL Not Found","" SIG691=6014,"Suspicious Function Invocation - Return Address Not Readable","" SIG692=6015,"Suspicious Function Invocation - Target Address Mismatch","" SIG693=2254,"Suspicious Process Invocation - Acrobat Reader","" SIG694=2251,"Vulnerability in Windows Shell Handler Could Allow Remote Code Exec ution","" SIG695=2252,"Microsoft KB978262 Critical Cumulative Security Update of ActiveX K ill Bits","" SIG696=2256,"Suspicious Process Invocation - Foxit Reader","" SIG697=2258,"Microsoft Office SharePoint Server 2007 Cross Site Vulnerability"," " SIG698=2259,"Microsoft Office Sharepoint Help Page Denial of Service Vulnerabili ty","" SIG699=6024,"TrustedSource Remote IP Address Blocked","" SIG700=6029,"SMB Buffer Underflow Vulnerability","" SIG701=6031,"SMB Pathname Overflow Vulnerability","" SIG702=2260,"Vulnerability in Microsoft Data Analyzer ActiveX Control Could Allo w Remote Code Execution","" SIG703=2261,"Vulnerability in Microsoft Internet Explorer 8 Developer Tools Coul d Allow Remote Code Execution","" SIG704=2262,"Microsoft Internet Explorer 8 Uninitialized Memory Corruption Vulne rability","" SIG705=2264,"Generic SQL Injection - Declare","" SIG706=2265,"Delay Delete File Protection","" SIG707=2266,"Access ActiveX Control Vulnerability","" SIG708=2267,"ACCWIZ.dll Uninitialized Variable Vulnerability","" SIG709=2263,"Suspicious HelpCtr.exe Process Invocation - Internet Explorer","" SIG710=2268,"Microsoft XML Core Services ActiveX Control Vulnerability","" SIG711=2269,"Microsoft Silverlight ActiveX Control Vulnerability","" SIG712=2270,"TLS/SSL Renegotiation Vulnerability","" SIG713=2271,"Vulnerability in Cinepak Codec Could Allow Remote Code Execution"," " SIG714=6033,"Shortcut Icon Loading Vulnerability","" SIG715=6026,"Vulnerability in Event System could allow Remote Code Execution","" SIG716=6027,"Vulnerability in GDI could allow Remote Code Execution","" SIG717=6039,"Vulnerability in Windows Could Allow Remote Code Execution using ma liciously crafted DVR-MS file","" SIG718=6028,"Vulnerability in Windows Shell Handler URL Validation Could Allow R emote Code Execution","" SIG719=6034,"IE createTextRange Vulnerability","" SIG720=2272,"Possible Print Spooler Service Impersonation Attempt Detected","" SIG721=2273,"Directory Authentication Bypass Vulnerability","" SIG722=2279,"Vulnerability in CGM Image Converter Could Allow Remote Code Execut ion","" SIG723=2281,"Vulnerability in FlashPix Graphics Filter Could Allow Remote Code E xecution","" SIG724=6035,"UAG Redirection Issue May Allow Phishing Vulnerability","" SIG725=6036,"UAG Mobile Portal Website in Forefront Unified Access Gateway Vulne rability","" SIG726=6037,"XSS in Sginurl.asp Vulnerability","" SIG727=6046,"UAG Default Reflected XSS Vulnerability","" SIG728=2278,"PKMAXCTL.DLL ActiveX Use After Free Vulnerability","" SIG729=2280,"Vulnerability in Netlogon RPC Service Could Allow Denial of Service ","" SIG730=2282,"Windows Backup Manager DLL loading Vulnerability","" SIG731=2283,"Windows Media Filter DLL loading Vulnerability","" SIG732=2284,"Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution","" SIG733=2285,"Active Directory SPN Validation Vulnerability","" SIG734=2287,"Microsoft WMITools ActiveX Control Vulnerability","" SIG735=2288,"Microsoft Windows Messenger ActiveX Control Vulnerability","" SIG736=6032,"Suspicious Function Invocation - Target Address Mismatch","" SIG737=6038,"SMB Transaction Parsing Vulnerability","" SIG738=6022,"Vulnerability in SMB Could Allow Denial of Service","" SIG739=2294,"Chart Control Information Disclosure Vulnerability","" SIG740=2295,"Report Viewer Controls XSS Vulnerability","" SIG741=2293,"Remote Desktop Web Access Vulnerability","" SIG742=2289,"XSS in SharePoint Calendar Vulnerability","" SIG743=2290,"Editform Script Injection Vulnerability","" SIG744=2291,"Contact Details Reflected XSS Vulnerability","" SIG745=2292,"SharePoint XSS Vulnerability","" SIG746=2776,"Microsoft Office Component Insecure Library Loading Remote Code Exe cution","" SIG747=2777,"Windows Components Insecure Library Loading Remote Code Execution", "" SIG748=2778,"Media Center Insecure Library Loading Vulnerability","" SIG749=2296,"OLEAuto32.dll Remote Code Execution Vulnerability","" SIG750=2779,"TDSS Rootkit Infection","" SIG751=2780,"Windows Mail Insecure Library Loading Vulnerability","" SIG752=2784,"Internet Explorer Insecure Library Loading Vulnerability","" SIG753=2785,"Windows Power Point Insecure DLL loading Vulnerability","" SIG754=2772,"Access Protection - Disable HCP URLs in Internet Explorer","" SIG755=3892,"Access Protection - Prevent termination of McAfee processes","" SIG756=2783,"Adobe Flex SWF Cross Site Scripting","" SIG757=2786,"IIS 6.0 Denail of Service Vulnerability","" SIG758=2787,"W32/Yunsip Infection","" SIG759=2297,"Access Protection - Prevent common programs from running files from the Temp folder","" SIG760=6047,"Illegal Execution - Writable Memory","" SIG761=6048,"Suspicious Function Invocation - Different Stack","" SIG762=6049,"Suspicious Function Invocation - No Module","" SIG763=2789,"Microsoft Indeo Codec Insecure Library Loading Vulnerability","" SIG764=2790,"Microsoft Color Control Panel Insecure Library Loading Vulnerabilit y","" SIG766=2794,"Windows Media Encoder Insecure Library Loading Vulnerability","" SIG767=2788,"Symantec pcAnywhere Insecure File Permissions Vulnerability","" SIG768=2791,"Microsoft SharePoint XSS in inplview.aspx","" SIG769=2792,"Microsoft SharePoint XSS in wizardlist.aspx","" SIG770=6042,"DNS Rule Violation","" SIG771=6051,"Access Protection - Prevent hooking of McAfee processes","" SIG772=2793,"Microsoft Expression Design Insecure Library Loading Vulnerability" ,"" SIG773=2795,"Microsoft Visio Insecure Library Loading Vulnerability","" SIG774=2796,"MSCOMCTL.OCX RCE Vulnerability","" SIG775=2797,"Microsoft Windows Object Packager Insecure Executable Launching","" SIG776=6043,"Remote Desktop Remote Code Execution Vulnerability",""