| Group Name | # of attack rules | # of warning rules | goto |
|---|---|---|---|
| OS | |||
| OS / Windows | 2423 | 709 | goto rules ... |
| OS / Linux | 4 | 19 | goto rules ... |
| OS / Other | 30 | 53 | goto rules ... |
| Server | |||
| Server / HTTP | |||
| Server / HTTP / Common | 22 | 70 | goto rules ... |
| Server / HTTP / Apache | 10 | 18 | goto rules ... |
| Server / HTTP / Microsoft IIS | 17 | 138 | goto rules ... |
| Server / HTTP / Other | |||
| Server / HTTP / Coldfusion | |||
| Server / HTTP / Frontpage | 0 | 38 | goto rules ... |
| Server / HTTP / PHP | 25 | 165 | goto rules ... |
| Server / HTTP / CGI | 21 | 365 | goto rules ... |
| Server / Mail | |||
| Server / Mail / Microsoft Exchange | 12 | 5 | goto rules ... |
| Server / Mail / Sendmail | 0 | 21 | goto rules ... |
| Server / Mail / POP3 | 11 | 29 | goto rules ... |
| Server / Mail / IMAP | 34 | 44 | goto rules ... |
| Server / Mail / SMTP | 165 | 45 | goto rules ... |
| Server / Database | |||
| Server / Database / Microsoft | 10 | 8 | goto rules ... |
| Server / Database / Oracle | |||
| Server / Database / MySQL | 16 | 19 | goto rules ... |
| Server / Database / Common SQL | 60 | 113 | goto rules ... |
| Server / Database / Common SQL | |||
| Server / Misc | |||
| Server / Misc / DNS | 24 | 265 | goto rules ... |
| Server / Misc / FTP | 39 | 123 | goto rules ... |
| Server / Misc / SSH | 0 | 8 | goto rules ... |
| Server / Misc / Backup | 19 | 46 | goto rules ... |
| Server / Misc / TFTP | |||
| Server / Misc / SNMP | 3 | 4 | goto rules ... |
| Server / Misc / Authentication | 7 | 12 | goto rules ... |
| Server / Misc / CVS | 1 | 16 | goto rules ... |
| Client | |||
| Client / Office | 281 | 112 | goto rules ... |
| Client / Browser | 246 | 67 | goto rules ... |
| Client / Email | 17 | 3 | goto rules ... |
| Client / Multimedia | 292 | 34 | goto rules ... |
| Client / Peer to Peer | |||
| Client / Instant Messenger | 8 | 2 | goto rules ... |
| Protocol Anomaly | |||
| Protocol Anomaly / Invalid Traffic | 7 | 13 | goto rules ... |
| Protocol Anomaly / ICMP | |||
| Protocol Anomaly / IGMP | |||
| Protocol Anomaly / RPC | |||
| Protocol Anomaly / Misc | |||
| Malware | 1789 | 1827 | goto rules ... |
| Malware / Trojans | |||
| Malware / DoS | |||
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1239 | NETBIOS RFParalyze Attempt (more info ...) | attempted-recon | 2000-0347 | 1163 | 10392 | |
| 2005 | RPC portmap kcms_server request UDP (more info ...) | rpc-portmap-decode | 2003-0027 | 6665 | URL | |
| 2007 | RPC kcms_server directory traversal attempt (more info ...) | misc-attack | 2003-0027 | 6665 | URL | |
| 2103 | NETBIOS SMB Trans2 OPEN2 unicode maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 2123 | ATTACK-RESPONSES Microsoft cmd.exe banner (more info ...) | successful-admin | 11633 | |||
| 2176 | NETBIOS SMB startup folder access (more info ...) | attempted-recon | ||||
| 2252 | NETBIOS SMB-DS DCERPC Remote Activation bind attempt (more info ...) | attempted-admin | 2003-0715 | 8458 | 11835 | URL |
| 2255 | RPC sadmind query with root credentials attempt TCP (more info ...) | misc-attack | ||||
| 2256 | RPC sadmind query with root credentials attempt UDP (more info ...) | misc-attack | ||||
| 2257 | NETBIOS DCERPC Messenger Service buffer overflow attempt (more info ...) | attempted-admin | 2003-0717 | 8826 | 11890 | URL |
| 2258 | NETBIOS SMB-DS DCERPC Messenger Service buffer overflow attempt (more info ...) | attempted-admin | 2003-0717 | 8826 | 11890 | URL |
| 2349 | NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters attempt (more info ...) | protocol-command-decode | 2006-6114 | 21220 | ||
| 2401 | NETBIOS SMB Session Setup andx username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 2403 | NETBIOS SMB Session Setup unicode username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 2435 | WEB-CLIENT Microsoft emf metafile access (more info ...) | attempted-user | 2007-5746 | 9707 | URL | |
| 2436 | WEB-CLIENT Microsoft wmf metafile access (more info ...) | attempted-user | ||||
| 2508 | NETBIOS DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt (more info ...) | attempted-admin | 2003-0533 | 10108 | 12205 | URL |
| 2511 | NETBIOS DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt (more info ...) | attempted-admin | 2003-0533 | 10108 | 12205 | URL |
| 2942 | NETBIOS DCERPC NCACN-IP-TCP winreg InitiateSystemShutdown attempt (more info ...) | protocol-command-decode | URL | |||
| 3018 | NETBIOS SMB NT Trans NT CREATE oversized Security Descriptor attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3019 | NETBIOS SMB NT Trans NT CREATE andx oversized Security Descriptor attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3020 | NETBIOS SMB NT Trans NT CREATE unicode oversized Security Descriptor attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3021 | NETBIOS SMB NT Trans NT CREATE unicode andx oversized Security Descriptor attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3022 | NETBIOS SMB-DS NT Trans NT CREATE oversized Security Descriptor attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3023 | NETBIOS SMB-DS NT Trans NT CREATE andx oversized Security Descriptor attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3024 | NETBIOS SMB-DS NT Trans NT CREATE unicode oversized Security Descriptor attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3025 | NETBIOS SMB-DS NT Trans NT CREATE unicode andx oversized Security Descriptor attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3026 | NETBIOS SMB NT Trans NT CREATE SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3027 | NETBIOS SMB NT Trans NT CREATE andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3028 | NETBIOS SMB NT Trans NT CREATE unicode SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3029 | NETBIOS SMB NT Trans NT CREATE unicode andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3030 | NETBIOS SMB-DS NT Trans NT CREATE SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3031 | NETBIOS SMB-DS NT Trans NT CREATE andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3032 | NETBIOS SMB-DS NT Trans NT CREATE unicode SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3033 | NETBIOS SMB-DS NT Trans NT CREATE unicode andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3034 | NETBIOS SMB NT Trans NT CREATE DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3035 | NETBIOS SMB NT Trans NT CREATE andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3036 | NETBIOS SMB NT Trans NT CREATE unicode DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3037 | NETBIOS SMB NT Trans NT CREATE unicode andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3038 | NETBIOS SMB-DS NT Trans NT CREATE DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3039 | NETBIOS SMB-DS NT Trans NT CREATE andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3079 | WEB-CLIENT Microsoft ANI file parsing overflow (more info ...) | attempted-user | 2007-1765 | URL | ||
| 3135 | NETBIOS SMB Trans2 QUERY_FILE_INFO attempt (more info ...) | protocol-command-decode | ||||
| 3136 | NETBIOS SMB Trans2 QUERY_FILE_INFO andx attempt (more info ...) | protocol-command-decode | ||||
| 3137 | NETBIOS SMB-DS Trans2 QUERY_FILE_INFO attempt (more info ...) | protocol-command-decode | ||||
| 3138 | NETBIOS SMB-DS Trans2 QUERY_FILE_INFO andx attempt (more info ...) | protocol-command-decode | ||||
| 3139 | NETBIOS SMB Trans2 FIND_FIRST2 attempt (more info ...) | protocol-command-decode | ||||
| 3140 | NETBIOS SMB Trans2 FIND_FIRST2 andx attempt (more info ...) | protocol-command-decode | ||||
| 3141 | NETBIOS SMB-DS Trans2 FIND_FIRST2 attempt (more info ...) | protocol-command-decode | ||||
| 3142 | NETBIOS SMB-DS Trans2 FIND_FIRST2 andx attempt (more info ...) | protocol-command-decode | ||||
| 3143 | NETBIOS SMB Trans2 FIND_FIRST2 command response overflow attempt (more info ...) | protocol-command-decode | 2005-0045 | 12484 | URL | |
| 3144 | NETBIOS SMB Trans2 FIND_FIRST2 response andx overflow attempt (more info ...) | protocol-command-decode | 2005-0045 | 12484 | URL | |
| 3146 | NETBIOS SMB-DS Trans2 FIND_FIRST2 response andx overflow attempt (more info ...) | protocol-command-decode | 2005-0045 | 12484 | URL | |
| 3158 | NETBIOS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt (more info ...) | protocol-command-decode | 2003-0715 | URL | ||
| 3159 | NETBIOS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt (more info ...) | protocol-command-decode | 2003-0715 | URL | ||
| 3171 | NETBIOS DCERPC NCADG-IP-UDP msqueue function 4 overflow attempt (more info ...) | attempted-admin | 2005-0059 | URL | ||
| 3397 | NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance attempt (more info ...) | protocol-command-decode | 2003-0352 | 8205 | URL | |
| 3398 | NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance attempt (more info ...) | protocol-command-decode | 2003-0352 | 8205 | URL | |
| 3409 | NETBIOS DCERPC NCACN-IP-TCP IActivation remoteactivation overflow attempt (more info ...) | attempted-admin | 2003-0715 | 8205 | URL | |
| 3552 | WEB-CLIENT OLE32 microsoft MSHTA masquerade attempt (more info ...) | attempted-user | 2005-0063 | 13132 | URL | |
| 3967 | NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_QueryResConfList attempt (more info ...) | protocol-command-decode | 2005-1983 | 14513 | URL | |
| 4072 | NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_DetectResourceConflict attempt (more info ...) | protocol-command-decode | 2005-1983 | 14513 | URL | |
| 4145 | WEB-ACTIVEX Windows Trouble Shooter ActiveX Object Access (more info ...) | attempted-user | 2003-0662 | 8833 | URL | |
| 4146 | WEB-ACTIVEX Share Point Portal Services Log Sink ActiveX Object Access (more info ...) | attempted-user | 14515 | URL | ||
| 4147 | WEB-ACTIVEX ActiveLabel ActiveX Object Access (more info ...) | attempted-user | 2002-0647 | 5558 | URL | |
| 4148 | WEB-ACTIVEX DHTML Editing ActiveX clsid access (more info ...) | attempted-user | 2009-2519 | 1474 | URL | |
| 4151 | WEB-ACTIVEX System Monitor Source Properties ActiveX Object Access (more info ...) | attempted-user | 7384 | |||
| 4153 | WEB-ACTIVEX Eyedog ActiveX Object Access (more info ...) | attempted-user | 1999-0669 | 619 | URL | |
| 4154 | WEB-ACTIVEX Active Setup ActiveX Object Access (more info ...) | attempted-user | 2000-0329 | 775 | URL | |
| 4155 | WEB-ACTIVEX htmlfile ActiveX Object Access (more info ...) | attempted-user | 2001-0149 | 1718 | URL | |
| 4157 | WEB-ACTIVEX MSN Setup BBS 4.71.0.10 ActiveX Object Access (more info ...) | attempted-user | 1999-1484 | 668 | ||
| 4159 | WEB-ACTIVEX Multimedia File Property Sheet ActiveX Object Access (more info ...) | attempted-user | 5094 | |||
| 4160 | WEB-ACTIVEX Microsoft Windows Reporting Tool ActiveX Object Access (more info ...) | attempted-user | 2003-0530 | 8454 | URL | |
| 4161 | WEB-ACTIVEX DigWebX MSN ActiveX Object Access (more info ...) | attempted-user | 13946 | URL | ||
| 4162 | WEB-ACTIVEX DigWebX MSN ActiveX Object Access (more info ...) | attempted-user | 13946 | URL | ||
| 4163 | WEB-ACTIVEX DigWebX MSN ActiveX Object Access (more info ...) | attempted-user | 13946 | URL | ||
| 4164 | WEB-ACTIVEX DigWebX MSN ActiveX Object Access (more info ...) | attempted-user | 13946 | URL | ||
| 4165 | WEB-ACTIVEX Image Control 1.0 ActiveX Object Access (more info ...) | attempted-user | 12477 | URL | ||
| 4167 | WEB-ACTIVEX MSN Heartbeat ActiveX clsid access (more info ...) | attempted-user | 11367 | URL | ||
| 4168 | WEB-ACTIVEX Shell Automation Service ActiveX Object Access (more info ...) | attempted-user | 9335 | |||
| 4171 | WEB-ACTIVEX Registration Wizard ActiveX Object Access (more info ...) | attempted-user | 671 | URL | ||
| 4172 | WEB-ACTIVEX Microsoft Agent v1.5 ActiveX clsid access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 4173 | WEB-ACTIVEX MsnPUpld ActiveX Object Access (more info ...) | attempted-user | URL | |||
| 4174 | WEB-ACTIVEX Symantec RuFSI registry Information Class ActiveX Object Access (more info ...) | attempted-user | 2003-0470 | 8008 | URL | |
| 4179 | WEB-ACTIVEX DirectX Files Viewer ActiveX Object Access (more info ...) | attempted-user | 2002-0975 | 5489 | URL | |
| 4180 | WEB-ACTIVEX Kodak Image Scan Control ActiveX Object Access (more info ...) | attempted-user | URL | |||
| 4181 | WEB-ACTIVEX Smartcard Enrollment ActiveX Object Access (more info ...) | attempted-user | 2002-0699 | URL | ||
| 4182 | WEB-ACTIVEX MSN Chat v4.5, 4.6 ActiveX Object Access (more info ...) | attempted-user | 2002-0155 | 4707 | URL | |
| 4183 | WEB-ACTIVEX HTML Help ActiveX Object Access (more info ...) | attempted-user | 2005-1208 | 13953 | URL | |
| 4184 | WEB-ACTIVEX Certificate Enrollment ActiveX Object Access (more info ...) | attempted-user | 2002-0699 | 5593 | URL | |
| 4185 | WEB-ACTIVEX Terminal Services Advanced Client ActiveX Object Access (more info ...) | attempted-user | 2002-0726 | 5554 | URL | |
| 4186 | WEB-ACTIVEX Kodak Image Editing ActiveX Object Access (more info ...) | attempted-user | URL | |||
| 4187 | WEB-ACTIVEX Terminal Services Advanced Client ActiveX Object Access (more info ...) | attempted-user | 2002-0726 | 5554 | URL | |
| 4188 | WEB-ACTIVEX RAV Online Scanner ActiveX Object Access (more info ...) | attempted-user | 2004-0936 | 11448 | URL | |
| 4189 | WEB-ACTIVEX Third-Party Plugin ActiveX Object Access (more info ...) | attempted-user | 2003-0233 | URL | ||
| 4190 | WEB-ACTIVEX Kodak Thumbnail Image ActiveX Object Access (more info ...) | attempted-user | URL | |||
| 4191 | WEB-ACTIVEX MsnPUpld ActiveX Object Access (more info ...) | attempted-user | URL | |||
| 4192 | WEB-ACTIVEX HHOpen ActiveX Object Access (more info ...) | attempted-user | 669 | URL | ||
| 4193 | WEB-ACTIVEX Kodak Image Editing ActiveX Object Access (more info ...) | attempted-user | URL | |||
| 4197 | WEB-ACTIVEX DigWebX MSN ActiveX Object Access (more info ...) | attempted-user | 13946 | URL | ||
| 4200 | WEB-ACTIVEX Index Server Scope Administration ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4201 | WEB-ACTIVEX Queued Components Recorder ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4202 | WEB-ACTIVEX DirectAnimation ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4203 | WEB-ACTIVEX Microsoft Marquee Control ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4204 | WEB-ACTIVEX Microsoft DT PolyLine Control 2 ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4205 | WEB-ACTIVEX Microsoft Visual Database Tools Database Designer v7.0 ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4206 | WEB-ACTIVEX Microsoft MPEG-4 Video Decompressor Property Page ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4207 | WEB-ACTIVEX Microsoft MS Audio Decompressor Control Property Page ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4208 | WEB-ACTIVEX LexRefStEsObject Class ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4209 | WEB-ACTIVEX LexRefStFrObject Class ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4211 | WEB-ACTIVEX Microsoft DDS Library Shape Control ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4212 | WEB-ACTIVEX Microsoft DDS Generic Class ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4213 | WEB-ACTIVEX Microsoft DDS Picture Shape Control ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4214 | WEB-ACTIVEX Microsoft TipGW Init ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4215 | WEB-ACTIVEX Microsoft HTML Popup Window ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4216 | WEB-ACTIVEX CLSID_CComAcctImport ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4219 | WEB-ACTIVEX Microsoft Network Connections Tray ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4220 | WEB-ACTIVEX Microsoft Network and Dial-Up Connections ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4221 | WEB-ACTIVEX Microsoft ProxyStub Dispatch ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4223 | WEB-ACTIVEX Microsoft OpenCable Class ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4224 | WEB-ACTIVEX Microsoft VideoPort ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4225 | WEB-ACTIVEX Microsoft Repository ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4226 | WEB-ACTIVEX Microsoft DocHost User Interface Handler ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4227 | WEB-ACTIVEX Microsoft Network Connections ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4228 | WEB-ACTIVEX Microsoft Windows Start Menu ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4229 | WEB-ACTIVEX MSAPP Export Support for Microsoft Access ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4230 | WEB-ACTIVEX Search Assistant UI ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4231 | WEB-ACTIVEX Microsoft SysTray ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4232 | WEB-ACTIVEX Microsoft SysTray Invoker ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4233 | WEB-ACTIVEX Microsoft Visual Database Tools Query Designer v7.0 ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4234 | WEB-ACTIVEX Microsoft MSVTDGridCtrl7 ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4236 | WEB-ACTIVEX WMI ASDI Extension ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4245 | NETBIOS DCERPC NCACN-IP-TCP msdtc BuildContextW overflow attempt (more info ...) | attempted-admin | 2005-2119 | 15056 | URL | |
| 4246 | NETBIOS DCERPC NCADG-IP-UDP msdtc BuildContextW overflow attempt (more info ...) | attempted-admin | 2005-2119 | 15056 | URL | |
| 4358 | NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 4648 | WEB-CLIENT wang image admin activex object access (more info ...) | attempted-user | URL | |||
| 4754 | NETBIOS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin overflow attempt (more info ...) | attempted-admin | 2003-0003 | 6666 | URL | |
| 4755 | NETBIOS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin overflow attempt (more info ...) | attempted-admin | 2003-0003 | 6666 | URL | |
| 4890 | WEB-ACTIVEX IAVIStream & IAVIFile Proxy ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4891 | WEB-ACTIVEX cfw Class ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4892 | WEB-ACTIVEX MTSEvents Class ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4893 | WEB-ACTIVEX Trident HTMLEditor ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4894 | WEB-ACTIVEX PSEnumVariant ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4895 | WEB-ACTIVEX PSTypeInfo ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4896 | WEB-ACTIVEX PSTypeLib ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4897 | WEB-ACTIVEX PSOAInterface ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4898 | WEB-ACTIVEX PSTypeComp ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4899 | WEB-ACTIVEX ISupportErrorInfo Interface ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4901 | WEB-ACTIVEX VMR Allocator Presenter 9 ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4902 | WEB-ACTIVEX Video Mixing Renderer 9 ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4903 | WEB-ACTIVEX VMR ImageSync 9 ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4904 | WEB-ACTIVEX Microsoft Repository Alias ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4905 | WEB-ACTIVEX Microsoft Repository Object ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4906 | WEB-ACTIVEX Microsoft Repository Interface Definition ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4907 | WEB-ACTIVEX Microsoft Repository Collection Definition ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4908 | WEB-ACTIVEX Microsoft Repository Method Definition ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4909 | WEB-ACTIVEX Microsoft Repository Property Definition ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4910 | WEB-ACTIVEX Microsoft Repository Relationship Definition ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4911 | WEB-ACTIVEX Microsoft Repository Type Library ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4912 | WEB-ACTIVEX Microsoft Repository Root ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4913 | WEB-ACTIVEX Microsoft Repository Workspace ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4914 | WEB-ACTIVEX Microsoft Repository Script Definition ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4915 | WEB-ACTIVEX Shortcut Handler ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4982 | WEB-ACTIVEX Adodb.Stream ActiveX Object Access (more info ...) | attempted-user | 2004-0549 | 10514 | URL | |
| 4983 | WEB-ACTIVEX Adodb.Stream ActiveX Object Access CreateObject Function (more info ...) | attempted-user | 2004-0549 | 10514 | URL | |
| 5485 | NETBIOS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (more info ...) | attempted-admin | 2005-0050 | 12481 | URL | |
| 5677 | NETBIOS SMB Session Setup username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 5682 | NETBIOS SMB Session Setup unicode andx username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 5740 | WEB-CLIENT Microsoft HTML help workshop file .hhp download attempt (more info ...) | misc-activity | ||||
| 5741 | WEB-CLIENT Microsoft HTML help workshop buffer overflow attempt (more info ...) | attempted-user | 2006-0564 | URL | ||
| 6002 | WEB-ACTIVEX Microsoft DT DDS Rectilinear GDD Layout ActiveX Object Access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6003 | WEB-ACTIVEX Microsoft DT DDS Rectilinear GDD Route ActiveX Object Access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6004 | WEB-ACTIVEX Microsoft DT DDS Circular Auto Layout Logic 2 ActiveX Object Access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6005 | WEB-ACTIVEX Microsoft DT DDS Straight Line Routing Logic 2 ActiveX Object Access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6006 | WEB-ACTIVEX Microsoft DT Icon Control ActiveX Object Access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6007 | WEB-ACTIVEX Microsoft DT DDS OrgChart GDD Layout ActiveX Object Access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6008 | WEB-ACTIVEX Microsoft DT DDS OrgChart GDD Route ActiveX Object Access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6009 | WEB-ACTIVEX RDS.Dataspace ActiveX Object Access (more info ...) | attempted-user | 2006-0003 | 17462 | URL | |
| 6419 | NETBIOS DCERPC NCACN-IP-TCP msdtc BuildContextW invalid uuid size attempt (more info ...) | attempted-admin | 2006-1184 | 17905 | URL | |
| 6420 | NETBIOS DCERPC NCADG-IP-UDP msdtc BuildContextW invalid uuid size attempt (more info ...) | attempted-admin | 2006-1184 | 17905 | URL | |
| 6431 | NETBIOS DCERPC NCACN-IP-TCP msdtc BuildContextW invalid second uuid size attempt (more info ...) | attempted-admin | 2006-1184 | 17905 | URL | |
| 6432 | NETBIOS DCERPC NCADG-IP-UDP msdtc BuildContextW invalid second uuid size attempt (more info ...) | attempted-admin | 2006-1184 | 17905 | URL | |
| 6443 | NETBIOS DCERPC NCACN-IP-TCP msdtc BuildContextW heap overflow attempt (more info ...) | attempted-admin | 2006-0034 | 17906 | URL | |
| 6444 | NETBIOS DCERPC NCADG-IP-UDP msdtc BuildContextW heap overflow attempt (more info ...) | attempted-admin | 2006-0034 | 17906 | URL | |
| 6455 | NETBIOS DCERPC NCACN-IP-TCP msdtc BuildContext heap overflow attempt (more info ...) | attempted-admin | 2006-0034 | 17906 | URL | |
| 6456 | NETBIOS DCERPC NCADG-IP-UDP msdtc BuildContext heap overflow attempt (more info ...) | attempted-admin | 2006-0034 | 17906 | URL | |
| 6516 | WEB-ACTIVEX DXImageTransform.Microsoft.Light ActiveX function call access (more info ...) | attempted-user | 2006-2383 | URL | ||
| 6517 | WEB-ACTIVEX DXImageTransform.Microsoft.Light ActiveX CLSID access (more info ...) | attempted-user | 2006-2383 | URL | ||
| 6518 | WEB-ACTIVEX DXImageTransform.Microsoft.Light ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-2383 | URL | ||
| 6682 | WEB-ACTIVEX DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX function call access (more info ...) | attempted-user | URL | |||
| 6683 | WEB-ACTIVEX DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 6684 | WEB-ACTIVEX DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 6685 | WEB-ACTIVEX DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 6686 | WEB-ACTIVEX DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 6687 | WEB-ACTIVEX DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX function call access (more info ...) | attempted-user | URL | |||
| 6714 | NETBIOS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences phonebook mode overflow attempt (more info ...) | attempted-admin | 2006-2371 | 18358 | URL | |
| 6906 | NETBIOS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences callback number overflow attempt (more info ...) | attempted-admin | 2006-2371 | 18358 | URL | |
| 7003 | WEB-ACTIVEX ADODB.Recordset ActiveX function call access (more info ...) | attempted-user | 2006-5559 | 20704 | URL | |
| 7004 | WEB-ACTIVEX Internet.HHCtrl.1 ActiveX function call access (more info ...) | attempted-user | 2006-3357 | 18769 | URL | |
| 7006 | WEB-ACTIVEX ASControls.InstallEngineCtl ActiveX function call access (more info ...) | attempted-user | ||||
| 7007 | WEB-ACTIVEX AxDebugger.Document.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 7008 | WEB-ACTIVEX DirectAnimation.DAUserData ActiveX function call access (more info ...) | attempted-user | ||||
| 7009 | WEB-ACTIVEX DirectAnimation.StructuredGraphicsControl ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 7010 | WEB-ACTIVEX HtmlDlgSafeHelper.HtmlDlgSafeHelper.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 7011 | WEB-ACTIVEX HtmlDlgSafeHelper.HtmlDlgSafeHelper ActiveX function call access (more info ...) | attempted-user | ||||
| 7012 | WEB-ACTIVEX Internet.PopupMenu.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 7013 | WEB-ACTIVEX Microsoft.ISCatAdm ActiveX function call access (more info ...) | attempted-user | ||||
| 7014 | WEB-ACTIVEX NMSA.ASFSourceMediaDescription.1 ActiveX function call access (more info ...) | attempted-dos | 2006-3897 | 19114 | ||
| 7015 | WEB-ACTIVEX NMSA.MediaDescription ActiveX function call access (more info ...) | attempted-user | ||||
| 7016 | WEB-ACTIVEX Object.Microsoft.DXTFilter ActiveX function call access (more info ...) | attempted-dos | 2006-3512 | 18903 | ||
| 7017 | WEB-ACTIVEX RDS.DataControl ActiveX function call access (more info ...) | attempted-user | 2006-3510 | 18900 | ||
| 7018 | WEB-ACTIVEX Sysmon ActiveX function call access (more info ...) | attempted-user | ||||
| 7026 | WEB-ACTIVEX RDS.Dataspace ActiveX function call access (more info ...) | attempted-user | 2006-0003 | 17462 | URL | |
| 7035 | NETBIOS SMB Trans mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7036 | NETBIOS SMB Trans unicode mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7039 | NETBIOS SMB Trans andx mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7040 | NETBIOS SMB Trans unicode andx mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7041 | NETBIOS-DG SMB Trans andx mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7209 | NETBIOS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (more info ...) | attempted-admin | 2006-3439 | 19409 | URL | |
| 7210 | NETBIOS DCERPC NCADG-IP-UDP srvsvc NetrPathCanonicalize overflow attempt (more info ...) | attempted-admin | 2006-3439 | 19409 | URL | |
| 7425 | WEB-ACTIVEX 9x8Resize ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7426 | WEB-ACTIVEX 9x8Resize ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7427 | WEB-ACTIVEX Allocator Fix ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7428 | WEB-ACTIVEX Allocator Fix ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7429 | WEB-ACTIVEX Bitmap ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7430 | WEB-ACTIVEX Bitmap ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7431 | WEB-ACTIVEX DirectFrame.DirectControl.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7432 | WEB-ACTIVEX DirectFrame.DirectControl.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7433 | WEB-ACTIVEX DirectX Transform Wrapper Property Page ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7434 | WEB-ACTIVEX DirectX Transform Wrapper Property Page ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7435 | WEB-ACTIVEX Dynamic Casts ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7436 | WEB-ACTIVEX Dynamic Casts ActiveX function call (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7437 | WEB-ACTIVEX Frame Eater ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7438 | WEB-ACTIVEX Frame Eater ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7439 | WEB-ACTIVEX HTML Help ActiveX clsid access (more info ...) | attempted-user | 2007-0214 | URL | ||
| 7440 | WEB-ACTIVEX HTML Help ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0214 | URL | ||
| 7441 | WEB-ACTIVEX HTML Help ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1208 | 13953 | URL | |
| 7442 | WEB-ACTIVEX mmAEPlugIn.AEPlugIn.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7443 | WEB-ACTIVEX mmAEPlugIn.AEPlugIn.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7444 | WEB-ACTIVEX Mmedia.AsyncMHandler.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7445 | WEB-ACTIVEX Mmedia.AsyncMHandler.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7446 | WEB-ACTIVEX Record Queue ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7447 | WEB-ACTIVEX Record Queue ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7448 | WEB-ACTIVEX ShotDetect ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7449 | WEB-ACTIVEX ShotDetect ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7450 | WEB-ACTIVEX Stetch ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7451 | WEB-ACTIVEX Stetch ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7452 | WEB-ACTIVEX WM Color Converter Filter ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7453 | WEB-ACTIVEX WM Color Converter Filter ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7454 | WEB-ACTIVEX Wmm2ae.dll ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7455 | WEB-ACTIVEX Wmm2ae.dll ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7456 | WEB-ACTIVEX Wmm2fxa.dll ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7457 | WEB-ACTIVEX Wmm2fxa.dll ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7458 | WEB-ACTIVEX Wmm2fxb.dll ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7459 | WEB-ACTIVEX Wmm2fxb.dll ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7460 | WEB-ACTIVEX WMT Audio Analyzer ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7461 | WEB-ACTIVEX WMT Audio Analyzer ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7462 | WEB-ACTIVEX WMT Black Frame Generator ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7463 | WEB-ACTIVEX WMT Black Frame Generator ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7464 | WEB-ACTIVEX WMT DeInterlace Filter ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7465 | WEB-ACTIVEX WMT DeInterlace Filter ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7466 | WEB-ACTIVEX WMT DeInterlace Prop Page ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7467 | WEB-ACTIVEX WMT DeInterlace Prop Page ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7468 | WEB-ACTIVEX WMT DirectX Transform Wrapper ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7469 | WEB-ACTIVEX WMT DirectX Transform Wrapper ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7470 | WEB-ACTIVEX WMT DV Extract Filter ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7471 | WEB-ACTIVEX WMT DV Extract Filter ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7472 | WEB-ACTIVEX WMT FormatConversion Prop Page ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7473 | WEB-ACTIVEX WMT FormatConversion Prop Page ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7474 | WEB-ACTIVEX WMT FormatConversion ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7475 | WEB-ACTIVEX WMT FormatConversion ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7476 | WEB-ACTIVEX WMT Import Filter ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7477 | WEB-ACTIVEX WMT Import Filter ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7478 | WEB-ACTIVEX WMT Interlacer ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7479 | WEB-ACTIVEX WMT Interlacer ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7480 | WEB-ACTIVEX WMT Log Filter ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7481 | WEB-ACTIVEX WMT Log Filter ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7482 | WEB-ACTIVEX WMT MuxDeMux Filter ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7483 | WEB-ACTIVEX WMT MuxDeMux Filter ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7484 | WEB-ACTIVEX WMT Sample Info Filter ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7485 | WEB-ACTIVEX WMT Sample Info Filter ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7486 | WEB-ACTIVEX WMT Screen Capture Filter Task Page ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7487 | WEB-ACTIVEX WMT Screen Capture Filter Task Page ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7488 | WEB-ACTIVEX WMT Screen capture Filter ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7489 | WEB-ACTIVEX WMT Screen capture Filter ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7490 | WEB-ACTIVEX WMT Switch Filter ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7491 | WEB-ACTIVEX WMT Switch Filter ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7492 | WEB-ACTIVEX WMT Virtual Renderer ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7493 | WEB-ACTIVEX WMT Virtual Renderer ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7494 | WEB-ACTIVEX WMT Virtual Source ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7495 | WEB-ACTIVEX WMT Virtual Source ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7496 | WEB-ACTIVEX WMT Volume ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7497 | WEB-ACTIVEX WMT Volume ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7498 | WEB-ACTIVEX WM TV Out Smooth Picture Filter ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7499 | WEB-ACTIVEX WM TV Out Smooth Picture Filter ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7500 | WEB-ACTIVEX WM VIH2 Fix ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7501 | WEB-ACTIVEX WM VIH2 Fix ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7502 | WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4219 | 19570 | URL | |
| 7503 | WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX clsid unicode access (more info ...) | attempted-user | 2006-4219 | 19570 | URL | |
| 7856 | SPYWARE-PUT Trackware winsysba-a runtime detection - track surfing activity (more info ...) | successful-recon-limited | URL | |||
| 7862 | WEB-ACTIVEX McSubMgr.IsAppExpired ActiveX function call access (more info ...) | attempted-user | 2006-3961 | 19265 | ||
| 7863 | WEB-ACTIVEX McSubMgr.IsOldAppInstalled ActiveX function call access (more info ...) | attempted-user | 2006-3961 | 19265 | ||
| 7864 | WEB-ACTIVEX McSubMgr ActiveX CLSID access (more info ...) | attempted-user | 2006-3961 | 19265 | ||
| 7865 | WEB-ACTIVEX McSubMgr ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3961 | 19265 | ||
| 7866 | WEB-ACTIVEX ADODB.Connection ActiveX clsid access (more info ...) | attempted-user | 2006-5559 | URL | ||
| 7867 | WEB-ACTIVEX ADODB.Connection ActiveX clsid unicode access (more info ...) | attempted-user | 2006-5559 | URL | ||
| 7868 | WEB-ACTIVEX ADODB.Recordset ActiveX CLSID access (more info ...) | attempted-user | 2006-5559 | 20704 | ||
| 7869 | WEB-ACTIVEX ADODB.Recordset ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-5559 | 20704 | ||
| 7878 | WEB-ACTIVEX AxMetaStream.MetaStreamCtl ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 7879 | WEB-ACTIVEX AxMetaStream.MetaStreamCtl ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 7880 | WEB-ACTIVEX AxMetaStream.MetaStreamCtlSecondary ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7881 | WEB-ACTIVEX AxMetaStream.MetaStreamCtlSecondary ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7882 | WEB-ACTIVEX AccSync.AccSubNotHandler ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7883 | WEB-ACTIVEX AccSync.AccSubNotHandler ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7884 | WEB-ACTIVEX AolCalSvr.ACCalendarListCtrl ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7885 | WEB-ACTIVEX AolCalSvr.ACCalendarListCtrl ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7886 | WEB-ACTIVEX AolCalSvr.ACDictionary ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7887 | WEB-ACTIVEX AolCalSvr.ACDictionary ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7890 | WEB-ACTIVEX AOL.MemExpWz ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7891 | WEB-ACTIVEX AOL.MemExpWz ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7892 | WEB-ACTIVEX AOL Phobos Class ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7893 | WEB-ACTIVEX AOL Phobos Class ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7894 | WEB-ACTIVEX AOL.PicDownloadCtrl ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7895 | WEB-ACTIVEX AOL.PicDownloadCtrl ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7896 | WEB-ACTIVEX AOL.PicEditCtrl ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7897 | WEB-ACTIVEX AOL.PicEditCtrl ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7898 | WEB-ACTIVEX AOL.PicSsvrCtrl ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7899 | WEB-ACTIVEX AOL.PicSsvrCtrl ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7900 | WEB-ACTIVEX AOL.UPFCtrl ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7901 | WEB-ACTIVEX AOL.UPFCtrl ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7902 | WEB-ACTIVEX CDDBControlAOL.CDDBAOLControl ActiveX clsid access (more info ...) | attempted-user | 2006-3134 | 23567 | URL | |
| 7903 | WEB-ACTIVEX CDDBControlAOL.CDDBAOLControl ActiveX clsid unicode access (more info ...) | attempted-user | 2006-3134 | 23567 | URL | |
| 7904 | WEB-ACTIVEX CDL Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7905 | WEB-ACTIVEX CDL Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7906 | WEB-ACTIVEX CDO.KnowledgeSearchFolder ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7907 | WEB-ACTIVEX CDO.KnowledgeSearchFolder ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7908 | WEB-ACTIVEX DXImageTransform.Microsoft.Chroma ActiveX clsid access (more info ...) | attempted-user | 24188 | URL | ||
| 7909 | WEB-ACTIVEX DXImageTransform.Microsoft.Chroma ActiveX clsid unicode access (more info ...) | attempted-user | 24188 | URL | ||
| 7910 | WEB-ACTIVEX DXImageTransform.Microsoft.DropShadow ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 7911 | WEB-ACTIVEX DXImageTransform.Microsoft.DropShadow ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 7912 | WEB-ACTIVEX DX3DTransform.Microsoft.Shapes ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 7913 | WEB-ACTIVEX DX3DTransform.Microsoft.Shapes ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 7914 | WEB-ACTIVEX DXImageTransform.Microsoft.NDFXArtEffects ActiveX CLSID access (more info ...) | attempted-user | 2006-3638 | 19340 | URL | |
| 7915 | WEB-ACTIVEX DXImageTransform.Microsoft.NDFXArtEffects ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3638 | 19340 | URL | |
| 7916 | WEB-ACTIVEX CLSID_IMimeInternational ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7917 | WEB-ACTIVEX CLSID_IMimeInternational ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7918 | WEB-ACTIVEX CoAxTrackVideo Class ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7919 | WEB-ACTIVEX CoAxTrackVideo Class ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7920 | WEB-ACTIVEX DsPropertyPages.OU ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7921 | WEB-ACTIVEX DsPropertyPages.OU ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7922 | WEB-ACTIVEX DXImageTransform.Microsoft.RevealTrans ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 7923 | WEB-ACTIVEX DXImageTransform.Microsoft.RevealTrans ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 7924 | WEB-ACTIVEX DXImageTransform.Microsoft.Shadow ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 7925 | WEB-ACTIVEX DXImageTransform.Microsoft.Shadow ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 7926 | WEB-ACTIVEX DXTFilter ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7927 | WEB-ACTIVEX DXTFilter ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7928 | WEB-ACTIVEX file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7929 | WEB-ACTIVEX file or local Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7930 | WEB-ACTIVEX FolderItem2 ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 7931 | WEB-ACTIVEX FolderItem2 ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 7932 | WEB-ACTIVEX FolderItems3 ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7933 | WEB-ACTIVEX FolderItems3 ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7936 | WEB-ACTIVEX DXImageTransform.Microsoft.Glow ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 7937 | WEB-ACTIVEX DXImageTransform.Microsoft.Glow ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 7938 | WEB-ACTIVEX gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7939 | WEB-ACTIVEX gopher Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7940 | WEB-ACTIVEX DXImageTransform.Microsoft.Gradient ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 7941 | WEB-ACTIVEX DXImageTransform.Microsoft.Gradient ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 7942 | WEB-ACTIVEX http Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7943 | WEB-ACTIVEX http Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7944 | WEB-ACTIVEX https Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7945 | WEB-ACTIVEX https Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7946 | WEB-ACTIVEX DXImageTransform.Microsoft.MaskFilter ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 7947 | WEB-ACTIVEX DXImageTransform.Microsoft.MaskFilter ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 7948 | WEB-ACTIVEX Microsoft Common Browser Architecture ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7949 | WEB-ACTIVEX Microsoft Common Browser Architecture ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7950 | WEB-ACTIVEX Microsoft DirectAnimation Control ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7951 | WEB-ACTIVEX Microsoft DirectAnimation Control ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7952 | WEB-ACTIVEX Microsoft DirectAnimation Windowed Control ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7953 | WEB-ACTIVEX Microsoft DirectAnimation Windowed Control ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7954 | WEB-ACTIVEX Microsoft Forms 2.0 ComboBox ActiveX CLSID access (more info ...) | attempted-user | 1999-0384 | URL | ||
| 7955 | WEB-ACTIVEX Microsoft Forms 2.0 ComboBox ActiveX CLSID unicode access (more info ...) | attempted-user | 1999-0384 | URL | ||
| 7956 | WEB-ACTIVEX Microsoft Forms 2.0 ListBox ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 7957 | WEB-ACTIVEX Microsoft Forms 2.0 ListBox ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 7958 | WEB-ACTIVEX mk Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7959 | WEB-ACTIVEX mk Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7970 | WEB-ACTIVEX PostBootReminder object ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7971 | WEB-ACTIVEX PostBootReminder object ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7974 | WEB-ACTIVEX Rendezvous Class ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7975 | WEB-ACTIVEX Rendezvous Class ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7976 | WEB-ACTIVEX ShellFolder for CD Burning ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7977 | WEB-ACTIVEX ShellFolder for CD Burning ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7981 | WEB-ACTIVEX Snapshot Viewer General Property Page Object ActiveX clsid access (more info ...) | attempted-user | 2008-2463 | URL | ||
| 7982 | WEB-ACTIVEX Snapshot Viewer General Property Page Object ActiveX clsid unicode access (more info ...) | attempted-user | 2008-2463 | URL | ||
| 7983 | WEB-ACTIVEX SuperBuddy Class ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7984 | WEB-ACTIVEX SuperBuddy Class ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7985 | WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX clsid access (more info ...) | attempted-user | 2006-3730 | 19030 | URL | |
| 7986 | WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-3730 | 19030 | URL | |
| 7987 | WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.2 ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7988 | WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.2 ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7989 | WEB-ACTIVEX WIA FileSystem USD ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7990 | WEB-ACTIVEX WIA FileSystem USD ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7991 | WEB-ACTIVEX ACM Class Manager ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7992 | WEB-ACTIVEX ACM Class Manager ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7993 | WEB-ACTIVEX clbcatex.dll ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7994 | WEB-ACTIVEX clbcatex.dll ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7995 | WEB-ACTIVEX clbcatq.dll ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7996 | WEB-ACTIVEX clbcatq.dll ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7997 | WEB-ACTIVEX CLSID_ApprenticeICW ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7998 | WEB-ACTIVEX CLSID_ApprenticeICW ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7999 | WEB-ACTIVEX CLSID_CDIDeviceActionConfigPage ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8000 | WEB-ACTIVEX CLSID_CDIDeviceActionConfigPage ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8001 | WEB-ACTIVEX CommunicationManager ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8002 | WEB-ACTIVEX CommunicationManager ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8003 | WEB-ACTIVEX Content.mbcontent.1 ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8004 | WEB-ACTIVEX Content.mbcontent.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8005 | WEB-ACTIVEX DiskManagement.Connection ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8006 | WEB-ACTIVEX DiskManagement.Connection ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8007 | WEB-ACTIVEX Dutch_Dutch Stemmer ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8008 | WEB-ACTIVEX Dutch_Dutch Stemmer ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8009 | WEB-ACTIVEX English_UK Stemmer ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8010 | WEB-ACTIVEX English_UK Stemmer ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8011 | WEB-ACTIVEX English_US Stemmer ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8012 | WEB-ACTIVEX English_US Stemmer ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8013 | WEB-ACTIVEX French_French Stemmer ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8014 | WEB-ACTIVEX French_French Stemmer ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8015 | WEB-ACTIVEX German_German Stemmer ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8016 | WEB-ACTIVEX German_German Stemmer ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8017 | WEB-ACTIVEX ICM Class Manager ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8018 | WEB-ACTIVEX ICM Class Manager ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8021 | WEB-ACTIVEX ISSimpleCommandCreator.1 ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8022 | WEB-ACTIVEX ISSimpleCommandCreator.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8023 | WEB-ACTIVEX Italian_Italian Stemmer ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8024 | WEB-ACTIVEX Italian_Italian Stemmer ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8025 | WEB-ACTIVEX Microsoft HTML Window Security Proxy ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8026 | WEB-ACTIVEX Microsoft HTML Window Security Proxy ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8027 | WEB-ACTIVEX Microsoft WBEM Event Subsystem ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8028 | WEB-ACTIVEX Microsoft WBEM Event Subsystem ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8029 | WEB-ACTIVEX MidiOut Class Manager ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8030 | WEB-ACTIVEX MidiOut Class Manager ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8031 | WEB-ACTIVEX Mslablti.MarshalableTI.1 ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8032 | WEB-ACTIVEX Mslablti.MarshalableTI.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8033 | WEB-ACTIVEX QC.MessageMover.1 ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8034 | WEB-ACTIVEX QC.MessageMover.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8035 | WEB-ACTIVEX Spanish_Modern Stemmer ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8036 | WEB-ACTIVEX Spanish_Modern Stemmer ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8037 | WEB-ACTIVEX Swedish_Default Stemmer ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8038 | WEB-ACTIVEX Swedish_Default Stemmer ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8039 | WEB-ACTIVEX syncui.dll ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8040 | WEB-ACTIVEX syncui.dll ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8041 | WEB-ACTIVEX VFW Capture Class Manager ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8042 | WEB-ACTIVEX VFW Capture Class Manager ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8043 | WEB-ACTIVEX Video Effect Class Manager 1 Input ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8044 | WEB-ACTIVEX Video Effect Class Manager 1 Input ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8045 | WEB-ACTIVEX Video Effect Class Manager 2 Input ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8046 | WEB-ACTIVEX Video Effect Class Manager 2 Input ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8047 | WEB-ACTIVEX WaveIn Class Manager ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8048 | WEB-ACTIVEX WaveIn Class Manager ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8049 | WEB-ACTIVEX WaveOut and DSound Class Manager ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8050 | WEB-ACTIVEX WaveOut and DSound Class Manager ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8051 | WEB-ACTIVEX WDM Instance Provider ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8052 | WEB-ACTIVEX WDM Instance Provider ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8053 | WEB-ACTIVEX DirectAnimation.PathControl ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | 19738 | ||
| 8054 | WEB-ACTIVEX DirectAnimation.PathControl ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | 19738 | ||
| 8055 | WEB-ACTIVEX DirectAnimation.PathControl ActiveX function call access (more info ...) | attempted-user | 2006-4777 | 19738 | ||
| 8062 | WEB-ACTIVEX ADODB.Stream ActiveX CLSID unicode access (more info ...) | attempted-user | 2004-0549 | 10514 | URL | |
| 8063 | WEB-ACTIVEX ADODB.Stream ActiveX function call access (more info ...) | attempted-user | 2004-0549 | 10514 | URL | |
| 8064 | WEB-ACTIVEX Scriptlet.Typelib ActiveX CLSID access (more info ...) | attempted-user | 2000-1061 | 598 | URL | |
| 8065 | WEB-ACTIVEX Scriptlet.Typelib ActiveX CLSID unicode access (more info ...) | attempted-user | 2000-1061 | 598 | URL | |
| 8066 | WEB-ACTIVEX Windows Scripting Host Shell ActiveX CLSID access (more info ...) | attempted-user | 2003-0532 | 8456 | URL | |
| 8067 | WEB-ACTIVEX Windows Scripting Host Shell ActiveX CLSID unicode access (more info ...) | attempted-user | 2003-0532 | 8456 | URL | |
| 8068 | WEB-ACTIVEX Windows Scripting Host Shell ActiveX function call access (more info ...) | attempted-user | ||||
| 8069 | WEB-ACTIVEX Microsoft Virtual Machine ActiveX CLSID access (more info ...) | attempted-user | 2000-1061 | 1754 | URL | |
| 8070 | WEB-ACTIVEX Microsoft Virtual Machine ActiveX CLSID unicode access (more info ...) | attempted-user | 2000-1061 | 1754 | URL | |
| 8253 | NETBIOS DCERPC NCACN-IP-TCP webdav DavrCreateConnection username overflow attempt (more info ...) | attempted-admin | 2006-0013 | 16636 | URL | |
| 8363 | WEB-ACTIVEX Business Object Factory ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 8364 | WEB-ACTIVEX Business Object Factory ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 8365 | WEB-ACTIVEX DExplore.AppObj.8.0 ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 8366 | WEB-ACTIVEX DExplore.AppObj.8.0 ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 8367 | WEB-ACTIVEX Microsoft.DbgClr.DTE.8.0 ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 8368 | WEB-ACTIVEX Microsoft.DbgClr.DTE.8.0 ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 8369 | WEB-ACTIVEX WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4704 | URL | ||
| 8370 | WEB-ACTIVEX WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4704 | URL | ||
| 8373 | WEB-ACTIVEX VsmIDE.DTE ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 8374 | WEB-ACTIVEX VsmIDE.DTE ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 8379 | WEB-ACTIVEX Xml2Dex ActiveX CLSID access (more info ...) | attempted-user | ||||
| 8380 | WEB-ACTIVEX Xml2Dex ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8391 | WEB-ACTIVEX RFXInstMgr Class ActiveX CLSID access (more info ...) | attempted-user | ||||
| 8392 | WEB-ACTIVEX RFXInstMgr Class ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8393 | WEB-ACTIVEX WebDetectFrm ActiveX CLSID access (more info ...) | attempted-user | ||||
| 8394 | WEB-ACTIVEX WebDetectFrm ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8395 | WEB-ACTIVEX DX3DTransform.Microsoft.CrShatter ActiveX CLSID access (more info ...) | attempted-user | ||||
| 8396 | WEB-ACTIVEX DX3DTransform.Microsoft.CrShatter ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8399 | WEB-ACTIVEX Microsoft.WebCapture ActiveX CLSID access (more info ...) | attempted-user | ||||
| 8400 | WEB-ACTIVEX Microsoft.WebCapture ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8403 | WEB-ACTIVEX XML Schema Cache 6.0 ActiveX CLSID access (more info ...) | attempted-user | ||||
| 8404 | WEB-ACTIVEX XML Schema Cache 6.0 ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8405 | WEB-ACTIVEX ActiveX clsid access (more info ...) | attempted-user | 2006-5745 | 20915 | URL | |
| 8406 | WEB-ACTIVEX ActiveX clsid unicode access (more info ...) | attempted-user | 2006-5745 | 20915 | URL | |
| 8407 | WEB-ACTIVEX VisualExec Control ActiveX CLSID access (more info ...) | attempted-user | ||||
| 8408 | WEB-ACTIVEX VisualExec Control ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8411 | WEB-ACTIVEX DocFind Command ActiveX CLSID access (more info ...) | attempted-user | ||||
| 8412 | WEB-ACTIVEX DocFind Command ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8417 | WEB-ACTIVEX TriEditDocument.TriEditDocument ActiveX function call access (more info ...) | attempted-user | 2006-3591 | 18946 | URL | |
| 8418 | WEB-ACTIVEX DXImageTransform.Microsoft.RevealTrans ActiveX function call access (more info ...) | attempted-user | URL | |||
| 8419 | WEB-ACTIVEX WebViewFolderIcon.WebViewFolderIcon.1 ActiveX function call (more info ...) | attempted-user | 2006-3730 | 19030 | URL | |
| 8420 | WEB-ACTIVEX DXImageTransform.Microsoft.Gradient ActiveX function call access (more info ...) | attempted-user | URL | |||
| 8421 | WEB-ACTIVEX OWC11.DataSourceControl.11 ActiveX function call access (more info ...) | attempted-user | URL | |||
| 8423 | WEB-ACTIVEX CEnroll.CEnroll.2 ActiveX function call access (more info ...) | attempted-user | URL | |||
| 8424 | WEB-ACTIVEX Microsoft Forms 2.0 ListBox ActiveX function call access (more info ...) | attempted-user | URL | |||
| 8425 | WEB-ACTIVEX DXImageTransform.Microsoft.NDFXArtEffects ActiveX function call access (more info ...) | attempted-user | 2006-3638 | 19340 | URL | |
| 8478 | WEB-CLIENT Microsoft Publisher file download attempt (more info ...) | misc-activity | 2006-0001 | URL | ||
| 8717 | WEB-ACTIVEX VsaIDE.DTE ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 8718 | WEB-ACTIVEX VsaIDE.DTE ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 8719 | WEB-ACTIVEX VisualStudio.DTE.8.0 ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 8720 | WEB-ACTIVEX VisualStudio.DTE.8.0 ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 8725 | WEB-ACTIVEX System Monitor ActiveX CLSID access (more info ...) | attempted-user | 2000-1034 | 1899 | URL | |
| 8726 | WEB-ACTIVEX System Monitor ActiveX CLSID unicode access (more info ...) | attempted-user | 2000-1034 | 1899 | URL | |
| 8727 | WEB-ACTIVEX XMLHTTP 4.0 ActiveX clsid access (more info ...) | attempted-user | 2006-5745 | 20915 | URL | |
| 8728 | WEB-ACTIVEX XMLHTTP 4.0 ActiveX clsid unicode access (more info ...) | attempted-user | 2006-5745 | 20915 | URL | |
| 8735 | WEB-ACTIVEX BOWebAgent.Webagent.1 ActiveX CLSID access (more info ...) | attempted-user | ||||
| 8736 | WEB-ACTIVEX BOWebAgent.Webagent.1 ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8737 | WEB-ACTIVEX BOWebAgent.Webagent.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 8741 | WEB-ACTIVEX DirectAnimation.DAFontStyle.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8742 | WEB-ACTIVEX DirectAnimation.DAFontStyle.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8743 | WEB-ACTIVEX DirectAnimation.DAFontStyle.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8744 | WEB-ACTIVEX DirectAnimation.DAEvent.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8745 | WEB-ACTIVEX DirectAnimation.DAEvent.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8746 | WEB-ACTIVEX DirectAnimation.DAEvent.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8747 | WEB-ACTIVEX DirectAnimation.DAEndStyle.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8748 | WEB-ACTIVEX DirectAnimation.DAEndStyle.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8749 | WEB-ACTIVEX DirectAnimation.DAEndStyle.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8750 | WEB-ACTIVEX LM.LMBehaviorFactory.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8751 | WEB-ACTIVEX LM.LMBehaviorFactory.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8752 | WEB-ACTIVEX LM.LMBehaviorFactory.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8753 | WEB-ACTIVEX LM.AutoEffectBvr.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8754 | WEB-ACTIVEX LM.AutoEffectBvr.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8755 | WEB-ACTIVEX LM.AutoEffectBvr.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8756 | WEB-ACTIVEX DirectAnimation.SpriteControl ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8757 | WEB-ACTIVEX DirectAnimation.SpriteControl ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8758 | WEB-ACTIVEX DirectAnimation.SpriteControl ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8759 | WEB-ACTIVEX DirectAnimation.SequencerControl ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8760 | WEB-ACTIVEX DirectAnimation.SequencerControl ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8761 | WEB-ACTIVEX DirectAnimation.SequencerControl ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8762 | WEB-ACTIVEX DirectAnimation.Sequence ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8763 | WEB-ACTIVEX DirectAnimation.Sequence ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8764 | WEB-ACTIVEX DirectAnimation.Sequence ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8765 | WEB-ACTIVEX DirectAnimation.DAView.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8766 | WEB-ACTIVEX DirectAnimation.DAView.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8767 | WEB-ACTIVEX DirectAnimation.DAView.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8768 | WEB-ACTIVEX DirectAnimation.DAVector3.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8769 | WEB-ACTIVEX DirectAnimation.DAVector3.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8770 | WEB-ACTIVEX DirectAnimation.DAVector3.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8771 | WEB-ACTIVEX DirectAnimation.DAVector2.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8772 | WEB-ACTIVEX DirectAnimation.DAVector2.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8773 | WEB-ACTIVEX DirectAnimation.DAVector2.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8774 | WEB-ACTIVEX DirectAnimation.DAUserData.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8775 | WEB-ACTIVEX DirectAnimation.DAUserData.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8776 | WEB-ACTIVEX DirectAnimation.DAUserData.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8777 | WEB-ACTIVEX DirectAnimation.DATransform3.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8778 | WEB-ACTIVEX DirectAnimation.DATransform3.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8779 | WEB-ACTIVEX DirectAnimation.DATransform3.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8780 | WEB-ACTIVEX DirectAnimation.DATransform2.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8781 | WEB-ACTIVEX DirectAnimation.DATransform2.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8782 | WEB-ACTIVEX DirectAnimation.DATransform2.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8783 | WEB-ACTIVEX DirectAnimation.DAString.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8784 | WEB-ACTIVEX DirectAnimation.DAString.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8785 | WEB-ACTIVEX DirectAnimation.DAString.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8786 | WEB-ACTIVEX DirectAnimation.DASound.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8787 | WEB-ACTIVEX DirectAnimation.DASound.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8788 | WEB-ACTIVEX DirectAnimation.DASound.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8789 | WEB-ACTIVEX DirectAnimation.DAPoint3.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8790 | WEB-ACTIVEX DirectAnimation.DAPoint3.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8791 | WEB-ACTIVEX DirectAnimation.DAPoint3.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8792 | WEB-ACTIVEX DirectAnimation.DAPoint2.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8793 | WEB-ACTIVEX DirectAnimation.DAPoint2.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8794 | WEB-ACTIVEX DirectAnimation.DAPoint2.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8795 | WEB-ACTIVEX DirectAnimation.DAPath2.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8796 | WEB-ACTIVEX DirectAnimation.DAPath2.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8797 | WEB-ACTIVEX DirectAnimation.DAPath2.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8798 | WEB-ACTIVEX DirectAnimation.DAPair.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8799 | WEB-ACTIVEX DirectAnimation.DAPair.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8800 | WEB-ACTIVEX DirectAnimation.DAPair.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8801 | WEB-ACTIVEX DirectAnimation.DANumber.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8802 | WEB-ACTIVEX DirectAnimation.DANumber.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8803 | WEB-ACTIVEX DirectAnimation.DANumber.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8804 | WEB-ACTIVEX DirectAnimation.DAMontage.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8805 | WEB-ACTIVEX DirectAnimation.DAMontage.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8806 | WEB-ACTIVEX DirectAnimation.DAMontage.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8807 | WEB-ACTIVEX DirectAnimation.DAMicrophone.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8808 | WEB-ACTIVEX DirectAnimation.DAMicrophone.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8809 | WEB-ACTIVEX DirectAnimation.DAMicrophone.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8810 | WEB-ACTIVEX DirectAnimation.DAMatte.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8811 | WEB-ACTIVEX DirectAnimation.DAMatte.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8812 | WEB-ACTIVEX DirectAnimation.DAMatte.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8813 | WEB-ACTIVEX DirectAnimation.DALineStyle.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8814 | WEB-ACTIVEX DirectAnimation.DALineStyle.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8815 | WEB-ACTIVEX DirectAnimation.DALineStyle.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8816 | WEB-ACTIVEX DirectAnimation.DAJoinStyle.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8817 | WEB-ACTIVEX DirectAnimation.DAJoinStyle.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8818 | WEB-ACTIVEX DirectAnimation.DAJoinStyle.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8819 | WEB-ACTIVEX DirectAnimation.DAImage.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8820 | WEB-ACTIVEX DirectAnimation.DAImage.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8821 | WEB-ACTIVEX DirectAnimation.DAImage.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8822 | WEB-ACTIVEX DirectAnimation.DAGeometry.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8823 | WEB-ACTIVEX DirectAnimation.DAGeometry.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8824 | WEB-ACTIVEX DirectAnimation.DAGeometry.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8825 | WEB-ACTIVEX DirectAnimation.DADashStyle.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8826 | WEB-ACTIVEX DirectAnimation.DADashStyle.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8827 | WEB-ACTIVEX DirectAnimation.DADashStyle.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8828 | WEB-ACTIVEX DirectAnimation.DAColor.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8829 | WEB-ACTIVEX DirectAnimation.DAColor.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8830 | WEB-ACTIVEX DirectAnimation.DAColor.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8831 | WEB-ACTIVEX DirectAnimation.DACamera.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8832 | WEB-ACTIVEX DirectAnimation.DACamera.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8833 | WEB-ACTIVEX DirectAnimation.DACamera.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8834 | WEB-ACTIVEX DirectAnimation.DABoolean.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8835 | WEB-ACTIVEX DirectAnimation.DABoolean.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8836 | WEB-ACTIVEX DirectAnimation.DABoolean.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8837 | WEB-ACTIVEX DirectAnimation.DABbox3.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8838 | WEB-ACTIVEX DirectAnimation.DABbox3.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8839 | WEB-ACTIVEX DirectAnimation.DABbox3.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8840 | WEB-ACTIVEX DirectAnimation.DABbox2.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8841 | WEB-ACTIVEX DirectAnimation.DABbox2.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8842 | WEB-ACTIVEX DirectAnimation.DABbox2.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8843 | WEB-ACTIVEX DirectAnimation.DAArray.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8844 | WEB-ACTIVEX DirectAnimation.DAArray.1 ActiveX CLSID unicode access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8845 | WEB-ACTIVEX DirectAnimation.DAArray.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8846 | WEB-ACTIVEX Microsoft Agent Character Custom Proxy Class ActiveX clsid access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8847 | WEB-ACTIVEX Microsoft Agent Character Custom Proxy Class ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8848 | WEB-ACTIVEX Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8849 | WEB-ACTIVEX Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8850 | WEB-ACTIVEX Microsoft Agent Custom Proxy Class ActiveX clsid access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8851 | WEB-ACTIVEX Microsoft Agent Custom Proxy Class ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8852 | WEB-ACTIVEX Microsoft Agent v2.0 ActiveX clsid access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8853 | WEB-ACTIVEX Microsoft Agent v2.0 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8854 | WEB-ACTIVEX Microsoft Agent v2.0 ActiveX function call access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8855 | WEB-ACTIVEX Microsoft Agent v1.5 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8856 | WEB-ACTIVEX Microsoft Agent v1.5 ActiveX function call access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 9027 | NETBIOS DCERPC NCACN-IP-TCP wkssvc NetrJoinDomain2 overflow attempt (more info ...) | attempted-admin | 2006-4691 | 11921 | URL | |
| 9129 | WEB-ACTIVEX WinZip FileView 6.1 ActiveX clsid access (more info ...) | attempted-user | 2006-5198 | 21108 | URL | |
| 9130 | WEB-ACTIVEX WinZip FileView 6.1 ActiveX clsid unicode access (more info ...) | attempted-user | 2006-5198 | 21108 | URL | |
| 9131 | WEB-ACTIVEX WinZip FileView 6.1 ActiveX function call access (more info ...) | attempted-user | 2006-5198 | 21108 | URL | |
| 9427 | WEB-ACTIVEX Acer LunchApp.APlunch ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 9428 | WEB-ACTIVEX Acer LunchApp.APlunch ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 9433 | WEB-CLIENT Microsoft Agent buffer overflow attempt (more info ...) | attempted-user | 2006-3445 | 21034 | URL | |
| 9626 | WEB-ACTIVEX AcroPDF.PDF ActiveX clsid access (more info ...) | attempted-user | 2006-6236 | 21155 | URL | |
| 9627 | WEB-ACTIVEX AcroPDF.PDF ActiveX clsid unicode access (more info ...) | attempted-user | 2006-6236 | 21155 | URL | |
| 9629 | WEB-ACTIVEX Citrix.ICAClient ActiveX clsid access (more info ...) | attempted-user | 2006-6334 | 23246 | URL | |
| 9630 | WEB-ACTIVEX Citrix.ICAClient ActiveX clsid unicode access (more info ...) | attempted-user | 2006-6334 | 23246 | URL | |
| 9631 | WEB-ACTIVEX Citrix.ICAClient ActiveX function call access (more info ...) | attempted-user | 2006-6334 | 23246 | URL | |
| 9640 | WEB-ACTIVEX ADODB.Connection ActiveX function call access (more info ...) | attempted-user | 2006-5559 | URL | ||
| 9769 | NETBIOS DCERPC NCACN-IP-TCP msqueue function 4 overflow attempt (more info ...) | attempted-admin | 2005-0059 | URL | ||
| 9793 | WEB-ACTIVEX YMMAPI.YMailAttach ActiveX clsid access (more info ...) | attempted-user | 2006-6603 | 21607 | URL | |
| 9794 | WEB-ACTIVEX YMMAPI.YMailAttach ActiveX clsid unicode access (more info ...) | attempted-user | 2006-6603 | 21607 | URL | |
| 9795 | WEB-ACTIVEX Panda ActiveScan ActiveScan.1 ActiveX clsid access (more info ...) | attempted-user | 2006-5966 | 21132 | ||
| 9796 | WEB-ACTIVEX Panda ActiveScan ActiveScan.1 ActiveX clsid unicode access (more info ...) | attempted-user | 2006-5966 | 21132 | ||
| 9797 | WEB-ACTIVEX Panda ActiveScan ActiveScan.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 9798 | WEB-ACTIVEX Panda ActiveScan PAVPZ.SOS.1 ActiveX clsid access (more info ...) | attempted-user | 2006-5966 | 21132 | ||
| 9799 | WEB-ACTIVEX Panda ActiveScan PAVPZ.SOS.1 ActiveX clsid unicode access (more info ...) | attempted-user | 2006-5966 | 21132 | ||
| 9800 | WEB-ACTIVEX Panda ActiveScan PAVPZ.SOS.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 9806 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc GetGroupStatus overflow attempt (more info ...) | attempted-admin | 2006-6076 | 21221 | URL | |
| 9812 | WEB-ACTIVEX Yahoo Messenger YMailAttach ActiveX function call access (more info ...) | attempted-user | 2006-6603 | 21607 | URL | |
| 9814 | WEB-ACTIVEX ICQPhone.SipxPhoneManager ActiveX clsid access (more info ...) | attempted-user | 2006-5650 | 20930 | ||
| 9815 | WEB-ACTIVEX ICQPhone.SipxPhoneManager ActiveX clsid unicode access (more info ...) | attempted-user | 2006-5650 | 20930 | ||
| 9816 | WEB-ACTIVEX ICQPhone.SipxPhoneManager ActiveX function call access (more info ...) | attempted-user | 2006-5650 | 20930 | ||
| 9817 | WEB-ACTIVEX CEnroll.CEnroll.2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 9818 | WEB-ACTIVEX CEnroll.CEnroll.2 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 9820 | WEB-ACTIVEX OWC11.DataSourceControl.11 ActiveX function call access (more info ...) | attempted-user | 2006-3729 | 19069 | URL | |
| 9821 | WEB-ACTIVEX TriEditDocument.TriEditDocument ActiveX clsid access (more info ...) | attempted-user | 2006-3591 | 18946 | URL | |
| 9822 | WEB-ACTIVEX TriEditDocument.TriEditDocument ActiveX clsid unicode access (more info ...) | attempted-user | 2006-3591 | 18946 | URL | |
| 9824 | WEB-ACTIVEX Rediff Bol Downloader ActiveX clsid access (more info ...) | attempted-user | 2006-6838 | 21831 | ||
| 9825 | WEB-ACTIVEX Rediff Bol Downloader ActiveX clsid unicode access (more info ...) | attempted-user | 2006-6838 | 21831 | ||
| 9826 | WEB-ACTIVEX Rediff Bol Downloader ActiveX function call access (more info ...) | attempted-user | 2006-6838 | 21831 | ||
| 10013 | WEB-ACTIVEX CCRP FolderTreeView ActiveX clsid access (more info ...) | attempted-user | 22092 | URL | ||
| 10014 | WEB-ACTIVEX CCRP FolderTreeView ActiveX clsid unicode access (more info ...) | attempted-user | 22092 | URL | ||
| 10015 | WEB-ACTIVEX Oracle ORADC ActiveX clsid access (more info ...) | attempted-user | 22026 | |||
| 10016 | WEB-ACTIVEX Oracle ORADC ActiveX clsid unicode access (more info ...) | attempted-user | 22026 | |||
| 10017 | WEB-ACTIVEX Oracle ORADC ActiveX function call access (more info ...) | attempted-user | 22026 | |||
| 10018 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc ReserveGroup attempt (more info ...) | protocol-command-decode | 2006-6917 | URL | ||
| 10050 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc2 ASDBLoginToComputer overflow attempt (more info ...) | attempted-admin | 2007-0169 | 22005 | URL | |
| 10084 | WEB-ACTIVEX NCTAudioFile2 ActiveX clsid access (more info ...) | attempted-user | 2007-0018 | 33469 | URL | |
| 10085 | WEB-ACTIVEX NCTAudioFile2 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0018 | 33469 | URL | |
| 10086 | WEB-ACTIVEX NCTAudioFile2 ActiveX function call access (more info ...) | attempted-user | 2007-0018 | 33469 | URL | |
| 10115 | WEB-CLIENT Microsoft WMF denial of service attempt (more info ...) | web-application-attack | 2006-4071 | 21992 | ||
| 10128 | WEB-ACTIVEX Aliplay ActiveX clsid access (more info ...) | attempted-user | 22446 | |||
| 10129 | WEB-ACTIVEX Aliplay ActiveX clsid unicode access (more info ...) | attempted-user | 22446 | |||
| 10137 | WEB-ACTIVEX Microsoft Input Method Editor ActiveX clsid access (more info ...) | attempted-user | 2006-4697 | URL | ||
| 10138 | WEB-ACTIVEX Microsoft Input Method Editor ActiveX clsid unicode access (more info ...) | attempted-user | 2006-4697 | URL | ||
| 10139 | WEB-ACTIVEX Microsoft Input Method Editor ActiveX function call access (more info ...) | attempted-user | 2006-4697 | URL | ||
| 10140 | WEB-ACTIVEX Microsoft Input Method Editor 2 ActiveX clsid access (more info ...) | attempted-user | 2006-4697 | URL | ||
| 10141 | WEB-ACTIVEX Microsoft Input Method Editor 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2006-4697 | URL | ||
| 10142 | WEB-ACTIVEX LexRefBilingualTextContext ActiveX clsid access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10143 | WEB-ACTIVEX LexRefBilingualTextContext ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10144 | WEB-ACTIVEX LexRefBilingualTextContext ActiveX function call access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10145 | WEB-ACTIVEX HTML Inline Sound Control ActiveX clsid access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10146 | WEB-ACTIVEX HTML Inline Sound Control ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10147 | WEB-ACTIVEX HTML Inline Sound Control ActiveX function call access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10148 | WEB-ACTIVEX HTML Inline Movie Control ActiveX clsid access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10149 | WEB-ACTIVEX HTML Inline Movie Control ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10150 | WEB-ACTIVEX HTML Inline Movie Control ActiveX function call access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10151 | WEB-ACTIVEX BlnSetUser Proxy ActiveX clsid access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10152 | WEB-ACTIVEX BlnSetUser Proxy ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10153 | WEB-ACTIVEX BlnSetUser Proxy ActiveX function call access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10154 | WEB-ACTIVEX BlnSetUser Proxy 2 ActiveX clsid access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10155 | WEB-ACTIVEX BlnSetUser Proxy 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10156 | WEB-ACTIVEX ActiveX Soft DVD Tools ActiveX clsid access (more info ...) | attempted-user | 22558 | URL | ||
| 10157 | WEB-ACTIVEX ActiveX Soft DVD Tools ActiveX clsid unicode access (more info ...) | attempted-user | 22558 | URL | ||
| 10162 | WEB-ACTIVEX BrowseDialog ActiveX clsid access (more info ...) | attempted-user | 22110 | |||
| 10163 | WEB-ACTIVEX BrowseDialog ActiveX clsid unicode access (more info ...) | attempted-user | 22110 | |||
| 10170 | WEB-ACTIVEX Verisign ConfigCHK ActiveX clsid access (more info ...) | attempted-user | 22676 | |||
| 10171 | WEB-ACTIVEX Verisign ConfigCHK ActiveX clsid unicode access (more info ...) | attempted-user | 22676 | |||
| 10176 | WEB-ACTIVEX Windows Shell User Enumeration Object ActiveX clsid access (more info ...) | attempted-user | ||||
| 10177 | WEB-ACTIVEX Windows Shell User Enumeration Object ActiveX clsid unicode access (more info ...) | attempted-user | ||||
| 10178 | WEB-ACTIVEX Windows Shell User Enumeration Object ActiveX function call access (more info ...) | attempted-user | ||||
| 10189 | WEB-ACTIVEX DivXBrowserPlugin ActiveX clsid access (more info ...) | attempted-user | ||||
| 10190 | WEB-ACTIVEX DivXBrowserPlugin ActiveX clsid unicode access (more info ...) | attempted-user | ||||
| 10191 | WEB-ACTIVEX DivXBrowserPlugin ActiveX function call access (more info ...) | attempted-user | ||||
| 10214 | WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid access (more info ...) | attempted-user | 2006-6885 | 22842 | ||
| 10215 | WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid unicode access (more info ...) | attempted-user | 2006-6885 | 22842 | ||
| 10216 | WEB-ACTIVEX Shockwave ActiveX Control ActiveX function call access (more info ...) | attempted-user | 2006-6885 | 22842 | ||
| 10387 | WEB-ACTIVEX McAfee ePolicy Orchestrator ActiveX clsid access (more info ...) | attempted-user | 22952 | URL | ||
| 10388 | WEB-ACTIVEX McAfee ePolicy Orchestrator ActiveX clsid unicode access (more info ...) | attempted-user | 22952 | URL | ||
| 10389 | WEB-ACTIVEX McAfee ePolicy Orchestrator ActiveX function call access (more info ...) | attempted-user | 22952 | URL | ||
| 10390 | WEB-ACTIVEX Symantec Support Controls SmartIssue ActiveX clsid access (more info ...) | attempted-user | 2006-6490 | 22564 | URL | |
| 10391 | WEB-ACTIVEX Symantec Support Controls SmartIssue ActiveX clsid unicode access (more info ...) | attempted-user | 2006-6490 | 22564 | URL | |
| 10392 | WEB-ACTIVEX Symantec Support Controls SmartIssue ActiveX function call access (more info ...) | attempted-user | 2006-6490 | 22564 | URL | |
| 10404 | WEB-ACTIVEX SignKorea SKCommAX ActiveX clsid access (more info ...) | attempted-user | ||||
| 10405 | WEB-ACTIVEX SignKorea SKCommAX ActiveX clsid unicode access (more info ...) | attempted-user | ||||
| 10406 | WEB-ACTIVEX SignKorea SKCommAX ActiveX function call access (more info ...) | attempted-user | ||||
| 10412 | WEB-ACTIVEX IBM Lotus SameTime STJNILoader Alt CLSID ActiveX clsid access (more info ...) | attempted-user | 2007-1784 | 23201 | URL | |
| 10413 | WEB-ACTIVEX IBM Lotus SameTime STJNILoader Alt CLSID ActiveX clsid unicode access (more info ...) | attempted-user | 23201 | URL | ||
| 10414 | WEB-ACTIVEX IBM Lotus SameTime STJNILoader Alt CLSID ActiveX function call access (more info ...) | attempted-user | 23201 | URL | ||
| 10415 | WEB-ACTIVEX IBM Lotus SameTime STJNILoader ActiveX clsid access (more info ...) | attempted-user | 23201 | URL | ||
| 10416 | WEB-ACTIVEX IBM Lotus SameTime STJNILoader ActiveX clsid unicode access (more info ...) | attempted-user | 23201 | URL | ||
| 10417 | WEB-ACTIVEX IBM Lotus SameTime STJNILoader ActiveX function call access (more info ...) | attempted-user | 23201 | URL | ||
| 10419 | WEB-ACTIVEX HP Mercury Quality Center SPIDERLib ActiveX clsid access (more info ...) | attempted-user | 2007-1819 | 23239 | URL | |
| 10420 | WEB-ACTIVEX HP Mercury Quality Center SPIDERLib ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1819 | 23239 | URL | |
| 10421 | WEB-ACTIVEX HP Mercury Quality Center SPIDERLib ActiveX function call access (more info ...) | attempted-user | 2007-1819 | 23239 | URL | |
| 10422 | WEB-ACTIVEX HP Mercury Quality Center SPIDERLib ActiveX function call unicode access (more info ...) | attempted-user | 2007-1819 | 23239 | URL | |
| 10423 | WEB-ACTIVEX Yahoo Audio Conferencing ActiveX clsid access (more info ...) | attempted-user | 2007-1680 | 23291 | URL | |
| 10424 | WEB-ACTIVEX Yahoo Audio Conferencing ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1680 | 23291 | URL | |
| 10425 | WEB-ACTIVEX Yahoo Audio Conferencing ActiveX function call access (more info ...) | attempted-user | 2007-1680 | 23291 | URL | |
| 10426 | WEB-ACTIVEX Yahoo Audio Conferencing ActiveX function call unicode access (more info ...) | attempted-user | 2007-1680 | 23291 | URL | |
| 10427 | WEB-ACTIVEX Kaspersky AntiVirus SysInfo ActiveX clsid access (more info ...) | attempted-user | 2007-1112 | 23325 | URL | |
| 10428 | WEB-ACTIVEX Kaspersky AntiVirus SysInfo ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1112 | 23325 | URL | |
| 10429 | WEB-ACTIVEX Kaspersky AntiVirus SysInfo ActiveX function call access (more info ...) | attempted-user | 2007-1112 | 23325 | URL | |
| 10430 | WEB-ACTIVEX Kaspersky AntiVirus SysInfo ActiveX function call unicode access (more info ...) | attempted-user | 2007-1112 | 23325 | URL | |
| 10431 | WEB-ACTIVEX Kaspersky AntiVirus KAV60Info ActiveX clsid access (more info ...) | attempted-user | 2007-1112 | 23345 | URL | |
| 10432 | WEB-ACTIVEX Kaspersky AntiVirus KAV60Info ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1112 | 23345 | URL | |
| 10433 | WEB-ACTIVEX Kaspersky AntiVirus KAV60Info ActiveX function call access (more info ...) | attempted-user | 2007-1112 | 23345 | URL | |
| 10434 | WEB-ACTIVEX Kaspersky AntiVirus KAV60Info ActiveX function call unicode access (more info ...) | attempted-user | 2007-1112 | 23345 | URL | |
| 10465 | WEB-ACTIVEX Microsoft Agent v1.5 ActiveX function call unicode access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 10466 | WEB-ACTIVEX iPIX Image Well ActiveX clsid access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10467 | WEB-ACTIVEX iPIX Image Well ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10468 | WEB-ACTIVEX iPIX Image Well ActiveX function call access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10469 | WEB-ACTIVEX iPIX Image Well ActiveX function call access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10470 | WEB-ACTIVEX iPIX Media Send Class ActiveX clsid access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10471 | WEB-ACTIVEX iPIX Media Send Class ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10472 | WEB-ACTIVEX iPIX Media Send Class ActiveX function call access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10473 | WEB-ACTIVEX iPIX Media Send Class ActiveX function call access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10474 | WEB-ACTIVEX iPIX Media Send Class ActiveX function call unicode access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10476 | WEB-ACTIVEX MarkAny MaPrintModule_WORK ActiveX clsid access (more info ...) | attempted-user | 23420 | |||
| 10477 | WEB-ACTIVEX MarkAny MaPrintModule_WORK ActiveX clsid unicode access (more info ...) | attempted-user | 23420 | |||
| 10478 | WEB-ACTIVEX MarkAny MaPrintModule_WORK ActiveX function call access (more info ...) | attempted-user | 23420 | |||
| 10479 | WEB-ACTIVEX MarkAny MaPrintModule_WORK ActiveX function call unicode access (more info ...) | attempted-user | 23420 | |||
| 10978 | WEB-ACTIVEX Second Sight Software ActiveGS ActiveX clsid access (more info ...) | attempted-user | 2007-1690 | 23554 | URL | |
| 10979 | WEB-ACTIVEX Second Sight Software ActiveGS ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1690 | 23554 | URL | |
| 10980 | WEB-ACTIVEX Second Sight Software ActiveGS ActiveX function call access (more info ...) | attempted-user | 2007-1690 | 23554 | URL | |
| 10981 | WEB-ACTIVEX Second Sight Software ActiveGS ActiveX function call unicode access (more info ...) | attempted-user | 2007-1690 | 23554 | URL | |
| 10982 | WEB-ACTIVEX Second Sight Software ActiveMod ActiveX clsid access (more info ...) | attempted-user | 2007-1691 | 23554 | URL | |
| 10983 | WEB-ACTIVEX Second Sight Software ActiveMod ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1691 | 23554 | URL | |
| 10984 | WEB-ACTIVEX Second Sight Software ActiveMod ActiveX function call access (more info ...) | attempted-user | 2007-1691 | 23554 | URL | |
| 10985 | WEB-ACTIVEX Second Sight Software ActiveMod ActiveX function call unicode access (more info ...) | attempted-user | 2007-1691 | 23554 | URL | |
| 10986 | WEB-ACTIVEX GraceNote CDDB ActiveX clsid access (more info ...) | attempted-user | 2007-0443 | 23567 | URL | |
| 10987 | WEB-ACTIVEX GraceNote CDDB ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0443 | 23567 | URL | |
| 10988 | WEB-ACTIVEX GraceNote CDDB ActiveX function call access (more info ...) | attempted-user | 2007-0443 | 23567 | URL | |
| 10989 | WEB-ACTIVEX GraceNote CDDB ActiveX function call unicode access (more info ...) | attempted-user | 2007-0443 | 23567 | URL | |
| 10991 | WEB-ACTIVEX Microgaming Download Helper ActiveX clsid access (more info ...) | attempted-user | 23595 | URL | ||
| 10992 | WEB-ACTIVEX Microgaming Download Helper ActiveX clsid unicode access (more info ...) | attempted-user | 23595 | URL | ||
| 10993 | WEB-ACTIVEX Microgaming Download Helper ActiveX function call access (more info ...) | attempted-user | 23595 | URL | ||
| 10994 | WEB-ACTIVEX Microgaming Download Helper ActiveX function call unicode access (more info ...) | attempted-user | 23595 | URL | ||
| 11176 | WEB-ACTIVEX PowerPoint Viewer ActiveX clsid access (more info ...) | attempted-user | 33243 | URL | ||
| 11177 | WEB-ACTIVEX PowerPoint Viewer ActiveX clsid unicode access (more info ...) | attempted-user | 33243 | URL | ||
| 11178 | WEB-ACTIVEX PowerPoint Viewer ActiveX function call access (more info ...) | attempted-user | 33243 | URL | ||
| 11179 | WEB-ACTIVEX PowerPoint Viewer ActiveX function call unicode access (more info ...) | attempted-user | 33243 | URL | ||
| 11197 | WEB-ACTIVEX ActiveX Soft DVD Tools ActiveX function call access (more info ...) | attempted-user | 22558 | URL | ||
| 11198 | WEB-ACTIVEX ActiveX Soft DVD Tools ActiveX function call unicode access (more info ...) | attempted-user | 22558 | URL | ||
| 11206 | WEB-ACTIVEX East Wind Software ADVDAUDIO ActiveX clsid access (more info ...) | attempted-user | 23833 | URL | ||
| 11207 | WEB-ACTIVEX East Wind Software ADVDAUDIO ActiveX clsid unicode access (more info ...) | attempted-user | 23833 | URL | ||
| 11208 | WEB-ACTIVEX East Wind Software ADVDAUDIO ActiveX function call access (more info ...) | attempted-user | 23833 | URL | ||
| 11209 | WEB-ACTIVEX East Wind Software ADVDAUDIO ActiveX function call unicode access (more info ...) | attempted-user | 23833 | URL | ||
| 11210 | WEB-ACTIVEX Sienzo Digital Music Mentor ActiveX clsid access (more info ...) | attempted-user | 23838 | URL | ||
| 11211 | WEB-ACTIVEX Sienzo Digital Music Mentor ActiveX clsid unicode access (more info ...) | attempted-user | 23838 | URL | ||
| 11212 | WEB-ACTIVEX Sienzo Digital Music Mentor ActiveX function call access (more info ...) | attempted-user | 23838 | URL | ||
| 11213 | WEB-ACTIVEX Sienzo Digital Music Mentor ActiveX function call unicode access (more info ...) | attempted-user | 23838 | URL | ||
| 11214 | WEB-ACTIVEX VeralSoft HTTP File Uploader ActiveX clsid access (more info ...) | attempted-user | 23853 | URL | ||
| 11215 | WEB-ACTIVEX VeralSoft HTTP File Uploader ActiveX clsid unicode access (more info ...) | attempted-user | 23853 | URL | ||
| 11216 | WEB-ACTIVEX VeralSoft HTTP File Uploader ActiveX function call access (more info ...) | attempted-user | 23853 | URL | ||
| 11217 | WEB-ACTIVEX VeralSoft HTTP File Uploader ActiveX function call unicode access (more info ...) | attempted-user | 23853 | URL | ||
| 11218 | WEB-ACTIVEX SmartCode VNC Manager ActiveX clsid access (more info ...) | attempted-user | 23869 | URL | ||
| 11219 | WEB-ACTIVEX SmartCode VNC Manager ActiveX clsid unicode access (more info ...) | attempted-user | 23869 | URL | ||
| 11220 | WEB-ACTIVEX SmartCode VNC Manager ActiveX function call access (more info ...) | attempted-user | 23869 | URL | ||
| 11221 | WEB-ACTIVEX SmartCode VNC Manager ActiveX function call unicode access (more info ...) | attempted-user | 23869 | URL | ||
| 11224 | WEB-ACTIVEX MSAuth ActiveX clsid access (more info ...) | attempted-user | 2007-2221 | URL | ||
| 11225 | WEB-ACTIVEX MSAuth ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2221 | URL | ||
| 11226 | WEB-ACTIVEX MSAuth ActiveX function call access (more info ...) | attempted-user | 2007-2221 | URL | ||
| 11227 | WEB-ACTIVEX MSAuth ActiveX function call unicode access (more info ...) | attempted-user | 2007-2221 | URL | ||
| 11228 | WEB-ACTIVEX Microsoft Input Method Editor 3 ActiveX clsid access (more info ...) | attempted-user | 2007-0942 | URL | ||
| 11229 | WEB-ACTIVEX Microsoft Input Method Editor 3 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0942 | URL | ||
| 11230 | WEB-ACTIVEX Microsoft Cryptographic API COM 1 ActiveX clsid access (more info ...) | attempted-user | 2007-0940 | URL | ||
| 11231 | WEB-ACTIVEX Microsoft Cryptographic API COM 1 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0940 | URL | ||
| 11232 | WEB-ACTIVEX Microsoft Cryptographic API COM 1 ActiveX function call access (more info ...) | attempted-user | 2007-0940 | URL | ||
| 11233 | WEB-ACTIVEX Microsoft Cryptographic API COM 1 ActiveX function call unicode access (more info ...) | attempted-user | 2007-0940 | URL | ||
| 11234 | WEB-ACTIVEX Microsoft Cryptographic API COM 2 ActiveX clsid access (more info ...) | attempted-user | 2007-0940 | URL | ||
| 11235 | WEB-ACTIVEX Microsoft Cryptographic API COM 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0940 | URL | ||
| 11239 | WEB-ACTIVEX DXImageTransform.Microsoft.Redirect ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 11240 | WEB-ACTIVEX DXImageTransform.Microsoft.Redirect ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 11241 | WEB-ACTIVEX DXImageTransform.Microsoft.Redirect ActiveX function call access (more info ...) | attempted-user | URL | |||
| 11242 | WEB-ACTIVEX DXImageTransform.Microsoft.Redirect ActiveX function call unicode access (more info ...) | attempted-user | URL | |||
| 11243 | WEB-ACTIVEX DirectAnimation.DAstatics ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 11244 | WEB-ACTIVEX DirectAnimation.DAstatics ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 11245 | WEB-ACTIVEX DirectAnimation.DAstatics ActiveX function call access (more info ...) | attempted-user | URL | |||
| 11246 | WEB-ACTIVEX DirectAnimation.DAstatics ActiveX function call unicode access (more info ...) | attempted-user | URL | |||
| 11247 | WEB-ACTIVEX Research In Motion TeamOn Import ActiveX clsid access (more info ...) | attempted-user | 23331 | URL | ||
| 11248 | WEB-ACTIVEX Research In Motion TeamOn Import ActiveX clsid unicode access (more info ...) | attempted-user | 23331 | URL | ||
| 11249 | WEB-ACTIVEX IE Address ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 11250 | WEB-ACTIVEX Sony Rootkit Uninstaller ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 11251 | WEB-ACTIVEX Sony Rootkit Uninstaller ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 11252 | WEB-ACTIVEX IE Address ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 11253 | WEB-ACTIVEX Microsoft MciWndx ActiveX clsid access (more info ...) | attempted-user | ||||
| 11254 | WEB-ACTIVEX Microsoft MciWndx ActiveX clsid unicode access (more info ...) | attempted-user | ||||
| 11255 | WEB-ACTIVEX Microsoft MciWndx ActiveX function call access (more info ...) | attempted-user | ||||
| 11256 | WEB-ACTIVEX Microsoft MciWndx ActiveX function call unicode access (more info ...) | attempted-user | ||||
| 11259 | WEB-ACTIVEX BarcodeWiz ActiveX clsid access (more info ...) | attempted-user | 23891 | URL | ||
| 11260 | WEB-ACTIVEX BarcodeWiz ActiveX clsid unicode access (more info ...) | attempted-user | 23891 | URL | ||
| 11261 | WEB-ACTIVEX BarcodeWiz ActiveX function call access (more info ...) | attempted-user | 23891 | URL | ||
| 11262 | WEB-ACTIVEX BarcodeWiz ActiveX function call unicode access (more info ...) | attempted-user | 23891 | URL | ||
| 11268 | WEB-ACTIVEX Symantec Norton AntiVirus ActiveX clsid access (more info ...) | attempted-user | 2006-3456 | 23822 | URL | |
| 11269 | WEB-ACTIVEX Symantec Norton AntiVirus ActiveX clsid unicode access (more info ...) | attempted-user | 2006-3456 | 23822 | URL | |
| 11270 | WEB-ACTIVEX Symantec Norton AntiVirus ActiveX function call access (more info ...) | attempted-user | 2006-3456 | 23822 | URL | |
| 11271 | WEB-ACTIVEX Symantec Norton AntiVirus ActiveX function call unicode access (more info ...) | attempted-user | 2006-3456 | 23822 | URL | |
| 11274 | WEB-ACTIVEX RControl ActiveX clsid access (more info ...) | attempted-user | 23914 | URL | ||
| 11275 | WEB-ACTIVEX RControl ActiveX clsid unicode access (more info ...) | attempted-user | 23914 | URL | ||
| 11276 | WEB-ACTIVEX GDivX Zenith Player AVI Fixer ActiveX clsid access (more info ...) | attempted-user | 23907 | |||
| 11277 | WEB-ACTIVEX GDivX Zenith Player AVI Fixer ActiveX clsid unicode access (more info ...) | attempted-user | 23907 | |||
| 11278 | WEB-ACTIVEX GDivX Zenith Player AVI Fixer ActiveX function call access (more info ...) | attempted-user | 23907 | |||
| 11279 | WEB-ACTIVEX GDivX Zenith Player AVI Fixer ActiveX function call unicode access (more info ...) | attempted-user | 23907 | |||
| 11280 | WEB-ACTIVEX FlexLabel ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 11281 | WEB-ACTIVEX FlexLabel ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 11282 | WEB-ACTIVEX FlexLabel ActiveX function call access (more info ...) | attempted-user | URL | |||
| 11283 | WEB-ACTIVEX FlexLabel ActiveX function call unicode access (more info ...) | attempted-user | URL | |||
| 11284 | WEB-ACTIVEX AudioCDRipper ActiveX clsid access (more info ...) | attempted-user | 23900 | |||
| 11285 | WEB-ACTIVEX AudioCDRipper ActiveX clsid unicode access (more info ...) | attempted-user | 23900 | |||
| 11286 | WEB-ACTIVEX AudioCDRipper ActiveX function call access (more info ...) | attempted-user | 23900 | |||
| 11287 | WEB-ACTIVEX AudioCDRipper ActiveX function call unicode access (more info ...) | attempted-user | 23900 | |||
| 11291 | WEB-ACTIVEX Hewlett Packard HPQVWOCX.DL ActiveX clsid access (more info ...) | attempted-user | 24793 | |||
| 11292 | WEB-ACTIVEX Hewlett Packard HPQVWOCX.DL ActiveX clsid unicode access (more info ...) | attempted-user | 24793 | |||
| 11293 | WEB-ACTIVEX IDAutomation Linear Bar Code ActiveX clsid access (more info ...) | attempted-user | 23954 | URL | ||
| 11294 | WEB-ACTIVEX IDAutomation Linear Bar Code ActiveX clsid unicode access (more info ...) | attempted-user | 23954 | URL | ||
| 11295 | WEB-ACTIVEX IDAutomation Linear Bar Code ActiveX function call access (more info ...) | attempted-user | 23954 | URL | ||
| 11296 | WEB-ACTIVEX IDAutomation Linear Bar Code ActiveX function call unicode access (more info ...) | attempted-user | 23954 | URL | ||
| 11297 | WEB-ACTIVEX Clever Database Comparer ActiveX clsid access (more info ...) | attempted-user | 23969 | URL | ||
| 11298 | WEB-ACTIVEX Clever Database Comparer ActiveX clsid unicode access (more info ...) | attempted-user | 23969 | URL | ||
| 11299 | WEB-ACTIVEX Clever Database Comparer ActiveX function call access (more info ...) | attempted-user | 23969 | URL | ||
| 11300 | WEB-ACTIVEX Clever Database Comparer ActiveX function call unicode access (more info ...) | attempted-user | 23969 | URL | ||
| 11301 | WEB-ACTIVEX DB Software Laboratory DeWizardX ActiveX clsid access (more info ...) | attempted-user | 23986 | URL | ||
| 11302 | WEB-ACTIVEX DB Software Laboratory DeWizardX ActiveX clsid unicode access (more info ...) | attempted-user | 23986 | URL | ||
| 11303 | WEB-ACTIVEX DB Software Laboratory DeWizardX ActiveX function call access (more info ...) | attempted-user | 23986 | URL | ||
| 11304 | WEB-ACTIVEX DB Software Laboratory DeWizardX ActiveX function call unicode access (more info ...) | attempted-user | 23986 | URL | ||
| 11324 | WEB-ACTIVEX Microsoft Input Method Editor 3 ActiveX function call access (more info ...) | attempted-user | 2007-0942 | URL | ||
| 11325 | WEB-ACTIVEX Microsoft Input Method Editor 3 ActiveX function call unicode access (more info ...) | attempted-user | 2007-0942 | URL | ||
| 11618 | EXPLOIT Trend Micro ServerProtect EarthAgent DCE-RPC Stack overflow (more info ...) | attempted-admin | 2007-2508 | 23866 | ||
| 11822 | WEB-ACTIVEX Yahoo Webcam Upload ActiveX clsid access (more info ...) | attempted-user | 2007-3147 | 24341 | ||
| 11823 | WEB-ACTIVEX Yahoo Webcam Upload ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3147 | 24341 | ||
| 11824 | WEB-ACTIVEX Yahoo Webcam Upload ActiveX function call access (more info ...) | attempted-user | 2007-3147 | 24341 | ||
| 11825 | WEB-ACTIVEX Yahoo Webcam Upload ActiveX function call unicode access (more info ...) | attempted-user | 2007-3147 | 24341 | ||
| 12010 | WEB-ACTIVEX RKD Software BarCode ActiveX clsid access (more info ...) | attempted-user | 2007-3435 | 24596 | ||
| 12011 | WEB-ACTIVEX RKD Software BarCode ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3435 | 24596 | ||
| 12012 | WEB-ACTIVEX RKD Software BarCode ActiveX function call access (more info ...) | attempted-user | 2007-3435 | 24596 | ||
| 12013 | WEB-ACTIVEX RKD Software BarCode ActiveX function call unicode access (more info ...) | attempted-user | 2007-3435 | 24596 | ||
| 12069 | EXPLOIT Microsoft Windows Active Directory Crafted LDAP ModifyRequest (more info ...) | attempted-admin | 2007-0040 | URL | ||
| 12144 | BACKDOOR access remote pc runtime detection - rpc setup (more info ...) | trojan-activity | ||||
| 12187 | RPC portmap 2112 tcp rename_principal attempt (more info ...) | rpc-portmap-decode | 2007-2798 | 24653 | URL | |
| 12188 | RPC portmap 2112 udp rename_principal attempt (more info ...) | rpc-portmap-decode | 2007-2798 | 24653 | URL | |
| 12279 | WEB-CLIENT Microsoft XML substringData integer overflow attempt (more info ...) | attempted-user | 2008-1442 | URL | ||
| 12307 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _SetPagerNotifyConfig attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12317 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect-earthagent RPCFN_CopyAUSrc attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12326 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _AddTaskExportLogItem attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12332 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _TakeActionOnAFile attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12335 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_30010 overflow attempt (more info ...) | attempted-admin | 2007-4218 | 25395 | ||
| 12341 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_a0030 attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12347 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _SetSvcImpersonateUser attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12393 | WEB-ACTIVEX Intuit QuickBooks Online Edition 1 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12394 | WEB-ACTIVEX Intuit QuickBooks Online Edition 1 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12395 | WEB-ACTIVEX Intuit QuickBooks Online Edition 2 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12396 | WEB-ACTIVEX Intuit QuickBooks Online Edition 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12397 | WEB-ACTIVEX Intuit QuickBooks Online Edition 3 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12398 | WEB-ACTIVEX Intuit QuickBooks Online Edition 3 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12399 | WEB-ACTIVEX Intuit QuickBooks Online Edition 4 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12400 | WEB-ACTIVEX Intuit QuickBooks Online Edition 4 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12401 | WEB-ACTIVEX Intuit QuickBooks Online Edition 5 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12402 | WEB-ACTIVEX Intuit QuickBooks Online Edition 5 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12403 | WEB-ACTIVEX Intuit QuickBooks Online Edition 6 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12404 | WEB-ACTIVEX Intuit QuickBooks Online Edition 6 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12405 | WEB-ACTIVEX Intuit QuickBooks Online Edition 7 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12406 | WEB-ACTIVEX Intuit QuickBooks Online Edition 7 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12407 | WEB-ACTIVEX Intuit QuickBooks Online Edition 8 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12408 | WEB-ACTIVEX Intuit QuickBooks Online Edition 8 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12409 | WEB-ACTIVEX Intuit QuickBooks Online Edition 9 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12410 | WEB-ACTIVEX Intuit QuickBooks Online Edition 9 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12411 | WEB-ACTIVEX Intuit QuickBooks Online Edition 10 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12412 | WEB-ACTIVEX Intuit QuickBooks Online Edition 10 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12417 | WEB-ACTIVEX Microsoft Visual FoxPro ActiveX clsid access (more info ...) | attempted-user | 2007-5322 | 25977 | ||
| 12418 | WEB-ACTIVEX Microsoft Visual FoxPro ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5322 | 25977 | ||
| 12419 | WEB-ACTIVEX Microsoft Visual FoxPro ActiveX function call access (more info ...) | attempted-user | 2007-5322 | 25977 | ||
| 12420 | WEB-ACTIVEX Microsoft Visual FoxPro ActiveX function call unicode access (more info ...) | attempted-user | 2007-5322 | 25977 | ||
| 12466 | WEB-ACTIVEX MW6 Technologies QRCode ActiveX clsid access (more info ...) | attempted-user | 2007-4982 | 25702 | ||
| 12467 | WEB-ACTIVEX MW6 Technologies QRCode ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4982 | 25702 | ||
| 12489 | NETBIOS DCERPC NCACN-IP-TCP wkssvc NetrWkstaGetInfo attempt (more info ...) | protocol-command-decode | 2006-6723 | |||
| 12612 | WEB-ACTIVEX Microsoft Windows MFC Library ActiveX clsid access (more info ...) | attempted-user | 2007-4916 | 25697 | ||
| 12613 | WEB-ACTIVEX Microsoft Windows MFC Library ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4916 | 25697 | ||
| 12614 | WEB-ACTIVEX Microsoft Windows MFC Library ActiveX function call access (more info ...) | attempted-user | 2007-4916 | 25697 | ||
| 12615 | WEB-ACTIVEX Microsoft Windows MFC Library ActiveX function call unicode access (more info ...) | attempted-user | 2007-4916 | 25697 | ||
| 12664 | MISC Microsoft Windows ShellExecute and IE7 url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 12687 | WEB-CLIENT Microsoft Windows ShellExecute and IE7 url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 12688 | WEB-CLIENT Microsoft Windows ShellExecute and IE7 url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 12751 | WEB-ACTIVEX RichFX Basic Player ActiveX clsid access (more info ...) | attempted-user | 26573 | |||
| 12752 | WEB-ACTIVEX RichFX Basic Player ActiveX clsid unicode access (more info ...) | attempted-user | 26573 | |||
| 12753 | WEB-ACTIVEX RichFX Basic Player ActiveX function call access (more info ...) | attempted-user | 26573 | |||
| 12754 | WEB-ACTIVEX RichFX Basic Player ActiveX function call unicode access (more info ...) | attempted-user | 26573 | |||
| 12755 | WEB-ACTIVEX PPStream PowerList ActiveX clsid access (more info ...) | attempted-user | 26580 | |||
| 12756 | WEB-ACTIVEX PPStream PowerList ActiveX clsid unicode access (more info ...) | attempted-user | 26580 | |||
| 12762 | WEB-ACTIVEX Yahoo Toolbar Helper Class ActiveX clsid access (more info ...) | attempted-user | 2007-6228 | 26656 | ||
| 12763 | WEB-ACTIVEX Yahoo Toolbar Helper Class ActiveX clsid unicode access (more info ...) | attempted-user | 2007-6228 | 26656 | ||
| 12764 | WEB-ACTIVEX Yahoo Toolbar Helper Class ActiveX function call access (more info ...) | attempted-user | 2007-6228 | 26656 | ||
| 12765 | WEB-ACTIVEX Yahoo Toolbar Helper Class ActiveX function call unicode access (more info ...) | attempted-user | 2007-6228 | 26656 | ||
| 12770 | SPECIFIC-THREATS obfuscated RDS.Dataspace ActiveX exploit attempt (more info ...) | attempted-user | 2006-0003 | 17462 | URL | |
| 12771 | SPECIFIC-THREATS obfuscated BaoFeng Storm MPS.dll ActiveX exploit attempt (more info ...) | attempted-user | 2007-4816 | 25601 | ||
| 12772 | SPECIFIC-THREATS obfuscated PPStream PowerPlayer ActiveX exploit attempt (more info ...) | attempted-user | 2007-4748 | 25502 | ||
| 12773 | SPECIFIC-THREATS obfuscated Xunlei Thunder PPLAYER.DLL ActiveX exploit attempt (more info ...) | attempted-user | 2007-6144 | 26536 | ||
| 12774 | SPECIFIC-THREATS obfuscated GlobalLink ConnectAndEnterRoom ActiveX exploit attempt (more info ...) | attempted-user | 2007-5722 | 26244 | ||
| 12803 | WEB-ACTIVEX VideoLAN VLC ActiveX clsid access (more info ...) | attempted-user | 2007-6262 | 26675 | URL | |
| 12804 | WEB-ACTIVEX VideoLAN VLC ActiveX clsid unicode access (more info ...) | attempted-user | 2007-6262 | 26675 | URL | |
| 12805 | WEB-ACTIVEX VideoLAN VLC ActiveX function call access (more info ...) | attempted-user | 2007-6262 | 26675 | URL | |
| 12806 | WEB-ACTIVEX VideoLAN VLC ActiveX function call unicode access (more info ...) | attempted-user | 2007-6262 | 26675 | URL | |
| 12808 | NETBIOS DCERPC NCACN-IP-TCP spoolss OpenPrinter overflow attempt (more info ...) | attempted-admin | 2006-5854 | 21220 | ||
| 12910 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 4 attempt (more info ...) | protocol-command-decode | 2007-5329 | 26015 | ||
| 12916 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 12 attempt (more info ...) | protocol-command-decode | 2007-5329 | 26015 | ||
| 12922 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 16 attempt (more info ...) | protocol-command-decode | 2007-5329 | 26015 | ||
| 12928 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 18 attempt (more info ...) | protocol-command-decode | 2007-5329 | 26015 | ||
| 12934 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 19 attempt (more info ...) | protocol-command-decode | 2007-5329 | 26015 | ||
| 12946 | NETBIOS SMB-DS SMBv2 protocol negotiation attempt (more info ...) | attempted-admin | 2007-5351 | URL | ||
| 12947 | NETBIOS SMB SMBv2 protocol negotiation attempt (more info ...) | attempted-admin | 2007-5351 | URL | ||
| 12948 | WEB-ACTIVEX Vantage Linguistics 1 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12949 | WEB-ACTIVEX Vantage Linguistics 1 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 12950 | WEB-ACTIVEX Vantage Linguistics 2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12951 | WEB-ACTIVEX Vantage Linguistics 2 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 12952 | WEB-ACTIVEX Vantage Linguistics 3 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12953 | WEB-ACTIVEX Vantage Linguistics 3 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 12954 | WEB-ACTIVEX DXLTPI.DLL ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12955 | WEB-ACTIVEX DXLTPI.DLL ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 12956 | WEB-ACTIVEX MSN Heartbeat ActiveX clsid unicode access (more info ...) | attempted-user | 11367 | URL | ||
| 12957 | WEB-ACTIVEX MSN Heartbeat 2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12958 | WEB-ACTIVEX MSN Heartbeat 2 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 12959 | WEB-ACTIVEX MSN Heartbeat 3 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12960 | WEB-ACTIVEX MSN Heartbeat 3 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 12961 | WEB-ACTIVEX Intuit QuickBooks Online Import 1 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12962 | WEB-ACTIVEX Intuit QuickBooks Online Import 1 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 12963 | WEB-ACTIVEX Intuit QuickBooks Online Import 2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12964 | WEB-ACTIVEX Intuit QuickBooks Online Import 2 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 12965 | WEB-ACTIVEX Intuit QuickBooks Online Import 3 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12966 | WEB-ACTIVEX Intuit QuickBooks Online Import 3 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 12967 | WEB-ACTIVEX Intuit QuickBooks Online Import 4 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12968 | WEB-ACTIVEX Intuit QuickBooks Online Import 4 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 12969 | WEB-ACTIVEX Intuit QuickBooks Online Import 5 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12970 | WEB-ACTIVEX Intuit QuickBooks Online Import 5 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 12971 | EXPLOIT microsoft directshow wav file overflow attempt (more info ...) | attempted-user | 2007-3895 | URL | ||
| 12972 | WEB-CLIENT Microsoft Media Player .asf markers detected (more info ...) | attempted-user | 2007-0064 | URL | ||
| 13158 | WEB_CLIENT Microsoft Media Player asf streaming format interchange data integer overflow attempt (more info ...) | attempted-user | 2007-0064 | URL | ||
| 13159 | WEB_CLIENT Microsoft Media Player asf streaming format audio error masking integer overflow attempt (more info ...) | attempted-user | 2007-0064 | URL | ||
| 13162 | NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (more info ...) | attempted-admin | 2006-6114 | 21220 | ||
| 13219 | WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX clsid access (more info ...) | attempted-user | 2007-6506 | 26950 | ||
| 13220 | WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2007-6506 | 26950 | ||
| 13224 | WEB-ACTIVEX Yahoo Toolbar YShortcut ActiveX clsid access (more info ...) | attempted-user | 2007-6535 | 26956 | ||
| 13225 | WEB-ACTIVEX Yahoo Toolbar YShortcut ActiveX clsid unicode access (more info ...) | attempted-user | 2007-6535 | 26956 | ||
| 13226 | WEB-ACTIVEX Yahoo Toolbar YShortcut ActiveX function call access (more info ...) | attempted-user | 2007-6535 | 26956 | ||
| 13227 | WEB-ACTIVEX Yahoo Toolbar YShortcut ActiveX function call unicode access (more info ...) | attempted-user | 2007-6535 | 26956 | ||
| 13250 | RPC portmap 390113 tcp request (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13251 | RPC portmap 390113 udp request (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13252 | RPC portmap 390113 tcp procedure 4 attempt (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13253 | RPC portmap 390113 udp procedure 4 attempt (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13254 | RPC portmap 390113 tcp request (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13255 | RPC portmap 390113 udp request (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13256 | RPC portmap 390113 tcp procedure 5 attempt (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13257 | RPC portmap 390113 udp procedure 5 attempt (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13266 | WEB-ACTIVEX SkyFex Client ActiveX clsid access (more info ...) | attempted-user | 27059 | |||
| 13267 | WEB-ACTIVEX SkyFex Client ActiveX clsid unicode access (more info ...) | attempted-user | 27059 | |||
| 13273 | WEB-ACTIVEX DivX Web Player ActiveX clsid access (more info ...) | attempted-user | 27106 | |||
| 13274 | WEB-ACTIVEX DivX Web Player ActiveX clsid unicode access (more info ...) | attempted-user | 27106 | |||
| 13275 | WEB-ACTIVEX DivX Web Player ActiveX function call access (more info ...) | attempted-user | 27106 | |||
| 13276 | WEB-ACTIVEX DivX Web Player ActiveX function call unicode access (more info ...) | attempted-user | 27106 | |||
| 13289 | WEB-ACTIVEX Gatway CWebLaunchCtl ActiveX clsid access (more info ...) | attempted-user | 2008-0220 | 27193 | URL | |
| 13290 | WEB-ACTIVEX Gatway CWebLaunchCtl ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0220 | 27193 | URL | |
| 13294 | WEB-ACTIVEX Microsoft Rich TextBox ActiveX clsid access (more info ...) | attempted-user | 2008-0237 | 27201 | ||
| 13295 | WEB-ACTIVEX Microsoft Rich TextBox ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0237 | 27201 | ||
| 13296 | WEB-ACTIVEX Microsoft Rich TextBox ActiveX clsid access (more info ...) | attempted-user | 2008-0237 | 27201 | ||
| 13297 | WEB-ACTIVEX Microsoft Rich TextBox ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0237 | 27201 | ||
| 13298 | WEB-ACTIVEX Microsoft Rich TextBox ActiveX function call access (more info ...) | attempted-user | 2008-0237 | 27201 | ||
| 13299 | WEB-ACTIVEX Microsoft Rich TextBox ActiveX function call unicode access (more info ...) | attempted-user | 2008-0237 | 27201 | ||
| 13303 | WEB-ACTIVEX Microsoft Visual FoxPro 2 ActiveX clsid access (more info ...) | attempted-user | 2008-0236 | 27205 | ||
| 13304 | WEB-ACTIVEX Microsoft Visual FoxPro 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0236 | 27205 | ||
| 13305 | WEB-ACTIVEX Microsoft Visual FoxPro 2 ActiveX function call access (more info ...) | attempted-user | 2008-0236 | 27205 | ||
| 13306 | WEB-ACTIVEX Microsoft Visual FoxPro 2 ActiveX function call unicode access (more info ...) | attempted-user | 2008-0236 | 27205 | ||
| 13312 | WEB-ACTIVEX StreamAudio ProxyManager ActiveX clsid access (more info ...) | attempted-user | 2008-0248 | 27247 | ||
| 13313 | WEB-ACTIVEX StreamAudio ProxyManager ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0248 | 27247 | ||
| 13314 | WEB-ACTIVEX StreamAudio ProxyManager ActiveX function call access (more info ...) | attempted-user | 2008-0248 | 27247 | ||
| 13315 | WEB-ACTIVEX StreamAudio ProxyManager ActiveX function call unicode access (more info ...) | attempted-user | 2008-0248 | 27247 | ||
| 13321 | WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX clsid access (more info ...) | attempted-user | 2007-3041 | 25295 | URL | |
| 13322 | WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3041 | 25295 | URL | |
| 13323 | WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX function call access (more info ...) | attempted-user | 2007-3041 | 25295 | URL | |
| 13324 | WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX function call unicode access (more info ...) | attempted-user | 2007-3041 | 25295 | URL | |
| 13329 | WEB-ACTIVEX Toshiba Surveillance Surveillix DVR ActiveX clsid access (more info ...) | attempted-user | 2008-0399 | 27360 | ||
| 13330 | WEB-ACTIVEX Toshiba Surveillance Surveillix DVR ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0399 | 27360 | ||
| 13331 | WEB-ACTIVEX Toshiba Surveillance Surveillix DVR ActiveX function call access (more info ...) | attempted-user | 2008-0399 | 27360 | ||
| 13332 | WEB-ACTIVEX Toshiba Surveillance Surveillix DVR ActiveX function call unicode access (more info ...) | attempted-user | 2008-0399 | 27360 | ||
| 13333 | WEB-ACTIVEX HP Virtual Rooms ActiveX clsid access (more info ...) | attempted-user | 2008-0437 | 27384 | ||
| 13334 | WEB-ACTIVEX HP Virtual Rooms ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0437 | 27384 | ||
| 13335 | WEB-ACTIVEX Lycos File Upload Component ActiveX clsid access (more info ...) | attempted-user | 27411 | |||
| 13336 | WEB-ACTIVEX Lycos File Upload Component ActiveX clsid unicode access (more info ...) | attempted-user | 27411 | |||
| 13337 | WEB-ACTIVEX Comodo AntiVirus ActiveX clsid access (more info ...) | attempted-user | 27424 | |||
| 13338 | WEB-ACTIVEX Comodo AntiVirus ActiveX clsid unicode access (more info ...) | attempted-user | 27424 | |||
| 13348 | WEB-ACTIVEX Move Networks Media Player ActiveX clsid access (more info ...) | attempted-user | 27438 | |||
| 13349 | WEB-ACTIVEX Move Networks Media Player ActiveX clsid unicode access (more info ...) | attempted-user | 27438 | |||
| 13350 | WEB-ACTIVEX Move Networks Media Player ActiveX function call access (more info ...) | attempted-user | 27438 | |||
| 13351 | WEB-ACTIVEX Move Networks Media Player ActiveX function call unicode access (more info ...) | attempted-user | 27438 | |||
| 13352 | WEB-ACTIVEX Lycos File Upload Component ActiveX function call access (more info ...) | attempted-user | 27411 | |||
| 13353 | WEB-ACTIVEX Lycos File Upload Component ActiveX function call unicode access (more info ...) | attempted-user | 27411 | |||
| 13354 | WEB-ACTIVEX HP Virtual Rooms ActiveX function call access (more info ...) | attempted-user | 2008-0437 | 27384 | ||
| 13355 | WEB-ACTIVEX HP Virtual Rooms ActiveX function call unicode access (more info ...) | attempted-user | 2008-0437 | 27384 | ||
| 13367 | NETBIOS DCERPC NCACN-IP-TCP spoolss GetPrinterData attempt (more info ...) | protocol-command-decode | 2006-6296 | 21401 | ||
| 13419 | WEB-ACTIVEX Facebook Photo Uploader ActiveX clsid access (more info ...) | attempted-user | 2008-5711 | 27756 | URL | |
| 13420 | WEB-ACTIVEX Facebook Photo Uploader ActiveX clsid unicode access (more info ...) | attempted-user | 2008-5711 | 27756 | URL | |
| 13421 | WEB-ACTIVEX Facebook Photo Uploader ActiveX function call access (more info ...) | attempted-user | 2008-5711 | 27756 | URL | |
| 13422 | WEB-ACTIVEX Facebook Photo Uploader ActiveX function call unicode access (more info ...) | attempted-user | 2008-5711 | 27756 | URL | |
| 13423 | WEB-ACTIVEX SwiftView ActiveX clsid access (more info ...) | attempted-user | 2007-5602 | 27527 | URL | |
| 13424 | WEB-ACTIVEX SwiftView ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5602 | 27527 | URL | |
| 13426 | WEB-ACTIVEX Yahoo Music JukeBox DataGrid ActiveX clsid access (more info ...) | attempted-user | 27579 | |||
| 13427 | WEB-ACTIVEX Yahoo Music JukeBox DataGrid ActiveX clsid unicode access (more info ...) | attempted-user | 27579 | |||
| 13428 | WEB-ACTIVEX Yahoo Music JukeBox DataGrid ActiveX function call access (more info ...) | attempted-user | 27579 | |||
| 13429 | WEB-ACTIVEX Yahoo Music JukeBox DataGrid ActiveX function call unicode access (more info ...) | attempted-user | 27579 | |||
| 13430 | WEB-ACTIVEX Yahoo Music JukeBox MediaGrid ActiveX clsid access (more info ...) | attempted-user | 27578 | |||
| 13431 | WEB-ACTIVEX Yahoo Music JukeBox MediaGrid ActiveX clsid unicode access (more info ...) | attempted-user | 27578 | |||
| 13432 | WEB-ACTIVEX Yahoo Music JukeBox MediaGrid ActiveX function call access (more info ...) | attempted-user | 27578 | |||
| 13433 | WEB-ACTIVEX Yahoo Music JukeBox MediaGrid ActiveX function call unicode access (more info ...) | attempted-user | 27578 | |||
| 13446 | WEB-ACTIVEX GlobalLink HanGamePlugin ActiveX clsid access (more info ...) | attempted-user | 27626 | |||
| 13447 | WEB-ACTIVEX GlobalLink HanGamePlugin ActiveX clsid unicode access (more info ...) | attempted-user | 27626 | |||
| 13453 | WEB-CLIENT Microsoft DXLUTBuilder ActiveX clsid access (more info ...) | attempted-user | 2008-0078 | URL | ||
| 13455 | WEB-CLIENT Microsoft DXLUTBuilder ActiveX function call access (more info ...) | attempted-user | 2008-0078 | URL | ||
| 13457 | WEB-ACTIVEX Microsoft Forms 2.0 ActiveX clsid access (more info ...) | attempted-user | 2007-0065 | URL | ||
| 13459 | WEB-ACTIVEX Microsoft Forms 2.0 ActiveX function call access (more info ...) | attempted-user | 2007-0065 | URL | ||
| 13465 | WEB-CLIENT Microsoft Works file download request (more info ...) | misc-activity | ||||
| 13466 | WEB-CLIENT Microsoft Works file converter file section length headers memory corruption attempt (more info ...) | attempted-user | 2007-0216 | 27657 | URL | |
| 13471 | EXPLOIT Microsoft Publisher invalid pathname overwrite (more info ...) | attempted-user | 2008-0104 | URL | ||
| 13473 | WEB-MISC Microsoft Publisher file download (more info ...) | misc-activity | ||||
| 13474 | WEB-CLIENT Microsoft WebDAV MiniRedir remote code execution attempt (more info ...) | attempted-user | 2008-0080 | URL | ||
| 13523 | WEB-ACTIVEX Novell iPrint ActiveX clsid access (more info ...) | attempted-user | 2008-2908 | 31370 | URL | |
| 13524 | WEB-ACTIVEX Novell iPrint ActiveX clsid unicode access (more info ...) | attempted-user | 2008-2908 | 31370 | URL | |
| 13525 | WEB-ACTIVEX Novell iPrint ActiveX function call access (more info ...) | attempted-user | 2008-2908 | 31370 | URL | |
| 13526 | WEB-ACTIVEX Novell iPrint ActiveX function call unicode access (more info ...) | attempted-user | 2008-2908 | 31370 | URL | |
| 13527 | WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX clsid access (more info ...) | attempted-user | 28010 | |||
| 13528 | WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX clsid unicode access (more info ...) | attempted-user | 28010 | |||
| 13529 | WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX function call access (more info ...) | attempted-user | 28010 | |||
| 13530 | WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX function call unicode access (more info ...) | attempted-user | 28010 | |||
| 13531 | WEB-ACTIVEX 4xem VatCtrl ActiveX clsid access (more info ...) | attempted-user | 28010 | |||
| 13532 | WEB-ACTIVEX 4xem VatCtrl ActiveX clsid unicode access (more info ...) | attempted-user | 28010 | |||
| 13533 | WEB-ACTIVEX 4xem VatCtrl ActiveX function call access (more info ...) | attempted-user | 28010 | |||
| 13534 | WEB-ACTIVEX 4xem VatCtrl ActiveX function call unicode access (more info ...) | attempted-user | 28010 | |||
| 13535 | WEB-ACTIVEX Vivotek RTSP MPEG4 SP Control ActiveX clsid access (more info ...) | attempted-user | 28010 | |||
| 13536 | WEB-ACTIVEX Vivotek RTSP MPEG4 SP Control ActiveX clsid unicode access (more info ...) | attempted-user | 28010 | |||
| 13537 | WEB-ACTIVEX Vivotek RTSP MPEG4 SP Control ActiveX function call access (more info ...) | attempted-user | 28010 | |||
| 13538 | WEB-ACTIVEX Vivotek RTSP MPEG4 SP Control ActiveX function call unicode access (more info ...) | attempted-user | 28010 | |||
| 13539 | WEB-ACTIVEX Symantec Backup Exec ActiveX clsid access (more info ...) | attempted-user | 2007-6016 | 26904 | URL | |
| 13540 | WEB-ACTIVEX Symantec Backup Exec ActiveX clsid unicode access (more info ...) | attempted-user | 2007-6016 | 26904 | URL | |
| 13541 | WEB-ACTIVEX Symantec Backup Exec ActiveX function call access (more info ...) | attempted-user | 2007-6016 | 26904 | URL | |
| 13542 | WEB-ACTIVEX Symantec Backup Exec ActiveX function call unicode access (more info ...) | attempted-user | 2007-6016 | 26904 | URL | |
| 13543 | WEB-ACTIVEX Learn2 STRunner ActiveX clsid access (more info ...) | attempted-user | 28058 | |||
| 13544 | WEB-ACTIVEX Learn2 STRunner ActiveX clsid unicode access (more info ...) | attempted-user | 28058 | |||
| 13545 | WEB-ACTIVEX Learn2 STRunner ActiveX function call access (more info ...) | attempted-user | 28058 | |||
| 13546 | WEB-ACTIVEX Learn2 STRunner ActiveX function call unicode access (more info ...) | attempted-user | 28058 | |||
| 13547 | WEB-ACTIVEX Sony ImageStation ActiveX clsid access (more info ...) | attempted-user | 2008-0748 | 27715 | ||
| 13548 | WEB-ACTIVEX Sony ImageStation ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0748 | 27715 | ||
| 13549 | WEB-ACTIVEX Sony ImageStation ActiveX function call access (more info ...) | attempted-user | 2008-0748 | 27715 | ||
| 13550 | WEB-ACTIVEX Sony ImageStation ActiveX function call unicode access (more info ...) | attempted-user | 2008-0748 | 27715 | ||
| 13572 | WEB-CLIENT Microsoft Powerpoint malformed shapeid arbitrary code execution attempt (more info ...) | attempted-user | 2008-0118 | URL | ||
| 13583 | WEB-CLIENT Microsoft SYmbolic LinK file download request (more info ...) | misc-activity | 2008-0112 | URL | ||
| 13585 | WEB-CLIENT Microsoft SYmbolic LinK file download (more info ...) | misc-activity | 2008-0112 | URL | ||
| 13595 | WEB-ACTIVEX ICQ Toolbar toolbaru.dll ActiveX clsid access (more info ...) | attempted-user | 28118 | |||
| 13596 | WEB-ACTIVEX ICQ Toolbar toolbaru.dll ActiveX clsid unicode access (more info ...) | attempted-user | 28118 | |||
| 13597 | WEB-ACTIVEX ICQ Toolbar toolbaru.dll ActiveX function call access (more info ...) | attempted-user | 28118 | |||
| 13598 | WEB-ACTIVEX ICQ Toolbar toolbaru.dll ActiveX function call unicode access (more info ...) | attempted-user | 28118 | |||
| 13599 | WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX clsid access (more info ...) | attempted-user | 2008-1307 | 28172 | ||
| 13600 | WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1307 | 28172 | ||
| 13601 | WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX function call access (more info ...) | attempted-user | 2008-1307 | 28172 | ||
| 13602 | WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX function call unicode access (more info ...) | attempted-user | 2008-1307 | 28172 | ||
| 13619 | SPECIFIC-THREATS Microsoft getBulkRequest memory corruption attempt (more info ...) | attempted-admin | 2006-5583 | URL | ||
| 13621 | WEB-ACTIVEX CA BrightStor ListCtrl ActiveX clsid access (more info ...) | attempted-user | 2008-1472 | 28268 | ||
| 13622 | WEB-ACTIVEX CA BrightStor ListCtrl ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1472 | 28268 | ||
| 13623 | WEB-ACTIVEX CA BrightStor ListCtrl ActiveX function call access (more info ...) | attempted-user | 2008-1472 | 28268 | ||
| 13624 | WEB-ACTIVEX CA BrightStor ListCtrl ActiveX function call unicode access (more info ...) | attempted-user | 2008-1472 | 28268 | ||
| 13626 | WEB-CLIENT Microsoft Access download attempt (more info ...) | suspicious-filename-detect | 2008-1092 | 26468 | URL | |
| 13629 | WEB-CLIENT Microsoft Access JSDB download attempt (more info ...) | suspicious-filename-detect | 2008-1092 | 26468 | URL | |
| 13630 | WEB-CLIENT Microsoft Access TJDB download attempt (more info ...) | suspicious-filename-detect | 2008-1092 | 26468 | URL | |
| 13633 | WEB-CLIENT Microsoft Access MSISAM download attempt (more info ...) | suspicious-filename-detect | 2008-1092 | 26468 | URL | |
| 13657 | WEB-ACTIVEX BusinessObjects RptViewerAx ActiveX clsid access (more info ...) | attempted-user | 2007-6254 | 28292 | ||
| 13658 | WEB-ACTIVEX BusinessObjects RptViewerAx ActiveX clsid unicode access (more info ...) | attempted-user | 2007-6254 | 28292 | ||
| 13659 | WEB-ACTIVEX BusinessObjects RptViewerAx ActiveX function call access (more info ...) | attempted-user | 2007-6254 | 28292 | ||
| 13660 | WEB-ACTIVEX BusinessObjects RptViewerAx ActiveX function call unicode access (more info ...) | attempted-user | 2007-6254 | 28292 | ||
| 13661 | WEB-ACTIVEX VeralSoft HTTP File Upload ActiveX clsid access (more info ...) | attempted-user | 28301 | |||
| 13662 | WEB-ACTIVEX VeralSoft HTTP File Upload ActiveX clsid unicode access (more info ...) | attempted-user | 28301 | |||
| 13666 | WEB-CLIENT Microsoft GDI integer overflow attempt (more info ...) | attempted-user | 2008-1083 | URL | ||
| 13668 | WEB-ACTIVEX Microsoft Help 2.0 Contents Control ActiveX clsid access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13670 | WEB-ACTIVEX Microsoft Help 2.0 Contents Control ActiveX function call access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13672 | WEB-ACTIVEX Microsoft Help 2.0 Contents Control 2 ActiveX clsid access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13674 | WEB-ACTIVEX Microsoft Help 2.0 Contents Control 2 ActiveX function call access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13678 | MISC Microsoft EMF metafile access detected (more info ...) | attempted-user | 2008-1087 | URL | ||
| 13679 | WEB-ACTIVEX IBiz EBanking Integrator ActiveX clsid access (more info ...) | attempted-user | 2008-1725 | 28700 | ||
| 13680 | WEB-ACTIVEX IBiz EBanking Integrator ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1725 | 28700 | ||
| 13681 | WEB-ACTIVEX CDNetworks Nefficient Download ActiveX clsid access (more info ...) | attempted-user | 28666 | |||
| 13682 | WEB-ACTIVEX CDNetworks Nefficient Download ActiveX clsid unicode access (more info ...) | attempted-user | 28666 | |||
| 13683 | WEB-ACTIVEX CDNetworks Nefficient Download ActiveX function call access (more info ...) | attempted-user | 28666 | |||
| 13684 | WEB-ACTIVEX CDNetworks Nefficient Download ActiveX function call unicode access (more info ...) | attempted-user | 28666 | |||
| 13685 | WEB-ACTIVEX Chilkat HTTP 1 ActiveX clsid access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13686 | WEB-ACTIVEX Chilkat HTTP 1 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13687 | WEB-ACTIVEX Chilkat HTTP 1 ActiveX function call access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13688 | WEB-ACTIVEX Chilkat HTTP 1 ActiveX function call unicode access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13689 | WEB-ACTIVEX Chilkat HTTP 2 ActiveX clsid access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13690 | WEB-ACTIVEX Chilkat HTTP 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13691 | WEB-ACTIVEX Chilkat HTTP 2 ActiveX function call access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13692 | WEB-ACTIVEX Chilkat HTTP 2 ActiveX function call unicode access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13699 | WEB-ACTIVEX CA DSM gui_cm_ctrls ActiveX clsid access (more info ...) | attempted-user | 2008-1786 | 28809 | ||
| 13700 | WEB-ACTIVEX CA DSM gui_cm_ctrls ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1786 | 28809 | ||
| 13720 | WEB-ACTIVEX HP eSupportDiagnostics 3 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13721 | WEB-ACTIVEX HP eSupportDiagnostics 3 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13722 | WEB-ACTIVEX HP eSupportDiagnostics 4 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13723 | WEB-ACTIVEX HP eSupportDiagnostics 4 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13724 | WEB-ACTIVEX HP eSupportDiagnostics 5 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13725 | WEB-ACTIVEX HP eSupportDiagnostics 5 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13726 | WEB-ACTIVEX HP eSupportDiagnostics 6 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13727 | WEB-ACTIVEX HP eSupportDiagnostics 6 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13728 | WEB-ACTIVEX HP eSupportDiagnostics 7 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13729 | WEB-ACTIVEX HP eSupportDiagnostics 7 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13730 | WEB-ACTIVEX HP eSupportDiagnostics 8 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13731 | WEB-ACTIVEX HP eSupportDiagnostics 8 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13732 | WEB-ACTIVEX HP eSupportDiagnostics 9 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13733 | WEB-ACTIVEX HP eSupportDiagnostics 9 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13734 | WEB-ACTIVEX HP eSupportDiagnostics 10 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13735 | WEB-ACTIVEX HP eSupportDiagnostics 10 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13736 | WEB-ACTIVEX HP eSupportDiagnostics 11 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13737 | WEB-ACTIVEX HP eSupportDiagnostics 11 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13738 | WEB-ACTIVEX HP eSupportDiagnostics 12 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13739 | WEB-ACTIVEX HP eSupportDiagnostics 12 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13740 | WEB-ACTIVEX HP eSupportDiagnostics 13 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13741 | WEB-ACTIVEX HP eSupportDiagnostics 13 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13742 | WEB-ACTIVEX HP eSupportDiagnostics 14 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13743 | WEB-ACTIVEX HP eSupportDiagnostics 14 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13744 | WEB-ACTIVEX HP eSupportDiagnostics 15 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13745 | WEB-ACTIVEX HP eSupportDiagnostics 15 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13746 | WEB-ACTIVEX HP eSupportDiagnostics 16 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13747 | WEB-ACTIVEX HP eSupportDiagnostics 16 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13748 | WEB-ACTIVEX HP eSupportDiagnostics 17 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13749 | WEB-ACTIVEX HP eSupportDiagnostics 17 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13750 | WEB-ACTIVEX HP eSupportDiagnostics 18 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13751 | WEB-ACTIVEX HP eSupportDiagnostics 18 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13752 | WEB-ACTIVEX HP eSupportDiagnostics 19 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13753 | WEB-ACTIVEX HP eSupportDiagnostics 19 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13754 | WEB-ACTIVEX HP eSupportDiagnostics 20 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13755 | WEB-ACTIVEX HP eSupportDiagnostics 20 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13756 | WEB-ACTIVEX HP eSupportDiagnostics 21 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13757 | WEB-ACTIVEX HP eSupportDiagnostics 21 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13758 | WEB-ACTIVEX Microsoft HeartbeatCtl ActiveX clsid access (more info ...) | attempted-user | 2007-6255 | 28882 | ||
| 13759 | WEB-ACTIVEX Microsoft HeartbeatCtl ActiveX clsid unicode access (more info ...) | attempted-user | 2007-6255 | 28882 | ||
| 13760 | WEB-ACTIVEX Microsoft HeartbeatCtl ActiveX function call access (more info ...) | attempted-user | 2007-6255 | 28882 | ||
| 13761 | WEB-ACTIVEX Microsoft HeartbeatCtl ActiveX function call unicode access (more info ...) | attempted-user | 2007-6255 | 28882 | ||
| 13783 | WEB-ACTIVEX Yahoo Assistant ActiveX clsid access (more info ...) | attempted-user | 2008-2111 | 29065 | ||
| 13784 | WEB-ACTIVEX Yahoo Assistant ActiveX clsid unicode access (more info ...) | attempted-user | 2008-2111 | 29065 | ||
| 13785 | WEB-ACTIVEX Ourgame GLWorld ActiveX clsid access (more info ...) | attempted-user | 2008-0647 | 27626 | ||
| 13786 | WEB-ACTIVEX Ourgame GLWorld ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0647 | 27626 | ||
| 13787 | WEB-ACTIVEX Ourgame GLWorld ActiveX function call access (more info ...) | attempted-user | 2008-0647 | 27626 | ||
| 13788 | WEB-ACTIVEX Ourgame GLWorld ActiveX function call unicode access (more info ...) | attempted-user | 2008-0647 | 27626 | ||
| 13798 | WEB-CLIENT Microsoft malware protection engine denial of service attempt (more info ...) | attempted-dos | 2008-1437 | URL | ||
| 13802 | WEB-CLIENT Microsoft malware protection engine denial of service attempt (more info ...) | attempted-dos | 2008-1438 | URL | ||
| 13825 | DOS Microsoft PGM fragment denial of service attempt (more info ...) | attempted-dos | 2008-1441 | URL | ||
| 13827 | DOS Microsoft PGM denial of service attempt (more info ...) | attempted-dos | 2008-1440 | URL | ||
| 13857 | WEB-ACTIVEX HP Instant Support DataManager ActiveX clsid access (more info ...) | attempted-user | 2008-0953 | 29536 | URL | |
| 13858 | WEB-ACTIVEX HP Instant Support DataManager ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0953 | 29536 | URL | |
| 13859 | WEB-ACTIVEX HP Instant Support DataManager ActiveX function call access (more info ...) | attempted-user | 2008-0953 | 29536 | URL | |
| 13860 | WEB-ACTIVEX HP Instant Support DataManager ActiveX function call unicode access (more info ...) | attempted-user | 2008-0953 | 29536 | URL | |
| 13883 | WEB-ACTIVEX UUSee UUUpgrade ActiveX clsid access (more info ...) | attempted-user | 29963 | |||
| 13884 | WEB-ACTIVEX UUSee UUUpgrade ActiveX clsid unicode access (more info ...) | attempted-user | 29963 | |||
| 13885 | WEB-ACTIVEX UUSee UUUpgrade ActiveX function call access (more info ...) | attempted-user | 29963 | |||
| 13886 | WEB-ACTIVEX UUSee UUUpgrade ActiveX function call unicode access (more info ...) | attempted-user | 29963 | |||
| 13893 | WEB-CLIENT Microsoft malformed saved search heap corruption attempt (more info ...) | attempted-admin | 2008-1435 | URL | ||
| 13903 | WEB-ACTIVEX Microsoft Access Snapshot Viewer 1 ActiveX clsid access (more info ...) | attempted-user | 2008-2463 | URL | ||
| 13904 | WEB-ACTIVEX Microsoft Access Snapshot Viewer 1 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-2463 | URL | ||
| 13905 | WEB-ACTIVEX Microsoft Access Snapshot Viewer 1 ActiveX function call access (more info ...) | attempted-user | 2008-2463 | URL | ||
| 13906 | WEB-ACTIVEX Microsoft Access Snapshot Viewer 1 ActiveX function call unicode access (more info ...) | attempted-user | 2008-2463 | URL | ||
| 13907 | WEB-ACTIVEX Microsoft Access Snapshot Viewer 2 ActiveX clsid access (more info ...) | attempted-user | 2008-2463 | URL | ||
| 13908 | WEB-ACTIVEX Microsoft Access Snapshot Viewer 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-2463 | URL | ||
| 13911 | WEB-CLIENT Microsoft search file download attempt (more info ...) | misc-activity | ||||
| 13913 | WEB-ACTIVEX AcroPDF.PDF ActiveX function call access (more info ...) | attempted-user | 2006-6236 | 21155 | URL | |
| 13914 | WEB-ACTIVEX AcroPDF.PDF ActiveX function call unicode access (more info ...) | attempted-user | 2006-6236 | 21155 | URL | |
| 13965 | WEB-ACTIVEX Microsoft Message System ActiveX clsid access (more info ...) | attempted-user | 2008-0082 | URL | ||
| 13967 | WEB-ACTIVEX Microsoft Message System ActiveX function call access (more info ...) | attempted-user | 2008-0082 | URL | ||
| 13971 | WEB-CLIENT Microsoft Powerpoint TxMasterStyle10Atom atom numLevels buffer overflow attempt (more info ...) | attempted-user | 2008-1455 | URL | ||
| 13975 | WEB-CLIENT Microsoft Windows Event System ActiveX clsid access (more info ...) | attempted-user | 2008-1457 | URL | ||
| 13977 | WEB-CLIENT Microsoft Windows Event System ActiveX function call access (more info ...) | attempted-user | 2008-1457 | URL | ||
| 13979 | WEB-CLIENT Microsoft Windows Event System Subscription VBScript access (more info ...) | attempted-user | 2008-1457 | URL | ||
| 13982 | WEB-CLIENT Microsoft Powerpoint file download attempt (more info ...) | misc-activity | ||||
| 14013 | WEB-ACTIVEX WebEx Meeting Manager atucfobj ActiveX clsid access (more info ...) | attempted-user | 2008-3558 | 30578 | URL | |
| 14014 | WEB-ACTIVEX WebEx Meeting Manager atucfobj ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3558 | 30578 | URL | |
| 14015 | WEB-ACTIVEX WebEx Meeting Manager atucfobj ActiveX function call access (more info ...) | attempted-user | 2008-3558 | 30578 | URL | |
| 14016 | WEB-ACTIVEX WebEx Meeting Manager atucfobj ActiveX function call unicode access (more info ...) | attempted-user | 2008-3558 | 30578 | URL | |
| 14021 | WEB-ACTIVEX Microsoft Visual Studio Msmask32 ActiveX clsid access (more info ...) | attempted-user | 2008-3704 | 30674 | URL | |
| 14022 | WEB-ACTIVEX Microsoft Visual Studio Msmask32 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3704 | 30674 | URL | |
| 14023 | WEB-ACTIVEX Microsoft Visual Studio Msmask32 ActiveX function call access (more info ...) | attempted-user | 2008-3704 | 30674 | URL | |
| 14024 | WEB-ACTIVEX Microsoft Visual Studio Msmask32 ActiveX function call unicode access (more info ...) | attempted-user | 2008-3704 | 30674 | URL | |
| 14025 | WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX clsid access (more info ...) | attempted-user | 2008-1786 | |||
| 14026 | WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1786 | |||
| 14027 | WEB-ACTIVEX CA DSM gui_cm_ctrls ActiveX function call access (more info ...) | attempted-user | 2008-1786 | 28809 | ||
| 14028 | WEB-ACTIVEX CA DSM gui_cm_ctrls ActiveX function call unicode access (more info ...) | attempted-user | 2008-1786 | 28809 | ||
| 14029 | WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX clsid access (more info ...) | attempted-user | 2008-1786 | |||
| 14030 | WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1786 | |||
| 14031 | WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX function call access (more info ...) | attempted-user | 2008-1786 | |||
| 14032 | WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX function call unicode access (more info ...) | attempted-user | 2008-1786 | |||
| 14088 | WEB-ACTIVEX Aurigma unspecified 1 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14089 | WEB-ACTIVEX Aurigma unspecified 1 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14090 | WEB-ACTIVEX Aurigma unspecified 2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14091 | WEB-ACTIVEX Aurigma unspecified 2 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14092 | WEB-ACTIVEX Aurigma unspecified 3 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14093 | WEB-ACTIVEX Aurigma unspecified 3 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14094 | WEB-ACTIVEX Aurigma unspecified 4 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14095 | WEB-ACTIVEX Aurigma unspecified 4 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14096 | WEB-ACTIVEX Aurigma unspecified 5 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14097 | WEB-ACTIVEX Aurigma unspecified 5 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14098 | WEB-ACTIVEX Aurigma unspecified 6 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14099 | WEB-ACTIVEX Aurigma unspecified 6 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14100 | WEB-ACTIVEX Aurigma unspecified 7 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14101 | WEB-ACTIVEX Aurigma unspecified 7 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14102 | WEB-ACTIVEX Aurigma unspecified 8 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14103 | WEB-ACTIVEX Aurigma unspecified 8 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14104 | WEB-ACTIVEX Aurigma unspecified 9 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14105 | WEB-ACTIVEX Aurigma unspecified 9 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14106 | WEB-ACTIVEX Aurigma unspecified 10 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14107 | WEB-ACTIVEX Aurigma unspecified 10 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14108 | WEB-ACTIVEX Aurigma unspecified 11 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14109 | WEB-ACTIVEX Aurigma unspecified 11 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14110 | WEB-ACTIVEX Aurigma unspecified 12 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14111 | WEB-ACTIVEX Aurigma unspecified 12 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14112 | WEB-ACTIVEX Aurigma unspecified 13 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14113 | WEB-ACTIVEX Aurigma unspecified 13 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14114 | WEB-ACTIVEX Aurigma unspecified 14 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14115 | WEB-ACTIVEX Aurigma unspecified 14 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14116 | WEB-ACTIVEX Aurigma unspecified 15 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14117 | WEB-ACTIVEX Aurigma unspecified 15 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14118 | WEB-ACTIVEX Aurigma unspecified 16 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14119 | WEB-ACTIVEX Aurigma unspecified 16 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14120 | WEB-ACTIVEX Aurigma unspecified 17 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14121 | WEB-ACTIVEX Aurigma unspecified 17 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14122 | WEB-ACTIVEX Aurigma unspecified 18 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14123 | WEB-ACTIVEX Aurigma unspecified 18 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14124 | WEB-ACTIVEX Aurigma unspecified 19 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14125 | WEB-ACTIVEX Aurigma unspecified 19 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14126 | WEB-ACTIVEX Aurigma unspecified 20 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14127 | WEB-ACTIVEX Aurigma unspecified 20 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14128 | WEB-ACTIVEX Aurigma unspecified 21 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14129 | WEB-ACTIVEX Aurigma unspecified 21 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14130 | WEB-ACTIVEX Aurigma unspecified 22 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14131 | WEB-ACTIVEX Aurigma unspecified 22 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14132 | WEB-ACTIVEX Aurigma unspecified 23 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14133 | WEB-ACTIVEX Aurigma unspecified 23 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14134 | WEB-ACTIVEX Aurigma unspecified 24 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14135 | WEB-ACTIVEX Aurigma unspecified 24 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14136 | WEB-ACTIVEX Aurigma unspecified 25 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14137 | WEB-ACTIVEX Aurigma unspecified 25 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14138 | WEB-ACTIVEX Aurigma unspecified 26 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14139 | WEB-ACTIVEX Aurigma unspecified 26 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14140 | WEB-ACTIVEX Aurigma unspecified 27 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14141 | WEB-ACTIVEX Aurigma unspecified 27 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14142 | WEB-ACTIVEX Aurigma unspecified 28 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14143 | WEB-ACTIVEX Aurigma unspecified 28 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14144 | WEB-ACTIVEX Aurigma unspecified 29 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14145 | WEB-ACTIVEX Aurigma unspecified 29 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14146 | WEB-ACTIVEX Aurigma unspecified 30 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14147 | WEB-ACTIVEX Aurigma unspecified 30 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14148 | WEB-ACTIVEX Aurigma unspecified 31 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14149 | WEB-ACTIVEX Aurigma unspecified 31 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14150 | WEB-ACTIVEX Aurigma unspecified 32 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14151 | WEB-ACTIVEX Aurigma unspecified 32 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14152 | WEB-ACTIVEX Aurigma unspecified 33 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14153 | WEB-ACTIVEX Aurigma unspecified 33 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14154 | WEB-ACTIVEX Aurigma unspecified 34 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14155 | WEB-ACTIVEX Aurigma unspecified 34 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14156 | WEB-ACTIVEX Aurigma unspecified 35 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14157 | WEB-ACTIVEX Aurigma unspecified 35 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14158 | WEB-ACTIVEX Aurigma unspecified 36 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14159 | WEB-ACTIVEX Aurigma unspecified 36 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14160 | WEB-ACTIVEX Aurigma unspecified 37 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14161 | WEB-ACTIVEX Aurigma unspecified 37 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14162 | WEB-ACTIVEX Aurigma unspecified 38 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14163 | WEB-ACTIVEX Aurigma unspecified 38 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14164 | WEB-ACTIVEX Aurigma unspecified 39 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14165 | WEB-ACTIVEX Aurigma unspecified 39 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14166 | WEB-ACTIVEX Aurigma unspecified 40 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14167 | WEB-ACTIVEX Aurigma unspecified 40 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14168 | WEB-ACTIVEX Aurigma unspecified 41 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14169 | WEB-ACTIVEX Aurigma unspecified 41 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14170 | WEB-ACTIVEX Aurigma unspecified 42 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14171 | WEB-ACTIVEX Aurigma unspecified 42 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14172 | WEB-ACTIVEX Aurigma unspecified 43 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14173 | WEB-ACTIVEX Aurigma unspecified 43 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14174 | WEB-ACTIVEX Aurigma unspecified 44 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14175 | WEB-ACTIVEX Aurigma unspecified 44 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14176 | WEB-ACTIVEX Aurigma unspecified 45 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14177 | WEB-ACTIVEX Aurigma unspecified 45 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14178 | WEB-ACTIVEX Aurigma unspecified 46 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14179 | WEB-ACTIVEX Aurigma unspecified 46 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14180 | WEB-ACTIVEX Aurigma unspecified 47 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14181 | WEB-ACTIVEX Aurigma unspecified 47 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14182 | WEB-ACTIVEX Aurigma unspecified 48 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14183 | WEB-ACTIVEX Aurigma unspecified 48 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14184 | WEB-ACTIVEX Aurigma unspecified 49 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14185 | WEB-ACTIVEX Aurigma unspecified 49 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14186 | WEB-ACTIVEX Aurigma unspecified 50 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14187 | WEB-ACTIVEX Aurigma unspecified 50 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14188 | WEB-ACTIVEX Aurigma unspecified 51 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14189 | WEB-ACTIVEX Aurigma unspecified 51 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14190 | WEB-ACTIVEX Aurigma unspecified 52 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14191 | WEB-ACTIVEX Aurigma unspecified 52 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14192 | WEB-ACTIVEX Aurigma unspecified 53 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14193 | WEB-ACTIVEX Aurigma unspecified 53 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14194 | WEB-ACTIVEX Aurigma unspecified 54 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14195 | WEB-ACTIVEX Aurigma unspecified 54 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14196 | WEB-ACTIVEX Aurigma unspecified 55 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14197 | WEB-ACTIVEX Aurigma unspecified 55 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14198 | WEB-ACTIVEX Aurigma unspecified 56 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14199 | WEB-ACTIVEX Aurigma unspecified 56 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14200 | WEB-ACTIVEX Aurigma unspecified 57 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14201 | WEB-ACTIVEX Aurigma unspecified 57 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14202 | WEB-ACTIVEX Aurigma unspecified 58 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14203 | WEB-ACTIVEX Aurigma unspecified 58 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14204 | WEB-ACTIVEX Aurigma unspecified 59 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14205 | WEB-ACTIVEX Aurigma unspecified 59 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14206 | WEB-ACTIVEX Aurigma unspecified 60 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14207 | WEB-ACTIVEX Aurigma unspecified 60 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14208 | WEB-ACTIVEX Aurigma unspecified 61 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14209 | WEB-ACTIVEX Aurigma unspecified 61 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14210 | WEB-ACTIVEX Aurigma unspecified 62 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14211 | WEB-ACTIVEX Aurigma unspecified 62 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14212 | WEB-ACTIVEX Aurigma unspecified 63 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14213 | WEB-ACTIVEX Aurigma unspecified 63 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14214 | WEB-ACTIVEX Aurigma unspecified 64 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14215 | WEB-ACTIVEX Aurigma unspecified 64 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14216 | WEB-ACTIVEX Aurigma unspecified 65 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14217 | WEB-ACTIVEX Aurigma unspecified 65 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14218 | WEB-ACTIVEX Aurigma unspecified 66 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14219 | WEB-ACTIVEX Aurigma unspecified 66 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14220 | WEB-ACTIVEX Aurigma unspecified 67 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14221 | WEB-ACTIVEX Aurigma unspecified 67 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14222 | WEB-ACTIVEX Aurigma unspecified 68 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14223 | WEB-ACTIVEX Aurigma unspecified 68 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14224 | WEB-ACTIVEX Aurigma unspecified 69 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14225 | WEB-ACTIVEX Aurigma unspecified 69 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14226 | WEB-ACTIVEX Aurigma unspecified 70 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14227 | WEB-ACTIVEX Aurigma unspecified 70 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14228 | WEB-ACTIVEX Aurigma unspecified 71 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14229 | WEB-ACTIVEX Aurigma unspecified 71 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14231 | WEB-ACTIVEX SoftArtisans XFile FileManager ActiveX clsid access (more info ...) | attempted-user | 2007-1682 | 30826 | URL | |
| 14233 | WEB-ACTIVEX SoftArtisans XFile FileManager ActiveX function call access (more info ...) | attempted-user | 2007-1682 | 30826 | URL | |
| 14234 | WEB-ACTIVEX SoftArtisans XFile FileManager ActiveX function call unicode access (more info ...) | attempted-user | 2007-1682 | 30826 | URL | |
| 14239 | WEB-ACTIVEX Friendly Technologies fwRemoteConfig ActiveX clsid access (more info ...) | attempted-user | 30891 | |||
| 14240 | WEB-ACTIVEX Friendly Technologies fwRemoteConfig ActiveX clsid unicode access (more info ...) | attempted-user | 30891 | |||
| 14241 | WEB-ACTIVEX Friendly Technologies fwRemoteConfig ActiveX function call access (more info ...) | attempted-user | 30891 | |||
| 14242 | WEB-ACTIVEX Friendly Technologies fwRemoteConfig ActiveX function call unicode access (more info ...) | attempted-user | 30891 | |||
| 14243 | WEB-ACTIVEX Najdi.si Toolbar ActiveX clsid access (more info ...) | attempted-user | 30922 | |||
| 14244 | WEB-ACTIVEX Najdi.si Toolbar ActiveX clsid unicode access (more info ...) | attempted-user | 30922 | |||
| 14245 | WEB-ACTIVEX Najdi.si Toolbar ActiveX function call access (more info ...) | attempted-user | 30922 | |||
| 14246 | WEB-ACTIVEX Najdi.si Toolbar ActiveX function call unicode access (more info ...) | attempted-user | 30922 | |||
| 14247 | WEB-ACTIVEX Eyeball MessengerSDK ActiveX clsid access (more info ...) | attempted-user | 2008-3430 | 30424 | ||
| 14248 | WEB-ACTIVEX Eyeball MessengerSDK ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3430 | 30424 | ||
| 14249 | WEB-ACTIVEX Eyeball MessengerSDK ActiveX function call access (more info ...) | attempted-user | 2008-3430 | 30424 | ||
| 14250 | WEB-ACTIVEX Eyeball MessengerSDK ActiveX function call unicode access (more info ...) | attempted-user | 2008-3430 | 30424 | ||
| 14251 | EXPLOIT Microsoft GDI malformed metarecord buffer overflow attempt (more info ...) | attempted-user | 2008-3014 | URL | ||
| 14259 | WEB-CLIENT Microsoft GDI EMF malformed file buffer overflow attempt (more info ...) | attempted-user | 2008-3012 | URL | ||
| 14266 | WEB-ACTIVEX Microsoft Windows Image Acquisition Logger ActiveX clsid access (more info ...) | attempted-user | 2008-3957 | 31069 | ||
| 14267 | WEB-ACTIVEX Microsoft Windows Image Acquisition Logger ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3957 | 31069 | ||
| 14268 | WEB-ACTIVEX Microsoft Windows Image Acquisition Logger ActiveX function call access (more info ...) | attempted-user | 2008-3957 | 31069 | ||
| 14269 | WEB-ACTIVEX Microsoft Windows Image Acquisition Logger ActiveX function call unicode access (more info ...) | attempted-user | 2008-3957 | 31069 | ||
| 14270 | WEB-ACTIVEX VieLib2.Vie2Locator ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14271 | WEB-ACTIVEX VieLib2.Vie2Locator ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14272 | WEB-ACTIVEX VieLib2.Vie2Locator ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14273 | WEB-ACTIVEX VieLib2.Vie2Locator ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14274 | WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14275 | WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14276 | WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14277 | WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14278 | WEB-ACTIVEX VieLib2.Vie2Process ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14279 | WEB-ACTIVEX VieLib2.Vie2Process ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14280 | WEB-ACTIVEX VieLib2.Vie2Process ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14281 | WEB-ACTIVEX VieLib2.Vie2Process ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14282 | WEB-ACTIVEX IntraProcessLogging.Logger ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14283 | WEB-ACTIVEX IntraProcessLogging.Logger ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14284 | WEB-ACTIVEX IntraProcessLogging.Logger ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14285 | WEB-ACTIVEX IntraProcessLogging.Logger ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14286 | WEB-ACTIVEX VMClientHosts Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14287 | WEB-ACTIVEX VMClientHosts Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14288 | WEB-ACTIVEX VMClientHosts Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14289 | WEB-ACTIVEX VMClientHosts Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14290 | WEB-ACTIVEX VhdCvtCom.DiskLibCreateParamObj ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14291 | WEB-ACTIVEX VhdCvtCom.DiskLibCreateParamObj ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14292 | WEB-ACTIVEX VhdCvtCom.DiskLibCreateParamObj ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14293 | WEB-ACTIVEX VhdCvtCom.DiskLibCreateParamObj ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14294 | WEB-ACTIVEX RemoteDirDlg Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14295 | WEB-ACTIVEX RemoteDirDlg Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14296 | WEB-ACTIVEX RemoteDirDlg Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14297 | WEB-ACTIVEX RemoteDirDlg Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14298 | WEB-ACTIVEX TeamListViewWnd Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14299 | WEB-ACTIVEX TeamListViewWnd Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14300 | WEB-ACTIVEX TeamListViewWnd Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14301 | WEB-ACTIVEX TeamListViewWnd Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14302 | WEB-ACTIVEX VMStatusbarCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14303 | WEB-ACTIVEX VMStatusbarCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14304 | WEB-ACTIVEX VMStatusbarCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14305 | WEB-ACTIVEX VMStatusbarCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14306 | WEB-ACTIVEX Vmc2vmx.CoVPCConfiguration ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14307 | WEB-ACTIVEX Vmc2vmx.CoVPCConfiguration ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14308 | WEB-ACTIVEX Vmc2vmx.CoVPCConfiguration ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14309 | WEB-ACTIVEX Vmc2vmx.CoVPCConfiguration ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14310 | WEB-ACTIVEX VmdbUpdate Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14311 | WEB-ACTIVEX VmdbUpdate Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14312 | WEB-ACTIVEX VmdbUpdate Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14313 | WEB-ACTIVEX VmdbUpdate Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14314 | WEB-ACTIVEX VMWare unspecified 1 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14315 | WEB-ACTIVEX VMWare unspecified 1 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14316 | WEB-ACTIVEX VmdbExecuteError Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14317 | WEB-ACTIVEX VmdbExecuteError Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14318 | WEB-ACTIVEX VmdbExecuteError Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14319 | WEB-ACTIVEX VmdbExecuteError Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14320 | WEB-ACTIVEX VMWare unspecified 2 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14321 | WEB-ACTIVEX VMWare unspecified 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14322 | WEB-ACTIVEX reconfig.SysImageUti ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14323 | WEB-ACTIVEX reconfig.SysImageUti ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14324 | WEB-ACTIVEX reconfig.SysImageUti ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14325 | WEB-ACTIVEX reconfig.SysImageUti ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14326 | WEB-ACTIVEX Microsoft Visual Database Tools Query Designer V7.0 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14327 | WEB-ACTIVEX Microsoft Visual Database Tools Query Designer V7.0 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14328 | WEB-ACTIVEX Microsoft Visual Database Tools Query Designer V7.0 ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14329 | WEB-ACTIVEX Microsoft Visual Database Tools Query Designer V7.0 ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14330 | WEB-ACTIVEX VmdbContext Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14331 | WEB-ACTIVEX VmdbContext Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14332 | WEB-ACTIVEX VmdbContext Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14333 | WEB-ACTIVEX VmdbContext Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14334 | WEB-ACTIVEX VMClientVMs Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14335 | WEB-ACTIVEX VMClientVMs Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14336 | WEB-ACTIVEX VMClientVMs Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14337 | WEB-ACTIVEX VMClientVMs Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14338 | WEB-ACTIVEX vmappPropObj Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14339 | WEB-ACTIVEX vmappPropObj Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14340 | WEB-ACTIVEX vmappPropObj Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14341 | WEB-ACTIVEX vmappPropObj Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14342 | WEB-ACTIVEX VMWare unspecified 3 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14343 | WEB-ACTIVEX VMWare unspecified 3 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14344 | WEB-ACTIVEX VMMsg Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14345 | WEB-ACTIVEX VMMsg Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14346 | WEB-ACTIVEX VMMsg Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14347 | WEB-ACTIVEX VMMsg Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14348 | WEB-ACTIVEX VMWare unspecified 4 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14349 | WEB-ACTIVEX VMWare unspecified 4 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14350 | WEB-ACTIVEX reconfig.PopulatedDi ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14351 | WEB-ACTIVEX reconfig.PopulatedDi ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14352 | WEB-ACTIVEX reconfig.PopulatedDi ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14353 | WEB-ACTIVEX reconfig.PopulatedDi ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14354 | WEB-ACTIVEX Elevated.ElevMgr ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14355 | WEB-ACTIVEX Elevated.ElevMgr ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14356 | WEB-ACTIVEX Elevated.ElevMgr ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14357 | WEB-ACTIVEX Elevated.ElevMgr ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14358 | WEB-ACTIVEX VMWare unspecified 5 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14359 | WEB-ACTIVEX VMWare unspecified 5 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14360 | WEB-ACTIVEX HardwareCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14361 | WEB-ACTIVEX HardwareCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14362 | WEB-ACTIVEX HardwareCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14363 | WEB-ACTIVEX HardwareCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14364 | WEB-ACTIVEX VMWare unspecified 6 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14365 | WEB-ACTIVEX VMWare unspecified 6 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14366 | WEB-ACTIVEX VmdbQuery Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14367 | WEB-ACTIVEX VmdbQuery Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14368 | WEB-ACTIVEX VmdbQuery Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14369 | WEB-ACTIVEX VmdbQuery Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14370 | WEB-ACTIVEX vmappPropObj2 Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14371 | WEB-ACTIVEX vmappPropObj2 Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14372 | WEB-ACTIVEX vmappPropObj2 Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14373 | WEB-ACTIVEX vmappPropObj2 Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14374 | WEB-ACTIVEX VmappPoll Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14375 | WEB-ACTIVEX VmappPoll Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14376 | WEB-ACTIVEX VmappPoll Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14377 | WEB-ACTIVEX VmappPoll Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14378 | WEB-ACTIVEX VMClient Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14379 | WEB-ACTIVEX VMClient Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14380 | WEB-ACTIVEX VMClient Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14381 | WEB-ACTIVEX VMClient Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14382 | WEB-ACTIVEX Pq2vcom.Pq2v ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14383 | WEB-ACTIVEX Pq2vcom.Pq2v ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14384 | WEB-ACTIVEX Pq2vcom.Pq2v ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14385 | WEB-ACTIVEX Pq2vcom.Pq2v ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14386 | WEB-ACTIVEX VmdbSchema Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14387 | WEB-ACTIVEX VmdbSchema Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14388 | WEB-ACTIVEX VmdbSchema Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14389 | WEB-ACTIVEX VmdbSchema Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14390 | WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14391 | WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14392 | WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14393 | WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14394 | WEB-ACTIVEX VixCOM.VixLib ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14395 | WEB-ACTIVEX VixCOM.VixLib ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14396 | WEB-ACTIVEX VixCOM.VixLib ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14397 | WEB-ACTIVEX VixCOM.VixLib ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14398 | WEB-ACTIVEX vmappsdk.CuiObj ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14399 | WEB-ACTIVEX vmappsdk.CuiObj ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14400 | WEB-ACTIVEX vmappsdk.CuiObj ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14401 | WEB-ACTIVEX vmappsdk.CuiObj ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14402 | WEB-ACTIVEX RemoteBrowseDlg Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14403 | WEB-ACTIVEX RemoteBrowseDlg Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14404 | WEB-ACTIVEX RemoteBrowseDlg Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14405 | WEB-ACTIVEX RemoteBrowseDlg Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14406 | WEB-ACTIVEX RegVmsCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14407 | WEB-ACTIVEX RegVmsCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14408 | WEB-ACTIVEX RegVmsCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14409 | WEB-ACTIVEX RegVmsCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14410 | WEB-ACTIVEX VmdbEnumTags Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14411 | WEB-ACTIVEX VmdbEnumTags Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14412 | WEB-ACTIVEX VmdbEnumTags Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14413 | WEB-ACTIVEX VmdbEnumTags Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14414 | WEB-ACTIVEX VMWare unspecified 7 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14415 | WEB-ACTIVEX VMWare unspecified 7 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14416 | WEB-ACTIVEX VieLib2.Vie2Process ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14417 | WEB-ACTIVEX VieLib2.Vie2Process ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14418 | WEB-ACTIVEX VieLib2.Vie2Process ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14419 | WEB-ACTIVEX VieLib2.Vie2Process ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14420 | WEB-ACTIVEX VmdbDatabase Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14421 | WEB-ACTIVEX VmdbDatabase Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14422 | WEB-ACTIVEX VmdbDatabase Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14423 | WEB-ACTIVEX VmdbDatabase Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14424 | WEB-ACTIVEX VMAppSdkUtil Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14425 | WEB-ACTIVEX VMAppSdkUtil Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14426 | WEB-ACTIVEX VMAppSdkUtil Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14427 | WEB-ACTIVEX VMAppSdkUtil Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14428 | WEB-ACTIVEX VMWare unspecified 8 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14429 | WEB-ACTIVEX VMWare unspecified 8 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14430 | WEB-ACTIVEX VMEnumStrings Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14431 | WEB-ACTIVEX VMEnumStrings Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14432 | WEB-ACTIVEX VMEnumStrings Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14433 | WEB-ACTIVEX VMEnumStrings Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14434 | WEB-ACTIVEX VMWare unspecified 9 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14435 | WEB-ACTIVEX VMWare unspecified 9 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14436 | WEB-ACTIVEX VMClientHost Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14437 | WEB-ACTIVEX VMClientHost Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14438 | WEB-ACTIVEX VMClientHost Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14439 | WEB-ACTIVEX VMClientHost Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14440 | WEB-ACTIVEX VMWare unspecified 10 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14441 | WEB-ACTIVEX VMWare unspecified 10 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14442 | WEB-ACTIVEX VMWare unspecified 11 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14443 | WEB-ACTIVEX VMWare unspecified 11 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14444 | WEB-ACTIVEX VMWare unspecified 12 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14445 | WEB-ACTIVEX VMWare unspecified 12 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14446 | WEB-ACTIVEX VMWare unspecified 13 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14447 | WEB-ACTIVEX VMWare unspecified 13 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14448 | WEB-ACTIVEX reconfig.SystemReconfigur ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14449 | WEB-ACTIVEX reconfig.SystemReconfigur ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14450 | WEB-ACTIVEX reconfig.SystemReconfigur ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14451 | WEB-ACTIVEX reconfig.SystemReconfigur ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14452 | WEB-ACTIVEX vmhwcfg.NwzCompleted ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14453 | WEB-ACTIVEX vmhwcfg.NwzCompleted ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14454 | WEB-ACTIVEX vmhwcfg.NwzCompleted ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14455 | WEB-ACTIVEX vmhwcfg.NwzCompleted ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14456 | WEB-ACTIVEX MksCompatCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14457 | WEB-ACTIVEX MksCompatCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14458 | WEB-ACTIVEX MksCompatCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14459 | WEB-ACTIVEX MksCompatCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14460 | WEB-ACTIVEX VMWare unspecified 14 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14461 | WEB-ACTIVEX VMWare unspecified 14 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14462 | WEB-ACTIVEX IntraProcessLogging.Logger ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14463 | WEB-ACTIVEX IntraProcessLogging.Logger ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14464 | WEB-ACTIVEX IntraProcessLogging.Logger ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14465 | WEB-ACTIVEX IntraProcessLogging.Logger ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14466 | WEB-ACTIVEX VMWare unspecified 15 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14467 | WEB-ACTIVEX VMWare unspecified 15 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14468 | WEB-ACTIVEX Elevated.HostDeviceInfos ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14469 | WEB-ACTIVEX Elevated.HostDeviceInfos ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14470 | WEB-ACTIVEX Elevated.HostDeviceInfos ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14471 | WEB-ACTIVEX Elevated.HostDeviceInfos ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14472 | WEB-ACTIVEX VMWare unspecified 16 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14473 | WEB-ACTIVEX VMWare unspecified 16 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14474 | WEB-ACTIVEX VMWare unspecified 17 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14475 | WEB-ACTIVEX VMWare unspecified 17 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14476 | WEB-ACTIVEX reconfig.GuestInfo ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14477 | WEB-ACTIVEX reconfig.GuestInfo ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14478 | WEB-ACTIVEX reconfig.GuestInfo ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14479 | WEB-ACTIVEX reconfig.GuestInfo ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14480 | WEB-ACTIVEX VmappPropFrame Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14481 | WEB-ACTIVEX VmappPropFrame Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14482 | WEB-ACTIVEX VmappPropFrame Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14483 | WEB-ACTIVEX VmappPropFrame Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14484 | WEB-ACTIVEX VhdCvtCom.VhdConverter ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14485 | WEB-ACTIVEX VhdCvtCom.VhdConverter ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14486 | WEB-ACTIVEX VhdCvtCom.VhdConverter ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14487 | WEB-ACTIVEX VhdCvtCom.VhdConverter ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14488 | WEB-ACTIVEX VMSwitchCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14489 | WEB-ACTIVEX VMSwitchCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14490 | WEB-ACTIVEX VMSwitchCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14491 | WEB-ACTIVEX VMSwitchCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14492 | WEB-ACTIVEX VMWare unspecified 18 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14493 | WEB-ACTIVEX VMWare unspecified 18 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14494 | WEB-ACTIVEX VmdbUtil Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14495 | WEB-ACTIVEX VmdbUtil Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14496 | WEB-ACTIVEX VmdbUtil Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14497 | WEB-ACTIVEX VmdbUtil Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14498 | WEB-ACTIVEX VMWare unspecified 19 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14499 | WEB-ACTIVEX VMWare unspecified 19 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14500 | WEB-ACTIVEX VMwareVpcCvt.VpcC ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14501 | WEB-ACTIVEX VMwareVpcCvt.VpcC ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14502 | WEB-ACTIVEX VMwareVpcCvt.VpcC ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14503 | WEB-ACTIVEX VMwareVpcCvt.VpcC ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14504 | WEB-ACTIVEX VmdbCnxUtil Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14505 | WEB-ACTIVEX VmdbCnxUtil Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14506 | WEB-ACTIVEX VmdbCnxUtil Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14507 | WEB-ACTIVEX VmdbCnxUtil Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14508 | WEB-ACTIVEX Vmc2vmx.CoVPCDrive ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14509 | WEB-ACTIVEX Vmc2vmx.CoVPCDrive ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14510 | WEB-ACTIVEX Vmc2vmx.CoVPCDrive ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14511 | WEB-ACTIVEX Vmc2vmx.CoVPCDrive ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14512 | WEB-ACTIVEX VMWare unspecified 20 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14513 | WEB-ACTIVEX VMWare unspecified 20 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14514 | WEB-ACTIVEX VMClientVM Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14515 | WEB-ACTIVEX VMClientVM Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14516 | WEB-ACTIVEX VMClientVM Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14517 | WEB-ACTIVEX VMClientVM Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14518 | WEB-ACTIVEX VMWare unspecified 21 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14519 | WEB-ACTIVEX VMWare unspecified 21 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14520 | WEB-ACTIVEX Elevated.VMXCreator ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14521 | WEB-ACTIVEX Elevated.VMXCreator ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14522 | WEB-ACTIVEX Elevated.VMXCreator ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14523 | WEB-ACTIVEX Elevated.VMXCreator ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14524 | WEB-ACTIVEX VMWare unspecified 22 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14525 | WEB-ACTIVEX VMWare unspecified 22 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14526 | WEB-ACTIVEX HotfixWz Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14527 | WEB-ACTIVEX HotfixWz Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14528 | WEB-ACTIVEX HotfixWz Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14529 | WEB-ACTIVEX HotfixWz Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14530 | WEB-ACTIVEX VmdbUpdates Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14531 | WEB-ACTIVEX VmdbUpdates Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14532 | WEB-ACTIVEX VmdbUpdates Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14533 | WEB-ACTIVEX VmdbUpdates Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14534 | WEB-ACTIVEX VMListCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14535 | WEB-ACTIVEX VMListCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14536 | WEB-ACTIVEX VMListCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14537 | WEB-ACTIVEX VMListCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14538 | WEB-ACTIVEX CheckedListViewWnd Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14539 | WEB-ACTIVEX CheckedListViewWnd Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14540 | WEB-ACTIVEX CheckedListViewWnd Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14541 | WEB-ACTIVEX CheckedListViewWnd Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14542 | WEB-ACTIVEX VMWare unspecified 23 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14543 | WEB-ACTIVEX VMWare unspecified 23 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14544 | WEB-ACTIVEX VmdbTreeCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14545 | WEB-ACTIVEX VmdbTreeCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14546 | WEB-ACTIVEX VmdbTreeCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14547 | WEB-ACTIVEX VmdbTreeCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14548 | WEB-ACTIVEX Nwz Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14549 | WEB-ACTIVEX Nwz Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14550 | WEB-ACTIVEX Nwz Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14551 | WEB-ACTIVEX Nwz Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14552 | WEB-ACTIVEX Vmc2vmx.CoVPCDrives ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14553 | WEB-ACTIVEX Vmc2vmx.CoVPCDrives ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14554 | WEB-ACTIVEX Vmc2vmx.CoVPCDrives ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14555 | WEB-ACTIVEX Vmc2vmx.CoVPCDrives ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14556 | WEB-ACTIVEX MksCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14557 | WEB-ACTIVEX MksCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14558 | WEB-ACTIVEX MksCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14559 | WEB-ACTIVEX MksCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14560 | WEB-ACTIVEX VmappPropPath Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14561 | WEB-ACTIVEX VmappPropPath Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14562 | WEB-ACTIVEX VmappPropPath Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14563 | WEB-ACTIVEX VmappPropPath Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14564 | WEB-ACTIVEX VMWare unspecified 24 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14565 | WEB-ACTIVEX VMWare unspecified 24 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14566 | WEB-ACTIVEX PolicyCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14567 | WEB-ACTIVEX PolicyCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14568 | WEB-ACTIVEX PolicyCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14569 | WEB-ACTIVEX PolicyCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14570 | WEB-ACTIVEX VmdbParseError Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14571 | WEB-ACTIVEX VmdbParseError Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14572 | WEB-ACTIVEX VmdbParseError Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14573 | WEB-ACTIVEX VmdbParseError Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14574 | WEB-ACTIVEX NavigationCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14575 | WEB-ACTIVEX NavigationCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14576 | WEB-ACTIVEX NavigationCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14577 | WEB-ACTIVEX NavigationCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14578 | WEB-ACTIVEX VMList Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14579 | WEB-ACTIVEX VMList Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14580 | WEB-ACTIVEX VMList Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14581 | WEB-ACTIVEX VMList Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14582 | WEB-ACTIVEX VMWare unspecified 25 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14583 | WEB-ACTIVEX VMWare unspecified 25 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14584 | WEB-ACTIVEX VMWare unspecified 26 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14585 | WEB-ACTIVEX VMWare unspecified 26 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14586 | WEB-ACTIVEX CurrentVMCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14587 | WEB-ACTIVEX CurrentVMCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14588 | WEB-ACTIVEX CurrentVMCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14589 | WEB-ACTIVEX CurrentVMCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14590 | WEB-ACTIVEX VhdCvtCom.DiskLibHelper ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14591 | WEB-ACTIVEX VhdCvtCom.DiskLibHelper ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14592 | WEB-ACTIVEX VhdCvtCom.DiskLibHelper ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14593 | WEB-ACTIVEX VhdCvtCom.DiskLibHelper ActiveX function call unicode access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14594 | WEB-ACTIVEX Peachtree Accounting 2004 ActiveX clsid access (more info ...) | attempted-user | 31096 | |||
| 14595 | WEB-ACTIVEX Peachtree Accounting 2004 ActiveX clsid unicode access (more info ...) | attempted-user | 31096 | |||
| 14596 | WEB-ACTIVEX ComponentOne VSFlexGrid ActiveX clsid access (more info ...) | attempted-user | 31200 | |||
| 14597 | WEB-ACTIVEX ComponentOne VSFlexGrid ActiveX clsid unicode access (more info ...) | attempted-user | 31200 | |||
| 14598 | WEB-ACTIVEX ComponentOne VSFlexGrid ActiveX function call access (more info ...) | attempted-user | 31200 | |||
| 14599 | WEB-ACTIVEX ComponentOne VSFlexGrid ActiveX function call unicode access (more info ...) | attempted-user | 31200 | |||
| 14603 | WEB-ACTIVEX Data Dynamics ActiveReport ARViewer2 ActiveX clsid access (more info ...) | attempted-user | 31227 | |||
| 14604 | WEB-ACTIVEX Data Dynamics ActiveReport ARViewer2 ActiveX clsid unicode access (more info ...) | attempted-user | 31227 | |||
| 14605 | WEB-ACTIVEX Data Dynamics ActiveReport ARViewer2 ActiveX function call access (more info ...) | attempted-user | 31227 | |||
| 14606 | WEB-ACTIVEX Data Dynamics ActiveReport ARViewer2 ActiveX function call unicode access (more info ...) | attempted-user | 31227 | |||
| 14607 | EXPLOIT CA Brightstor SUN RPC malformed string buffer overflow attempt (more info ...) | attempted-admin | 2007-2139 | 23635 | ||
| 14611 | WEB-ACTIVEX VMWare VMCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3892 | 30934 | ||
| 14612 | WEB-ACTIVEX VMWare VMCtl Class ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3892 | 30934 | ||
| 14613 | WEB-ACTIVEX VMWare VMCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3892 | 30934 | ||
| 14614 | WEB-ACTIVEX VMWare VMCtl Class ActiveX function call unicode access (more info ...) | attempted-user | 2008-3892 | 30934 | ||
| 14631 | WEB-ACTIVEX SystemRequirementsLab ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14632 | WEB-ACTIVEX SystemRequirementsLab ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 14633 | WEB-ACTIVEX PhotoStockPlus ActiveX clsid access (more info ...) | attempted-user | 2008-0957 | 29279 | URL | |
| 14634 | WEB-ACTIVEX PhotoStockPlus ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0957 | 29279 | URL | |
| 14635 | WEB-ACTIVEX Microsoft RSClientPrint ActiveX clsid access (more info ...) | attempted-user | 2008-3015 | URL | ||
| 14636 | WEB-ACTIVEX Microsoft RSClientPrint ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3015 | URL | ||
| 14637 | WEB-ACTIVEX Microsoft PicturePusher ActiveX clsid access (more info ...) | attempted-user | 2008-4493 | 31632 | ||
| 14638 | WEB-ACTIVEX Microsoft PicturePusher ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4493 | 31632 | ||
| 14639 | WEB-ACTIVEX Microsoft PicturePusher ActiveX function call access (more info ...) | attempted-user | 2008-4493 | 31632 | ||
| 14640 | WEB-ACTIVEX Microsoft PicturePusher ActiveX function call unicode access (more info ...) | attempted-user | 2008-4493 | 31632 | ||
| 14647 | NETBIOS-DG SMB Search Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14648 | NETBIOS-DG SMB Search unicode Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14649 | NETBIOS SMB Search Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14650 | NETBIOS SMB Search unicode Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14651 | NETBIOS-DG SMB Search andx Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14652 | NETBIOS-DG SMB Search unicode andx Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14653 | NETBIOS SMB Search andx Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14654 | NETBIOS SMB Search unicode andx Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14661 | NETBIOS DCERPC NCACN-IP-TCP spoolss EnumJobs attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14709 | NETBIOS SMB spoolss EnumJobs response WriteAndX unicode little endian attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14711 | NETBIOS SMB spoolss EnumJobs response little endian attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14712 | NETBIOS SMB spoolss EnumJobs response WriteAndX little endian attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14713 | NETBIOS SMB spoolss EnumJobs response attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14714 | NETBIOS SMB spoolss EnumJobs response unicode attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14715 | NETBIOS SMB spoolss EnumJobs response WriteAndX attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14716 | NETBIOS SMB spoolss EnumJobs response WriteAndX unicode attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14717 | NETBIOS SMB spoolss EnumJobs response WriteAndX unicode little endian andx attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14718 | NETBIOS SMB spoolss EnumJobs response unicode little endian andx attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14719 | NETBIOS SMB spoolss EnumJobs response little endian andx attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14720 | NETBIOS SMB spoolss EnumJobs response WriteAndX little endian andx attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14721 | NETBIOS SMB spoolss EnumJobs response andx attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14722 | NETBIOS SMB spoolss EnumJobs response unicode andx attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14723 | NETBIOS SMB spoolss EnumJobs response WriteAndX andx attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14724 | NETBIOS SMB spoolss EnumJobs response WriteAndX unicode andx attempt (more info ...) | protocol-command-decode | 2008-1446 | URL | ||
| 14725 | NETBIOS DCERPC NCACN-IP-TCP mqqm QMGetRemoteQueueName overflow attempt (more info ...) | attempted-admin | 2008-3479 | URL | ||
| 14726 | NETBIOS DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt (more info ...) | attempted-admin | 2008-3479 | URL | ||
| 14737 | NETBIOS DCERPC NCACN-IP-TCP host-integration bind attempt (more info ...) | protocol-command-decode | 2008-3466 | URL | ||
| 14744 | WEB-ACTIVEX Hummingbird HostExplorer ActiveX clsid access (more info ...) | attempted-user | 31783 | |||
| 14745 | WEB-ACTIVEX Hummingbird HostExplorer ActiveX clsid unicode access (more info ...) | attempted-user | 31783 | |||
| 14746 | WEB-ACTIVEX Autodesk DWF Viewer ActiveX clsid access (more info ...) | attempted-user | 2008-4472 | 31490 | ||
| 14747 | WEB-ACTIVEX Autodesk DWF Viewer ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4472 | 31490 | ||
| 14748 | WEB-ACTIVEX Autodesk LiveUpdate ActiveX clsid access (more info ...) | attempted-user | 2008-4472 | 31490 | ||
| 14749 | WEB-ACTIVEX Autodesk LiveUpdate ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4472 | 31490 | ||
| 14750 | WEB-ACTIVEX Autodesk LiveUpdate ActiveX function call access (more info ...) | attempted-user | 2008-4472 | 31490 | ||
| 14751 | WEB-ACTIVEX Autodesk LiveUpdate ActiveX function call unicode access (more info ...) | attempted-user | 2008-4472 | 31490 | ||
| 14752 | WEB-ACTIVEX Novell ZENworks Desktop Management ActiveX clsid access (more info ...) | attempted-user | 31435 | |||
| 14753 | WEB-ACTIVEX Novell ZENworks Desktop Management ActiveX clsid unicode access (more info ...) | attempted-user | 31435 | |||
| 14754 | WEB-ACTIVEX Novell ZENworks Desktop Management ActiveX function call access (more info ...) | attempted-user | 31435 | |||
| 14755 | WEB-ACTIVEX Novell ZENworks Desktop Management ActiveX function call unicode access (more info ...) | attempted-user | 31435 | |||
| 14760 | WEB-ACTIVEX iseemedia LPViewer ActiveX clsid access (more info ...) | attempted-user | 2008-4384 | 31604 | ||
| 14761 | WEB-ACTIVEX iseemedia LPViewer ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4384 | 31604 | ||
| 14762 | WEB-ACTIVEX iseemedia LPViewer ActiveX function call access (more info ...) | attempted-user | 2008-4384 | 31604 | ||
| 14763 | WEB-ACTIVEX iseemedia LPViewer ActiveX function call unicode access (more info ...) | attempted-user | 2008-4384 | 31604 | ||
| 14782 | NETBIOS DCERPC NCACN-IP-TCP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (more info ...) | attempted-admin | 2008-4250 | URL | ||
| 14783 | NETBIOS DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (more info ...) | attempted-admin | 2008-4250 | URL | ||
| 14896 | NETBIOS-DG SMB v4 srvsvc NetrpPathCononicalize unicode path cononicalization stack overflow attempt (more info ...) | attempted-admin | 2008-4250 | URL | ||
| 14897 | WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX function call access (more info ...) | attempted-user | 2007-6506 | 26950 | ||
| 14898 | WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX function call unicode access (more info ...) | attempted-user | 2007-6506 | 26950 | ||
| 14900 | NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum overflow attempt (more info ...) | attempted-admin | 2007-2446 | 24198 | ||
| 14988 | NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt (more info ...) | attempted-admin | 2007-2446 | 24198 | ||
| 14993 | WEB-ACTIVEX Visagesoft eXPert PDF Viewer ActiveX clsid access (more info ...) | attempted-user | 2008-4919 | 31984 | ||
| 14994 | WEB-ACTIVEX Visagesoft eXPert PDF Viewer ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4919 | 31984 | ||
| 14995 | WEB-ACTIVEX Visagesoft eXPert PDF Viewer ActiveX function call access (more info ...) | attempted-user | 2008-4919 | 31984 | ||
| 14996 | WEB-ACTIVEX Visagesoft eXPert PDF Viewer ActiveX function call unicode access (more info ...) | attempted-user | 2008-4919 | 31984 | ||
| 14999 | WEB-ACTIVEX Microsoft Debug Diagnostic Tool ActiveX clsid access (more info ...) | attempted-user | 2008-4800 | 31996 | ||
| 15000 | WEB-ACTIVEX Microsoft Debug Diagnostic Tool ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4800 | 31996 | ||
| 15001 | WEB-ACTIVEX Microsoft Debug Diagnostic Tool ActiveX function call access (more info ...) | attempted-user | 2008-4800 | 31996 | ||
| 15002 | WEB-ACTIVEX Microsoft Debug Diagnostic Tool ActiveX function call unicode access (more info ...) | attempted-user | 2008-4800 | 31996 | ||
| 15003 | WEB-ACTIVEX Chilkat Crypt 2 ActiveX clsid access (more info ...) | attempted-user | 32073 | |||
| 15004 | WEB-ACTIVEX Chilkat Crypt 2 ActiveX clsid unicode access (more info ...) | attempted-user | 32073 | |||
| 15005 | WEB-ACTIVEX Chilkat Crypt 2 ActiveX function call access (more info ...) | attempted-user | 32073 | |||
| 15006 | WEB-ACTIVEX Chilkat Crypt 2 ActiveX function call unicode access (more info ...) | attempted-user | 32073 | |||
| 15009 | NETBIOS possible SMB replay attempt - overlapping encryption keys detected (more info ...) | attempted-user | 2000-0834 | URL | ||
| 15011 | WEB-CLIENT Microsoft XML core services cross-domain information disclosure attempt (more info ...) | misc-attack | 2008-4033 | URL | ||
| 15015 | NETBIOS DCERPC NCACN-IP-TCP wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel overflow attempt (more info ...) | attempted-admin | 2008-4250 | URL | ||
| 15069 | WEB-ACTIVEX SAP AG SAPgui mdrmsap ActiveX clsid access (more info ...) | attempted-user | 2008-4387 | 32186 | ||
| 15070 | WEB-ACTIVEX SAP AG SAPgui mdrmsap ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4387 | 32186 | ||
| 15084 | WEB-ACTIVEX Microsoft Common Controls Animation Object ActiveX clsid access (more info ...) | attempted-user | 2008-4255 | URL | ||
| 15086 | WEB-ACTIVEX Microsoft Common Controls Animation Object ActiveX function call access (more info ...) | attempted-user | 2008-4255 | URL | ||
| 15124 | NETBIOS Web-based NTLM replay attack attempt (more info ...) | attempted-user | 2000-0834 | URL | ||
| 15127 | NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15128 | NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15129 | NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15130 | NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15131 | NETBIOS SMB sp_replwritetovarbin vulnerable function andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15132 | NETBIOS SMB sp_replwritetovarbin vulnerable function attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15133 | NETBIOS SMB sp_replwritetovarbin vulnerable function unicode andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15134 | NETBIOS SMB sp_replwritetovarbin vulnerable function unicode attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15135 | NETBIOS-DG SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15136 | NETBIOS-DG SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15137 | NETBIOS-DG SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15138 | NETBIOS-DG SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15139 | NETBIOS-DG SMB sp_replwritetovarbin vulnerable function andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15140 | NETBIOS-DG SMB sp_replwritetovarbin vulnerable function attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15141 | NETBIOS-DG SMB sp_replwritetovarbin vulnerable function unicode andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15142 | NETBIOS-DG SMB sp_replwritetovarbin vulnerable function unicode attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15147 | WEB-CLIENT Microsoft IE malformed iframe buffer overflow attempt (more info ...) | attempted-user | 2004-1050 | |||
| 15148 | DOS Microsoft SMS remote control client message length denial of service attempt (more info ...) | attempted-dos | 2004-0728 | 10726 | ||
| 15173 | WEB-ACTIVEX Phoenician Casino ActiveX clsid access (more info ...) | attempted-user | 2008-5691 | 32901 | ||
| 15174 | WEB-ACTIVEX Phoenician Casino ActiveX clsid unicode access (more info ...) | attempted-user | 2008-5691 | 32901 | ||
| 15175 | WEB-ACTIVEX Phoenician Casino ActiveX function call access (more info ...) | attempted-user | 2008-5691 | 32901 | ||
| 15176 | WEB-ACTIVEX Phoenician Casino ActiveX function call unicode access (more info ...) | attempted-user | 2008-5691 | 32901 | ||
| 15177 | WEB-ACTIVEX Trend Micro HouseCall ActiveX clsid access (more info ...) | attempted-user | 2008-2435 | 32965 | ||
| 15178 | WEB-ACTIVEX Trend Micro HouseCall ActiveX clsid unicode access (more info ...) | attempted-user | 2008-2435 | 32965 | ||
| 15179 | WEB-ACTIVEX Trend Micro HouseCall ActiveX function call access (more info ...) | attempted-user | 2008-2435 | 32965 | ||
| 15180 | WEB-ACTIVEX Trend Micro HouseCall ActiveX function call unicode access (more info ...) | attempted-user | 2008-2435 | 32965 | ||
| 15181 | WEB-ACTIVEX SaschArt SasCam Webcam Server ActiveX clsid access (more info ...) | attempted-user | 33053 | |||
| 15182 | WEB-ACTIVEX SaschArt SasCam Webcam Server ActiveX clsid unicode access (more info ...) | attempted-user | 33053 | |||
| 15192 | WEB-ACTIVEX SizerOne ActiveX clsid access (more info ...) | attempted-user | 2008-4827 | 33148 | ||
| 15193 | WEB-ACTIVEX SizerOne ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4827 | 33148 | ||
| 15194 | WEB-ACTIVEX SizerOne ActiveX function call access (more info ...) | attempted-user | 2008-4827 | 33148 | ||
| 15195 | WEB-ACTIVEX SizerOne ActiveX function call unicode access (more info ...) | attempted-user | 2008-4827 | 33148 | ||
| 15196 | NETBIOS SMB NT Trans NT CREATE unicode param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15197 | NETBIOS-DG SMB NT Trans NT CREATE param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15198 | NETBIOS-DG SMB NT Trans NT CREATE unicode param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15199 | NETBIOS SMB NT Trans NT CREATE param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15200 | NETBIOS SMB NT Trans NT CREATE unicode andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15201 | NETBIOS-DG SMB NT Trans NT CREATE andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15202 | NETBIOS-DG SMB NT Trans NT CREATE unicode andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15203 | NETBIOS SMB NT Trans NT CREATE andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15204 | NETBIOS-DG SMB NT Trans NT CREATE unicode max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15205 | NETBIOS SMB NT Trans NT CREATE unicode max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15206 | NETBIOS SMB NT Trans NT CREATE max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15207 | NETBIOS-DG SMB NT Trans NT CREATE max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15208 | NETBIOS-DG SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15209 | NETBIOS SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15210 | NETBIOS SMB NT Trans NT CREATE andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15211 | NETBIOS-DG SMB NT Trans NT CREATE andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15212 | NETBIOS-DG SMB Trans2 OPEN2 max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15213 | NETBIOS SMB Trans2 OPEN2 unicode max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15214 | NETBIOS SMB Trans2 OPEN2 max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15215 | NETBIOS-DG SMB Trans2 OPEN2 unicode max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15216 | NETBIOS-DG SMB Trans2 OPEN2 andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15217 | NETBIOS SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15218 | NETBIOS SMB Trans2 OPEN2 andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15219 | NETBIOS-DG SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15220 | NETBIOS SMB Trans2 OPEN2 unicode param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15221 | NETBIOS SMB Trans2 OPEN2 param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15222 | NETBIOS-DG SMB Trans2 OPEN2 param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15223 | NETBIOS-DG SMB Trans2 OPEN2 unicode param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15224 | NETBIOS SMB Trans2 OPEN2 unicode andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15225 | NETBIOS SMB Trans2 OPEN2 andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15226 | NETBIOS-DG SMB Trans2 OPEN2 andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15227 | NETBIOS-DG SMB Trans2 OPEN2 unicode andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15228 | WEB-ACTIVEX Ciansoft PDFBuilderX ActiveX clsid access (more info ...) | attempted-user | 33233 | |||
| 15229 | WEB-ACTIVEX Ciansoft PDFBuilderX ActiveX clsid unicode access (more info ...) | attempted-user | 33233 | |||
| 15232 | WEB-ACTIVEX Easy Grid ActiveX clsid access (more info ...) | attempted-user | 33272 | |||
| 15233 | WEB-ACTIVEX Easy Grid ActiveX clsid unicode access (more info ...) | attempted-user | 33272 | |||
| 15234 | WEB-ACTIVEX Easy Grid ActiveX function call access (more info ...) | attempted-user | 33272 | |||
| 15235 | WEB-ACTIVEX Easy Grid ActiveX function call unicode access (more info ...) | attempted-user | 33272 | |||
| 15243 | WEB-ACTIVEX AXIS Camera ActiveX clsid access (more info ...) | attempted-user | 2008-5260 | 33408 | ||
| 15244 | WEB-ACTIVEX AXIS Camera ActiveX clsid unicode access (more info ...) | attempted-user | 2008-5260 | 33408 | ||
| 15245 | WEB-ACTIVEX AXIS Camera ActiveX function call access (more info ...) | attempted-user | 2008-5260 | 33408 | ||
| 15246 | WEB-ACTIVEX AXIS Camera ActiveX function call unicode access (more info ...) | attempted-user | 2008-5260 | 33408 | ||
| 15247 | WEB-ACTIVEX JamDTA ActiveX clsid access (more info ...) | attempted-user | 33345 | |||
| 15248 | WEB-ACTIVEX JamDTA ActiveX clsid unicode access (more info ...) | attempted-user | 33345 | |||
| 15249 | WEB-ACTIVEX SmartVMD ActiveX clsid access (more info ...) | attempted-user | 33349 | |||
| 15250 | WEB-ACTIVEX SmartVMD ActiveX clsid unicode access (more info ...) | attempted-user | 33349 | |||
| 15251 | WEB-ACTIVEX MetaProducts MetaTreeX ActiveX clsid access (more info ...) | attempted-user | 33318 | |||
| 15252 | WEB-ACTIVEX MetaProducts MetaTreeX ActiveX clsid unicode access (more info ...) | attempted-user | 33318 | |||
| 15253 | WEB-ACTIVEX MetaProducts MetaTreeX ActiveX function call access (more info ...) | attempted-user | 33318 | |||
| 15254 | WEB-ACTIVEX MetaProducts MetaTreeX ActiveX function call unicode access (more info ...) | attempted-user | 33318 | |||
| 15265 | WEB-ACTIVEX NCTAudioFile2 ActiveX function call unicode access (more info ...) | attempted-user | 2007-0018 | 33469 | URL | |
| 15266 | WEB-ACTIVEX MW6 Technologies Barcode ActiveX clsid access (more info ...) | attempted-user | 2009-0298 | 33451 | ||
| 15267 | WEB-ACTIVEX MW6 Technologies Barcode ActiveX clsid unicode access (more info ...) | attempted-user | 2009-0298 | 33451 | ||
| 15268 | WEB-ACTIVEX MW6 Technologies Barcode ActiveX function call access (more info ...) | attempted-user | 2009-0298 | 33451 | ||
| 15269 | WEB-ACTIVEX MW6 Technologies Barcode ActiveX function call unicode access (more info ...) | attempted-user | 2009-0298 | 33451 | ||
| 15270 | WEB-ACTIVEX MW6 Technologies PDF417 ActiveX clsid access (more info ...) | attempted-user | 2008-4926 | |||
| 15271 | WEB-ACTIVEX MW6 Technologies PDF417 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4926 | |||
| 15272 | WEB-ACTIVEX MW6 Technologies PDF417 ActiveX function call access (more info ...) | attempted-user | 2008-4926 | |||
| 15273 | WEB-ACTIVEX MW6 Technologies PDF417 ActiveX function call unicode access (more info ...) | attempted-user | 2008-4926 | |||
| 15274 | WEB-ACTIVEX MW6 Technologies DataMatrix ActiveX clsid access (more info ...) | attempted-user | 2008-4925 | |||
| 15275 | WEB-ACTIVEX MW6 Technologies DataMatrix ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4925 | |||
| 15276 | WEB-ACTIVEX MW6 Technologies DataMatrix ActiveX function call access (more info ...) | attempted-user | 2008-4925 | |||
| 15277 | WEB-ACTIVEX MW6 Technologies DataMatrix ActiveX function call unicode access (more info ...) | attempted-user | 2008-4925 | |||
| 15278 | WEB-ACTIVEX MW6 Technologies Aztec ActiveX clsid access (more info ...) | attempted-user | 2008-4923 | |||
| 15279 | WEB-ACTIVEX MW6 Technologies Aztec ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4923 | |||
| 15280 | WEB-ACTIVEX MW6 Technologies Aztec ActiveX function call access (more info ...) | attempted-user | 2008-4923 | |||
| 15281 | WEB-ACTIVEX MW6 Technologies Aztec ActiveX function call unicode access (more info ...) | attempted-user | 2008-4923 | |||
| 15284 | WEB-ACTIVEX NCTAudioGrabber2 ActiveX clsid access (more info ...) | attempted-user | 2008-0958 | URL | ||
| 15285 | WEB-ACTIVEX NCTAudioGrabber2 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0958 | URL | ||
| 15286 | WEB-ACTIVEX NCTAudioGrabber2 ActiveX function call access (more info ...) | attempted-user | 2008-0958 | URL | ||
| 15287 | WEB-ACTIVEX NCTAudioGrabber2 ActiveX function call unicode access (more info ...) | attempted-user | 2008-0958 | URL | ||
| 15288 | WEB-ACTIVEX NCTAudioInformation2 ActiveX clsid access (more info ...) | attempted-user | 2008-0959 | URL | ||
| 15289 | WEB-ACTIVEX NCTAudioInformation2 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0959 | URL | ||
| 15290 | WEB-ACTIVEX NCTAudioInformation2 ActiveX function call access (more info ...) | attempted-user | 2008-0959 | URL | ||
| 15291 | WEB-ACTIVEX NCTAudioInformation2 ActiveX function call unicode access (more info ...) | attempted-user | 2008-0959 | URL | ||
| 15307 | WEB-ACTIVEX Microsoft Animation Control ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 15308 | WEB-ACTIVEX Microsoft Animation Control ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 15309 | WEB-ACTIVEX Microsoft Animation Control ActiveX function call access (more info ...) | attempted-user | URL | |||
| 15310 | WEB-ACTIVEX Microsoft Animation Control ActiveX function call unicode access (more info ...) | attempted-user | URL | |||
| 15311 | WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid access (more info ...) | attempted-user | 2009-0305 | 33663 | URL | |
| 15312 | WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid unicode access (more info ...) | attempted-user | 2009-0305 | 33663 | URL | |
| 15313 | WEB-ACTIVEX Research In Motion AxLoader ActiveX function call access (more info ...) | attempted-user | 2009-0305 | 33663 | URL | |
| 15314 | WEB-ACTIVEX Research In Motion AxLoader ActiveX function call unicode access (more info ...) | attempted-user | 2009-0305 | 33663 | URL | |
| 15315 | WEB-ACTIVEX Akamai DownloadManager ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 15316 | WEB-ACTIVEX Akamai DownloadManager ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 15317 | WEB-ACTIVEX Akamai DownloadManager ActiveX function call access (more info ...) | attempted-user | URL | |||
| 15318 | WEB-ACTIVEX Akamai DownloadManager ActiveX function call unicode access (more info ...) | attempted-user | URL | |||
| 15330 | WEB-ACTIVEX Nokia Phoenix Service 1 ActiveX clsid access (more info ...) | attempted-user | 33726 | |||
| 15331 | WEB-ACTIVEX Nokia Phoenix Service 1 ActiveX clsid unicode access (more info ...) | attempted-user | 33726 | |||
| 15332 | WEB-ACTIVEX Nokia Phoenix Service 2 ActiveX clsid access (more info ...) | attempted-user | 33726 | |||
| 15333 | WEB-ACTIVEX Nokia Phoenix Service 2 ActiveX clsid unicode access (more info ...) | attempted-user | 33726 | |||
| 15346 | WEB-ACTIVEX Synactis ALL In-The-Box ActiveX clsid access (more info ...) | attempted-user | 2009-0465 | 33535 | ||
| 15347 | WEB-ACTIVEX Synactis ALL In-The-Box ActiveX clsid unicode access (more info ...) | attempted-user | 2009-0465 | 33535 | ||
| 15348 | WEB-ACTIVEX Synactis ALL In-The-Box ActiveX function call access (more info ...) | attempted-user | 2009-0465 | 33535 | ||
| 15349 | WEB-ACTIVEX Synactis ALL In-The-Box ActiveX function call unicode access (more info ...) | attempted-user | 2009-0465 | 33535 | ||
| 15350 | WEB-ACTIVEX Web on Windows ActiveX clsid access (more info ...) | attempted-user | 2009-0389 | 33515 | ||
| 15351 | WEB-ACTIVEX Web on Windows ActiveX clsid unicode access (more info ...) | attempted-user | 2009-0389 | 33515 | ||
| 15352 | WEB-ACTIVEX Web on Windows ActiveX function call access (more info ...) | attempted-user | 2009-0389 | 33515 | ||
| 15353 | WEB-ACTIVEX Web on Windows ActiveX function call unicode access (more info ...) | attempted-user | 2009-0389 | 33515 | ||
| 15372 | WEB-ACTIVEX iDefense COMRaider ActiveX clsid access (more info ...) | attempted-user | 33867 | |||
| 15373 | WEB-ACTIVEX iDefense COMRaider ActiveX clsid unicode access (more info ...) | attempted-user | 33867 | |||
| 15374 | WEB-ACTIVEX iDefense COMRaider ActiveX function call access (more info ...) | attempted-user | 33867 | |||
| 15375 | WEB-ACTIVEX iDefense COMRaider ActiveX function call unicode access (more info ...) | attempted-user | 33867 | |||
| 15376 | WEB-ACTIVEX Sopcast SopCore ActiveX clsid access (more info ...) | attempted-user | 33920 | |||
| 15377 | WEB-ACTIVEX Sopcast SopCore ActiveX clsid unicode access (more info ...) | attempted-user | 33920 | |||
| 15378 | WEB-ACTIVEX Sopcast SopCore ActiveX function call access (more info ...) | attempted-user | 33920 | |||
| 15379 | WEB-ACTIVEX Sopcast SopCore ActiveX function call unicode access (more info ...) | attempted-user | 33920 | |||
| 15380 | WEB-ACTIVEX HP Virtual Rooms v7 ActiveX clsid access (more info ...) | attempted-user | 2009-0208 | 33918 | ||
| 15381 | WEB-ACTIVEX HP Virtual Rooms v7 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-0208 | 33918 | ||
| 15387 | NETBIOS udp WINS WPAD registration attempt (more info ...) | misc-attack | 2009-0094 | URL | ||
| 15430 | WEB-CLIENT Microsoft EMF+ GpFont.SetData buffer overflow attempt (more info ...) | attempted-user | 2009-1217 | 34250 | ||
| 15453 | NETBIOS SMB replay attempt via NTLMSSP - overlapping encryption keys detected (more info ...) | attempted-user | 2000-0834 | URL | ||
| 15498 | WEB-CLIENT Microsoft PowerPoint CString atom overflow attempt (more info ...) | attempted-admin | 2009-1128 | URL | ||
| 15500 | WEB-CLIENT Microsoft PowerPoint LinkedSlide memory corruption (more info ...) | attempted-user | 2009-0221 | URL | ||
| 15501 | WEB-CLIENT Microsoft Powerpoint ParaBuildAtom memory corruption attempt (more info ...) | attempted-user | 2009-0224 | URL | ||
| 15502 | WEB-CLIENT Microsoft Powerpoint DiagramBuildContainer memory corruption attempt (more info ...) | attempted-user | 2009-0224 | URL | ||
| 15505 | WEB-CLIENT Microsoft PowerPoint HashCode10Atom memory corruption attempt (more info ...) | attempted-user | 2009-1130 | URL | ||
| 15506 | WEB-CLIENT Microsoft PowerPoint CurrentUserAtom remote code execution attempt (more info ...) | attempted-user | 2009-1131 | URL | ||
| 15512 | NETBIOS DCERPC NCACN-IP-TCP rpcss2 _RemoteGetClassObject attempt (more info ...) | protocol-command-decode | 2003-0605 | URL | ||
| 15513 | NETBIOS DCERPC NCADG-IP-UDP rpcss2 _RemoteGetClassObject attempt (more info ...) | protocol-command-decode | 2003-0605 | URL | ||
| 15526 | EXPLOIT Microsoft Works 4.x converter font name buffer overflow attempt (more info ...) | attempted-user | 2009-1533 | URL | ||
| 15527 | EXPLOIT Microsoft Active Directory LDAP denial of service attempt (more info ...) | attempted-admin | 2009-1138 | URL | ||
| 15528 | NETBIOS DCERPC NCACN-IP-TCP spoolss RpcSetPrinterDataEx attempt (more info ...) | protocol-command-decode | 2009-0230 | URL | ||
| 15540 | WEB-CLIENT Microsoft IE DOM memory corruption attempt (more info ...) | attempted-admin | 2009-1532 | URL | ||
| 15543 | WEB-ACTIVEX Microsoft Communications Control v6 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 15544 | WEB-ACTIVEX Microsoft Communications Control v6 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 15545 | WEB-ACTIVEX Microsoft Communications Control v6 ActiveX function call access (more info ...) | attempted-user | URL | |||
| 15546 | WEB-ACTIVEX Microsoft Communications Control v6 ActiveX function call unicode access (more info ...) | attempted-user | URL | |||
| 15547 | WEB-ACTIVEX eBay Picture Uploads control 1 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 15548 | WEB-ACTIVEX eBay Picture Uploads control 1 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 15549 | WEB-ACTIVEX eBay Picture Uploads control 1 ActiveX function call access (more info ...) | attempted-user | URL | |||
| 15550 | WEB-ACTIVEX eBay Picture Uploads control 1 ActiveX function call unicode access (more info ...) | attempted-user | URL | |||
| 15551 | WEB-ACTIVEX eBay Picture Uploads control 2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 15552 | WEB-ACTIVEX eBay Picture Uploads control 2 ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 15557 | WEB-ACTIVEX SAP AG SAPgui EnjoySAP ActiveX clsid access (more info ...) | attempted-user | 35256 | |||
| 15558 | WEB-ACTIVEX SAP AG SAPgui EnjoySAP ActiveX clsid unicode access (more info ...) | attempted-user | 35256 | |||
| 15588 | WEB-ACTIVEX Microsoft Video 1 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15589 | WEB-ACTIVEX Microsoft Video 1 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15590 | WEB-ACTIVEX Microsoft Video 10 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15591 | WEB-ACTIVEX Microsoft Video 10 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15592 | WEB-ACTIVEX Microsoft Video 11 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15593 | WEB-ACTIVEX Microsoft Video 11 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15594 | WEB-ACTIVEX Microsoft Video 12 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15595 | WEB-ACTIVEX Microsoft Video 12 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15596 | WEB-ACTIVEX Microsoft Video 13 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15597 | WEB-ACTIVEX Microsoft Video 13 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15598 | WEB-ACTIVEX Microsoft Video 14 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15599 | WEB-ACTIVEX Microsoft Video 14 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15600 | WEB-ACTIVEX Microsoft Video 15 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15601 | WEB-ACTIVEX Microsoft Video 15 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15602 | WEB-ACTIVEX Microsoft Video 16 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15603 | WEB-ACTIVEX Microsoft Video 16 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15604 | WEB-ACTIVEX Microsoft Video 17 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15605 | WEB-ACTIVEX Microsoft Video 17 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15606 | WEB-ACTIVEX Microsoft Video 18 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15607 | WEB-ACTIVEX Microsoft Video 18 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15608 | WEB-ACTIVEX Microsoft Video 19 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15609 | WEB-ACTIVEX Microsoft Video 19 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15610 | WEB-ACTIVEX Microsoft Video 2 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15611 | WEB-ACTIVEX Microsoft Video 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15612 | WEB-ACTIVEX Microsoft Video 20 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15613 | WEB-ACTIVEX Microsoft Video 20 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15614 | WEB-ACTIVEX Microsoft Video 21 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15615 | WEB-ACTIVEX Microsoft Video 21 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15616 | WEB-ACTIVEX Microsoft Video 22 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15617 | WEB-ACTIVEX Microsoft Video 22 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15618 | WEB-ACTIVEX Microsoft Video 23 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15619 | WEB-ACTIVEX Microsoft Video 23 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15620 | WEB-ACTIVEX Microsoft Video 24 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15621 | WEB-ACTIVEX Microsoft Video 24 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15622 | WEB-ACTIVEX Microsoft Video 25 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15623 | WEB-ACTIVEX Microsoft Video 25 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15624 | WEB-ACTIVEX Microsoft Video 26 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15625 | WEB-ACTIVEX Microsoft Video 26 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15626 | WEB-ACTIVEX Microsoft Video 27 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15627 | WEB-ACTIVEX Microsoft Video 27 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15628 | WEB-ACTIVEX Microsoft Video 28 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15629 | WEB-ACTIVEX Microsoft Video 28 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15630 | WEB-ACTIVEX Microsoft Video 29 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15631 | WEB-ACTIVEX Microsoft Video 29 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15632 | WEB-ACTIVEX Microsoft Video 3 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15633 | WEB-ACTIVEX Microsoft Video 3 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15634 | WEB-ACTIVEX Microsoft Video 30 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15635 | WEB-ACTIVEX Microsoft Video 30 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15636 | WEB-ACTIVEX Microsoft Video 31 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15637 | WEB-ACTIVEX Microsoft Video 31 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15638 | WEB-ACTIVEX Microsoft Video 32 ActiveX clsid access (more info ...) | attempted-user | 2009-2494 | URL | ||
| 15639 | WEB-ACTIVEX Microsoft Video 32 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-2494 | URL | ||
| 15640 | WEB-ACTIVEX Microsoft Video 33 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15641 | WEB-ACTIVEX Microsoft Video 33 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15642 | WEB-ACTIVEX Microsoft Video 34 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15643 | WEB-ACTIVEX Microsoft Video 34 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15644 | WEB-ACTIVEX Microsoft Video 35 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15645 | WEB-ACTIVEX Microsoft Video 35 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15646 | WEB-ACTIVEX Microsoft Video 36 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15647 | WEB-ACTIVEX Microsoft Video 36 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15648 | WEB-ACTIVEX Microsoft Video 37 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15649 | WEB-ACTIVEX Microsoft Video 37 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15650 | WEB-ACTIVEX Microsoft Video 38 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15651 | WEB-ACTIVEX Microsoft Video 38 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15652 | WEB-ACTIVEX Microsoft Video 39 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15653 | WEB-ACTIVEX Microsoft Video 39 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15654 | WEB-ACTIVEX Microsoft Video 4 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15655 | WEB-ACTIVEX Microsoft Video 4 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15656 | WEB-ACTIVEX Microsoft Video 40 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15657 | WEB-ACTIVEX Microsoft Video 40 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15658 | WEB-ACTIVEX Microsoft Video 41 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15659 | WEB-ACTIVEX Microsoft Video 41 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15660 | WEB-ACTIVEX Microsoft Video 42 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15661 | WEB-ACTIVEX Microsoft Video 42 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15662 | WEB-ACTIVEX Microsoft Video 43 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15663 | WEB-ACTIVEX Microsoft Video 43 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15664 | WEB-ACTIVEX Microsoft Video 44 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15665 | WEB-ACTIVEX Microsoft Video 44 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15666 | WEB-ACTIVEX Microsoft Video 45 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15667 | WEB-ACTIVEX Microsoft Video 45 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15668 | WEB-ACTIVEX Microsoft Video 5 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15669 | WEB-ACTIVEX Microsoft Video 5 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15670 | WEB-ACTIVEX Microsoft Video 6 ActiveX clsid access (more info ...) | attempted-user | 2009-0901 | 35558 | URL | |
| 15671 | WEB-ACTIVEX Microsoft Video 6 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-0901 | 35558 | URL | |
| 15672 | WEB-ACTIVEX Microsoft Video 7 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15674 | WEB-ACTIVEX Microsoft Video 8 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15675 | WEB-ACTIVEX Microsoft Video 8 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15676 | WEB-ACTIVEX Microsoft Video 9 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15677 | WEB-ACTIVEX Microsoft Video 9 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15701 | SPECIFIC-THREATS Microsoft Windows 2000 domain authentication bypass attempt (more info ...) | attempted-user | 2004-0540 | |||
| 15702 | NETBIOS DCERPC NCACN-IP-TCP brightstor opcode 0x13 overflow attempt (more info ...) | attempted-dos | 2009-1761 | 35396 | ||
| 15710 | NETBIOS DCERPC NCACN-IP-TCP brightstor opcode 0x3B null strings attempt (more info ...) | attempted-dos | 2009-1761 | 35396 | ||
| 15847 | NETBIOS Telnet-based NTLM replay attack attempt (more info ...) | attempted-user | 2000-0834 | URL | ||
| 15848 | EXPLOIT WINS replication request memory corruption attempt (more info ...) | attempted-admin | 2009-1923 | URL | ||
| 15849 | EXPLOIT WINS replication inform2 request memory corruption attempt (more info ...) | attempted-admin | 2009-1924 | URL | ||
| 15851 | DOS Microsoft ASP.NET bad request denial of service attempt (more info ...) | attempted-dos | 2009-1536 | URL | ||
| 15854 | WEB-CLIENT Microsoft Windows AVIFile media file processing memory corruption attempt (more info ...) | attempted-user | 2009-1546 | 35970 | URL | |
| 15857 | WEB-CLIENT Microsoft Windows AVIFile media file invalid header length (more info ...) | attempted-user | 2009-1546 | URL | ||
| 15860 | NETBIOS DCERPC NCACN-IP-TCP wkssvc NetrGetJoinInformation attempt (more info ...) | protocol-command-decode | 2009-1544 | URL | ||
| 15861 | WEB-ACTIVEX Microsoft Remote Desktop Client ActiveX clsid access (more info ...) | attempted-user | 2009-1929 | URL | ||
| 15863 | WEB-ACTIVEX Microsoft Remote Desktop Client ActiveX function call access (more info ...) | attempted-user | 2009-1929 | URL | ||
| 15878 | WEB-ACTIVEX AcerCtrls.APlunch ActiveX clsid access (more info ...) | attempted-user | 2009-2627 | URL | ||
| 15879 | WEB-ACTIVEX AcerCtrls.APlunch ActiveX clsid unicode access (more info ...) | attempted-user | 2009-2627 | URL | ||
| 15894 | SPECIFIC-THREATS Microsoft Color Management Module remote code execution attempt (more info ...) | attempted-admin | 2005-1219 | URL | ||
| 15904 | WEB-ACTIVEX Microsoft Video 6 ActiveX function call access (more info ...) | attempted-user | 2009-0901 | 35558 | URL | |
| 15905 | WEB-ACTIVEX Microsoft Video 6 ActiveX function call unicode access (more info ...) | attempted-user | 2009-0901 | 35558 | URL | |
| 15920 | WEB-CLIENT Microsoft mp3 malformed APIC header RCE attempt (more info ...) | attempted-user | 2009-2499 | URL | ||
| 15921 | WEB-CLIENT Microsoft media format file download request (more info ...) | misc-activity | ||||
| 15923 | WEB-ACTIVEX DHTML Editing ActiveX clsid unicode access (more info ...) | attempted-user | 2009-2519 | 1474 | URL | |
| 15924 | WEB-ACTIVEX DHTML Editing ActiveX function call access (more info ...) | attempted-user | 2009-2519 | 1474 | URL | |
| 15925 | WEB-ACTIVEX DHTML Editing ActiveX function call unicode access (more info ...) | attempted-user | 2009-2519 | 1474 | URL | |
| 15926 | WEB-ACTIVEX PPStream PPSMediaList ActiveX clsid access (more info ...) | attempted-user | 36234 | |||
| 15927 | WEB-ACTIVEX PPStream PPSMediaList ActiveX clsid unicode access (more info ...) | attempted-user | 36234 | |||
| 15928 | WEB-ACTIVEX PPStream PPSMediaList ActiveX function call access (more info ...) | attempted-user | 36234 | |||
| 15929 | WEB-ACTIVEX PPStream PPSMediaList ActiveX function call unicode access (more info ...) | attempted-user | 36234 | |||
| 15930 | NETBIOS Microsoft Windows SMB malformed process ID high field remote code execution attempt (more info ...) | attempted-dos | 2009-3103 | URL | ||
| 15944 | SPECIFIC-THREATS Microsoft Windows Active Directory crafted LDAP request denial of service attempt (more info ...) | attempted-dos | 2007-3028 | 24796 | ||
| 15946 | WEB-CLIENT Microsoft Windows Vista Feed Headlines Gagdet code execution attempt (more info ...) | attempted-user | 2007-3033 | 25287 | ||
| 15959 | DOS Microsoft ASP.NET viewstate DoS attempt (more info ...) | attempted-dos | 2005-1665 | URL | ||
| 15965 | SPECIFIC-THREATS Microsoft Explorer long share name buffer overflow attempt (more info ...) | attempted-user | 2004-0214 | 10213 | ||
| 15985 | SPECIFIC-THREATS Microsoft ASP.NET canonicalization exploit attempt (more info ...) | attempted-user | 2004-0847 | 11342 | ||
| 15996 | SPECIFIC-THREATS Microsoft Negotiate SSP buffer overflow attempt (more info ...) | attempted-admin | 2004-0119 | 10113 | ||
| 16048 | WEB-CLIENT Microsoft ASP.NET application folder info disclosure attempt (more info ...) | attempted-recon | 2006-1300 | 18920 | ||
| 16051 | SPECIFIC-THREATS Microsoft Publisher 2007 conversion library code execution attempt (more info ...) | attempted-user | 2007-1754 | 22702 | ||
| 16068 | SPECIFIC-THREATS Yahoo Music Jukebox ActiveX exploit (more info ...) | attempted-user | 2008-0625 | 27579 | ||
| 16089 | SPECIFIC-THREATS Microsoft Windows embedded web font handling buffer overflow attempt (more info ...) | attempted-user | 2006-0010 | 16194 | ||
| 16090 | SPECIFIC-THREATS Microsoft Core XML core services XMLHTTP control open method code execution attempt (more info ...) | attempted-user | 2006-5745 | 20915 | ||
| 16143 | WEB-CLIENT Microsoft asf file download (more info ...) | misc-activity | ||||
| 16167 | DOS Microsoft LSASS integer wrap denial of service attempt (more info ...) | attempted-dos | 2009-2524 | URL | ||
| 16168 | DOS Microsoft SMBv2 integer overflow denial of service attempt (more info ...) | attempted-admin | 2009-2526 | URL | ||
| 16179 | EXPLOIT Microsoft .NET MSIL CLR interface multiple instantiation attempt (more info ...) | attempted-user | 2009-2497 | URL | ||
| 16182 | EXPLOIT Microsoft .NET MSIL stack corruption attempt (more info ...) | attempted-user | 2009-0090 | URL | ||
| 16183 | WEB-CLIENT Microsoft .NET MSIL CombineImpl suspicious usage (more info ...) | attempted-user | 2009-0091 | URL | ||
| 16184 | EXPLOIT Microsoft GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | URL | ||
| 16185 | EXPLOIT Microsoft GDI+ compressed TIFF file parsing remote code execution attempt (more info ...) | attempted-user | 2009-2503 | URL | ||
| 16186 | WEB-CLIENT Microsoft GDI+ interlaced PNG file parsing heap overflow attempt (more info ...) | attempted-user | 2009-3126 | URL | ||
| 16188 | WEB-CLIENT Microsoft Powerpoint bad text header txttype attempt (more info ...) | attempted-user | 2006-0022 | URL | ||
| 16237 | DOS Microsoft Active Directory NTDSA stack space exhaustion attempt (more info ...) | attempted-dos | 2009-1928 | URL | ||
| 16238 | NETBIOS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (more info ...) | attempted-admin | 2009-2523 | URL | ||
| 16239 | NETBIOS DCERPC NCADG-IP-UDP llsrpc2 LlsrLicenseRequestW overflow attempt (more info ...) | attempted-admin | 2009-2523 | URL | ||
| 16285 | RPC AIX ttdbserv function 15 buffer overflow attempt (more info ...) | attempted-admin | 2009-2727 | 35419 | URL | |
| 16305 | WEB-ACTIVEX Symantec Altiris Deployment Solution ActiveX clsid access (more info ...) | attempted-user | 2009-3033 | 37092 | ||
| 16306 | WEB-ACTIVEX Symantec Altiris Deployment Solution ActiveX clsid unicode access (more info ...) | attempted-user | 2009-3033 | 37092 | ||
| 16307 | WEB-ACTIVEX Symantec Altiris Deployment Solution ActiveX function call access (more info ...) | attempted-user | 2009-3033 | 37092 | ||
| 16308 | WEB-ACTIVEX Symantec Altiris Deployment Solution ActiveX function call unicode access (more info ...) | attempted-user | 2009-3033 | 37092 | ||
| 16327 | EXPLOIT Microsoft Windows GDIplus TIFF RLE compressed data buffer overflow attempt (more info ...) | attempted-user | 2009-2503 | URL | ||
| 16329 | EXPLOIT Microsoft Internet Authentication Service EAP-MSCHAPv2 authentication bypass attempt (more info ...) | attempted-user | 2009-3677 | URL | ||
| 16340 | SPECIFIC-THREATS DHTML Editing ActiveX clsid access (more info ...) | attempted-user | 2003-0228 | 7517 | 11595 | URL |
| 16342 | WEB-CLIENT Microsoft Windows AVIFile truncated media file processing memory corruption attempt (more info ...) | attempted-user | 2009-1546 | 35970 | URL | |
| 16366 | EXPLOIT Microsoft embedded OpenType font engine LZX decompression buffer overflow attempt (more info ...) | attempted-admin | 2010-0018 | URL | ||
| 16379 | WEB-ACTIVEX SAP AG SAPgui sapirrfc ActiveX clsid access (more info ...) | attempted-user | 35256 | URL | ||
| 16380 | WEB-ACTIVEX SAP AG SAPgui sapirrfc ActiveX clsid unicode access (more info ...) | attempted-user | 35256 | URL | ||
| 16395 | NETBIOS SMB COPY command oversized pathname attempt (more info ...) | attempted-admin | 2010-0020 | URL | ||
| 16396 | NETBIOS SMB server srvnet.sys driver race condition attempt (more info ...) | attempted-dos | 2010-0021 | URL | ||
| 16409 | WEB-CLIENT Microsoft PowerPoint improper filename remote code execution attempt (more info ...) | attempted-user | 2010-0029 | URL | ||
| 16410 | WEB-CLIENT Microsoft PowerPoint file LinkedSlide10Atom record parsing heap corruption attempt (more info ...) | attempted-user | 2010-0030 | URL | ||
| 16411 | WEB-CLIENT Microsoft PowerPoint out of bounds value remote code execution attempt (more info ...) | attempted-user | 2010-0031 | URL | ||
| 16412 | WEB-CLIENT Microsoft PowerPoint invalid TextByteAtom remote code execution attempt (more info ...) | attempted-user | 2010-0033 | URL | ||
| 16415 | WEB-CLIENT Microsoft DirectShow memory corruption attempt (more info ...) | attempted-user | 2010-0250 | URL | ||
| 16417 | NETBIOS SMB Negotiate Protocol Response overflow attempt (more info ...) | attempted-admin | 2010-0016 | URL | ||
| 16419 | WEB-ACTIVEX Microsoft Data Analyzer 3.5 ActiveX clsid access (more info ...) | attempted-user | 2010-0252 | URL | ||
| 16421 | EXPLOIT Microsoft PowerPoint out of bounds value remote code execution attempt (more info ...) | attempted-user | 2010-0032 | URL | ||
| 16424 | WEB-ACTIVEX Windows Script Host Shell Object ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 16432 | WEB-ACTIVEX Trend Micro Web Deployment ActiveX clsid access (more info ...) | attempted-user | 2008-3364 | 30407 | ||
| 16472 | WEB-CLIENT Microsoft Windows Movie Maker project file heap buffer overflow attempt (more info ...) | attempted-user | 2010-0265 | URL | ||
| 16473 | WEB-CLIENT Microsoft Windows Movie Maker project file download request (more info ...) | misc-activity | ||||
| 16474 | WEB-CLIENT Microsoft Compound File Binary v3 file download (more info ...) | misc-activity | ||||
| 16475 | WEB-CLIENT Microsoft Compound File Binary v4 file download (more info ...) | misc-activity | ||||
| 16476 | WEB-CLIENT Microsoft .MSProducer file download request (more info ...) | misc-activity | ||||
| 16477 | WEB-CLIENT Microsoft .MSProducerZ file download request (more info ...) | misc-activity | ||||
| 16478 | WEB-CLIENT Microsoft .MSProducerBF file download request (more info ...) | misc-activity | ||||
| 16505 | EXPLOIT Microsoft IE HTML parsing memory corruption attempt (more info ...) | attempted-user | 2010-0489 | URL | ||
| 16510 | WEB-ACTIVEX Microsoft Tabular Control ActiveX overflow by CLSID (more info ...) | attempted-user | 2010-0805 | URL | ||
| 16511 | WEB-ACTIVEX Microsoft Tabular Control ActiveX overflow by ProgID (more info ...) | attempted-user | 2010-0805 | URL | ||
| 16532 | NETBIOS SMB client TRANS response ring0 remote code execution attempt (more info ...) | attempted-admin | 2010-0476 | URL | ||
| 16535 | EXPLOIT Microsoft Viso improper attribute code execution attempt (more info ...) | attempted-user | 2010-0254 | URL | ||
| 16536 | EXPLOIT Microsoft Viso off-by-one in array index code execution attempt (more info ...) | attempted-user | 2010-0256 | URL | ||
| 16538 | NETBIOS NT QUERY SECURITY DESC flowbit (more info ...) | misc-activity | ||||
| 16539 | NETBIOS SMBv1 BytesNeeded ring0 buffer overflow attempt (more info ...) | attempted-admin | 2010-0269 | URL | ||
| 16542 | EXPLOIT Microsoft Publisher 2007 and earlier stack buffer overflow attempt (more info ...) | attempted-user | 2010-0479 | URL | ||
| 16559 | WEB-ACTIVEX Microsoft Tabular Control ActiveX overflow by CLSID / param tag (more info ...) | attempted-user | 2010-0805 | URL | ||
| 16560 | WEB-MISC Microsoft Sharepoint XSS attempt (more info ...) | attempted-user | 2010-0817 | URL | ||
| 16566 | WEB-ACTIVEX Tumbleweed SecureTransport ActiveX clsid access (more info ...) | attempted-user | ||||
| 16567 | WEB-ACTIVEX Tumbleweed SecureTransport ActiveX clsid unicode access (more info ...) | attempted-user | ||||
| 16568 | WEB-ACTIVEX Altnet Download Manager ADM4 ActiveX clsid access (more info ...) | attempted-user | 2007-5217 | 25903 | ||
| 16569 | WEB-ACTIVEX EnjoySAP kweditcontrol ActiveX clsid access (more info ...) | attempted-user | 2007-3605 | 24772 | ||
| 16570 | WEB-ACTIVEX EnjoySAP kweditcontrol ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3605 | 24772 | ||
| 16571 | WEB-ACTIVEX EnjoySAP kweditcontrol ActiveX function call access (more info ...) | attempted-user | 2007-3605 | 24772 | ||
| 16572 | WEB-ACTIVEX EnjoySAP kweditcontrol ActiveX function call unicode access (more info ...) | attempted-user | 2007-3605 | 24772 | ||
| 16573 | WEB-ACTIVEX obfuscated ActiveX object instantiation via unescape (more info ...) | attempted-user | URL | |||
| 16574 | WEB-ACTIVEX obfuscated ActiveX object instantiation via fromCharCode (more info ...) | attempted-user | URL | |||
| 16575 | SPECIFIC-THREATS RKD Software BarCode ActiveX buffer overflow attempt (more info ...) | attempted-user | 2007-3435 | 24596 | ||
| 16577 | NETBIOS Microsoft Windows SMBv2 compound request DoS attempt (more info ...) | attempted-dos | 2010-2552 | URL | ||
| 16580 | SPECIFIC-THREATS NCTAudioFile2 ActiveX clsid access via object tag (more info ...) | attempted-user | 2007-0018 | 33469 | ||
| 16588 | SPECIFIC-THREATS iseemedia LPViewer ActiveX exploit attempt (more info ...) | attempted-user | 2008-4384 | 31604 | ||
| 16589 | SPECIFIC-THREATS iseemedia LPViewer ActiveX buffer overflows attempt (more info ...) | attempted-user | 2008-4384 | 31604 | ||
| 16590 | SPECIFIC-THREATS EasyMail Objects ActiveX exploit attempt - 1 (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 16591 | SPECIFIC-THREATS EasyMail Objects ActiveX exploit attempt - 2 (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 16593 | WEB-CLIENT Microsoft VBE6.dll stack corruption attempt (more info ...) | attempted-user | 2010-0815 | URL | ||
| 16599 | SPECIFIC-THREATS AtHocGov IWSAlerts ActiveX control buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 16608 | SPECIFIC-THREATS HP Mercury Quality Center SPIDERLib ActiveX buffer overflow attempt (more info ...) | attempted-user | 2007-1819 | 23239 | URL | |
| 16610 | SPECIFIC-THREATS IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (more info ...) | attempted-user | 2009-0215 | 34228 | ||
| 16665 | WEB-CLIENT Microsoft Windows Help Centre escape sequence XSS attempt (more info ...) | attempted-user | 2010-1885 | 40725 | URL | |
| 16672 | SPECIFIC-THREATS Symantec Backup Exec ActiveX control buffer overflow attempt (more info ...) | attempted-user | 2007-6016 | 26904 | ||
| 16675 | SPECIFIC-THREATS CA BrightStor ListCtrl ActiveX exploit attempt (more info ...) | attempted-user | 2008-1472 | 28268 | ||
| 16679 | WEB-MISC Microsoft Windows GDIplus integer overflow attempt (more info ...) | misc-activity | 2009-1217 | 34250 | ||
| 16687 | WEB-ACTIVEX Juniper Networks SSL-VPN Client JuniperSetup ActiveX control buffer overflow attempt (more info ...) | attempted-user | 2006-2086 | 17712 | ||
| 16699 | RPC Linux Kernel nfsd v2 udp CAP_MKNOD security bypass attempt (more info ...) | misc-attack | 2009-1072 | 34205 | ||
| 16700 | RPC Linux Kernel nfsd v2 tcp CAP_MKNOD security bypass attempt (more info ...) | misc-attack | 2009-1072 | 34205 | ||
| 16701 | RPC Linux Kernel nfsd v3 udp CAP_MKNOD security bypass attempt (more info ...) | misc-attack | 2009-1072 | 34205 | ||
| 16702 | RPC Linux Kernel nfsd v3 tcp CAP_MKNOD security bypass attempt (more info ...) | misc-attack | 2009-1072 | 34205 | ||
| 16704 | SPECIFIC-THREATS CA eTrust PestPatrol 'ppctl.dll' ActiveX Initialize method overflow attempt (more info ...) | attempted-user | 2009-4225 | 37133 | ||
| 16705 | RPC Sun Solaris sadmind UDP array size buffer overflow attempt (more info ...) | attempted-admin | 2008-3869 | 35083 | ||
| 16706 | RPC Sun Solaris sadmind TCP array size buffer overflow attempt (more info ...) | attempted-admin | 2008-3869 | 35083 | ||
| 16711 | SPECIFIC-THREATS E-Book Systems FlipViewer FlipViewerX.dll ActiveX multiple buffer overflow attempt (more info ...) | attempted-user | 2007-2919 | 24328 | ||
| 16714 | SPECIFIC-THREATS SoftArtisans XFile FileManager ActiveX Control buffer overflow attempt (more info ...) | attempted-user | 2007-1682 | 30826 | URL | |
| 16715 | SPECIFIC-THREATS SaschArt SasCam Webcam Server ActiveX control exploit attempt (more info ...) | attempted-user | 2008-6898 | 33053 | ||
| 16728 | NETBIOS Samba SMB1 chain_reply function memory corruption attempt (more info ...) | attempted-admin | 2010-2063 | 40884 | ||
| 16729 | SPECIFIC-THREATS McAfee Remediation client ActiveX control buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 16740 | SPECIFIC-THREATS Microsoft Works WkImgSrv.dll ActiveX control code execution attempt (more info ...) | attempted-user | 2008-1898 | 28820 | ||
| 16741 | SPECIFIC-THREATS Microsoft Works WkImgSrv.dll ActiveX control exploit attempt (more info ...) | attempted-user | 2008-1898 | 28820 | ||
| 16745 | SPECIFIC-THREATS DjVu ActiveX control ImageURL property overflow attempt (more info ...) | attempted-user | 2008-4922 | 31987 | ||
| 16746 | WEB-ACTIVEX IBM Access Support ActiveX clsid access (more info ...) | attempted-user | 2009-0215 | 34228 | ||
| 16747 | WEB-ACTIVEX IBM Access Support ActiveX clsid unicode access (more info ...) | attempted-user | 2009-0215 | 34228 | ||
| 16748 | WEB-ACTIVEX IBM Access Support ActiveX function call access (more info ...) | attempted-user | 2009-0215 | 34228 | ||
| 16749 | WEB-ACTIVEX IBM Access Support ActiveX function call unicode access (more info ...) | attempted-user | 2009-0215 | 34228 | ||
| 16754 | NETBIOS SMB /PlughNTCommand andx create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16755 | NETBIOS SMB /PlughNTCommand create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16756 | NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16757 | NETBIOS SMB /PlughNTCommand unicode create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16758 | NETBIOS-DG SMB /PlughNTCommand andx create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16759 | NETBIOS-DG SMB /PlughNTCommand create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16760 | NETBIOS-DG SMB /PlughNTCommand unicode andx create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16761 | NETBIOS-DG SMB /PlughNTCommand unicode create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16762 | NETBIOS SMB Timbuktu Pro overflow WriteAndX andx attempt (more info ...) | attempted-admin | 2009-1394 | |||
| 16763 | NETBIOS SMB Timbuktu Pro overflow WriteAndX attempt (more info ...) | attempted-admin | 2009-1394 | |||
| 16764 | NETBIOS SMB Timbuktu Pro overflow WriteAndX unicode andx attempt (more info ...) | attempted-admin | 2009-1394 | |||
| 16765 | NETBIOS SMB Timbuktu Pro overflow WriteAndX unicode attempt (more info ...) | attempted-admin | 2009-1394 | |||
| 16766 | NETBIOS SMB Timbuktu Pro overflow andx attempt (more info ...) | attempted-admin | 2009-1394 | |||
| 16767 | WEB-ACTIVEX AwingSoft Web3D Player ActiveX clsid access (more info ...) | attempted-user | 2009-4850 | |||
| 16768 | WEB-ACTIVEX AwingSoft Web3D Player ActiveX clsid unicode access (more info ...) | attempted-user | 2009-4850 | |||
| 16769 | WEB-ACTIVEX AwingSoft Web3D Player ActiveX function call access (more info ...) | attempted-user | 2009-4850 | |||
| 16770 | WEB-ACTIVEX AwingSoft Web3D Player ActiveX function call unicode access (more info ...) | attempted-user | 2009-4850 | |||
| 16771 | SPECIFIC-THREATS AwingSoft Web3D Player WindsPlayerIE.View.1 ActiveX SceneURL method overflow attempt (more info ...) | attempted-user | 2009-4588 | |||
| 16772 | WEB-ACTIVEX EMC Captiva QuickScan Pro ActiveX clsid access (more info ...) | attempted-user | 36546 | |||
| 16773 | WEB-ACTIVEX EMC Captiva QuickScan Pro ActiveX clsid unicode access (more info ...) | attempted-user | 36546 | |||
| 16774 | WEB-ACTIVEX EMC Captiva QuickScan Pro ActiveX function call access (more info ...) | attempted-user | 36546 | |||
| 16775 | WEB-ACTIVEX EMC Captiva QuickScan Pro ActiveX function call unicode access (more info ...) | attempted-user | 36546 | |||
| 16776 | SPECIFIC-THREATS KeyWorks KeyHelp 'keyhelp.ocx' ActiveX control multiple method overflow attempt (more info ...) | attempted-user | 36546 | URL | ||
| 16783 | WEB-ACTIVEX Autodesk iDrop ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 16784 | WEB-ACTIVEX Autodesk iDrop ActiveX function call access (more info ...) | attempted-user | URL | |||
| 16789 | SPECIFIC-THREATS Chilkat Crypt 2 ActiveX WriteFile method arbitrary file overwrite attempt - 1 (more info ...) | attempted-user | 2008-5002 | 32073 | ||
| 16790 | SPECIFIC-THREATS Chilkat Crypt 2 ActiveX WriteFile method arbitrary file overwrite attempt - 2 (more info ...) | attempted-user | 2008-5002 | 32073 | ||
| 16791 | WEB-ACTIVEX SAP AG SAPgui EAI WebViewer3D ActiveX clsid access (more info ...) | attempted-user | 2007-4475 | 34310 | ||
| 16792 | WEB-ACTIVEX SAP AG SAPgui EAI WebViewer3D ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4475 | 34310 | ||
| 16793 | WEB-ACTIVEX SAP AG SAPgui EAI WebViewer3D ActiveX function call access (more info ...) | attempted-user | 2007-4475 | 34310 | ||
| 16794 | WEB-ACTIVEX SAP AG SAPgui EAI WebViewer3D ActiveX function call unicode access (more info ...) | attempted-user | 2007-4475 | 34310 | ||
| 16796 | RPC Sun Solaris sadmind UDP data length integer overflow attempt (more info ...) | attempted-admin | 2008-3870 | 35083 | ||
| 16797 | RPC Sun Solaris sadmind TCP data length integer overflow attempt (more info ...) | attempted-admin | 2008-3870 | 35083 | ||
| 16802 | WEB-ACTIVEX WinDVD IASystemInfo.dll ActiveX clsid access (more info ...) | attempted-user | 2007-0348 | 23071 | ||
| 16803 | WEB-ACTIVEX WinDVD IASystemInfo.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0348 | 23071 | ||
| 17037 | WEB-ACTIVEX MS Access multiple control instantiation memory corruption attempt (more info ...) | attempted-user | 2010-0814 | URL | ||
| 17038 | EXPLOIT Microsoft Access ACCWIZ library release after free attempt - 1 (more info ...) | attempted-user | 2010-1881 | URL | ||
| 17039 | EXPLOIT Microsoft Access ACCWIZ library release after free attempt - 2 (more info ...) | attempted-user | 2010-1881 | URL | ||
| 17042 | WEB-CLIENT Microsoft LNK shortcut download attempt (more info ...) | attempted-user | 2010-2568 | URL | ||
| 17043 | WEB-CLIENT Microsoft PIF shortcut download attempt (more info ...) | attempted-user | 2010-2568 | URL | ||
| 17051 | WEB-ACTIVEX Symantec AppStream Client LaunchObj ActiveX clsid access (more info ...) | attempted-user | 2008-4388 | 33247 | ||
| 17052 | WEB-ACTIVEX Symantec AppStream Client LaunchObj ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4388 | 33247 | ||
| 17053 | WEB-ACTIVEX Symantec AppStream Client LaunchObj ActiveX function call access (more info ...) | attempted-user | 2008-4388 | 33247 | ||
| 17054 | WEB-ACTIVEX Symantec AppStream Client LaunchObj ActiveX function call unicode access (more info ...) | attempted-user | 2008-4388 | 33247 | ||
| 17056 | SPECIFIC-THREATS Novell NetIdentity Agent XTIERRPCPIPE remote code execution attempt (more info ...) | attempted-admin | 2009-1350 | 34400 | ||
| 17060 | SPECIFIC-THREATS Roxio CinePlayer SonicDVDDashVRNav.dll ActiveX control buffer overflow attempt (more info ...) | attempted-user | 2007-1559 | 23412 | ||
| 17061 | WEB-ACTIVEX Symantec Norton Personal Firewall 2004 ActiveX clsid access (more info ...) | attempted-user | 2007-1689 | 23936 | ||
| 17062 | WEB-ACTIVEX Symantec Norton Personal Firewall 2004 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1689 | 23936 | ||
| 17063 | WEB-ACTIVEX Logitech Video Call 1 ActiveX clsid access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17064 | WEB-ACTIVEX Logitech Video Call 1 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17065 | WEB-ACTIVEX Logitech Video Call 2 ActiveX clsid access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17066 | WEB-ACTIVEX Logitech Video Call 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17067 | WEB-ACTIVEX Logitech Video Call 3 ActiveX clsid access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17068 | WEB-ACTIVEX Logitech Video Call 3 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17069 | WEB-ACTIVEX Logitech Video Call 4 ActiveX clsid access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17070 | WEB-ACTIVEX Logitech Video Call 4 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17071 | WEB-ACTIVEX Logitech Video Call 5 ActiveX clsid access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17072 | WEB-ACTIVEX Logitech Video Call 5 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17073 | WEB-ACTIVEX Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX clsid access (more info ...) | attempted-user | 2007-5107 | 25785 | ||
| 17074 | WEB-ACTIVEX Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5107 | 25785 | ||
| 17075 | WEB-ACTIVEX Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX function call access (more info ...) | attempted-user | 2007-5107 | 25785 | ||
| 17076 | WEB-ACTIVEX Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX function call unicode access (more info ...) | attempted-user | 2007-5107 | 25785 | ||
| 17077 | SPECIFIC-THREATS Ask Toolbar AskJeevesToolBar.SettingsPlugin.1 ActiveX control buffer overflow attempt (more info ...) | attempted-user | 2007-5107 | 25785 | ||
| 17078 | WEB-ACTIVEX GOM Player GomWeb ActiveX clsid access (more info ...) | attempted-user | 2007-5779 | 26236 | ||
| 17079 | WEB-ACTIVEX GOM Player GomWeb ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5779 | 26236 | ||
| 17080 | WEB-ACTIVEX GOM Player GomWeb ActiveX function call access (more info ...) | attempted-user | 2007-5779 | 26236 | ||
| 17081 | WEB-ACTIVEX GOM Player GomWeb ActiveX function call unicode access (more info ...) | attempted-user | 2007-5779 | 26236 | ||
| 17082 | WEB-ACTIVEX SonicWALL SSL-VPN NeLaunchCtrl ActiveX clsid access (more info ...) | attempted-user | 2007-5603 | 26288 | ||
| 17083 | WEB-ACTIVEX SonicWALL SSL-VPN NeLaunchCtrl ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5603 | 26288 | ||
| 17084 | WEB-ACTIVEX Creative Software AutoUpdate Engine ActiveX clsid access (more info ...) | attempted-user | 2008-0955 | 29391 | ||
| 17085 | WEB-ACTIVEX Creative Software AutoUpdate Engine ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0955 | 29391 | ||
| 17086 | SPECIFIC-THREATS Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX control buffer overflow attempt (more info ...) | attempted-user | 2008-0955 | 29391 | ||
| 17087 | WEB-ACTIVEX VeryDOC PDF Viewer ActiveX clsid access (more info ...) | attempted-user | 2008-5492 | 32313 | ||
| 17088 | WEB-ACTIVEX VeryDOC PDF Viewer ActiveX clsid unicode access (more info ...) | attempted-user | 2008-5492 | 32313 | ||
| 17089 | WEB-ACTIVEX VeryDOC PDF Viewer ActiveX function call access (more info ...) | attempted-user | 2008-5492 | 32313 | ||
| 17090 | WEB-ACTIVEX VeryDOC PDF Viewer ActiveX function call unicode access (more info ...) | attempted-user | 2008-5492 | 32313 | ||
| 17091 | SPECIFIC-THREATS VeryDOC PDF Viewer ActiveX control OpenPDF buffer overflow attempt (more info ...) | attempted-user | 2008-5492 | 32313 | ||
| 17092 | WEB-ACTIVEX Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX clsid access (more info ...) | attempted-user | 2009-3028 | 36346 | ||
| 17093 | WEB-ACTIVEX Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2009-3028 | 36346 | ||
| 17094 | WEB-ACTIVEX Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX function call access (more info ...) | attempted-user | 2009-3028 | 36346 | ||
| 17095 | WEB-ACTIVEX Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX function call unicode access (more info ...) | attempted-user | 2009-3028 | 36346 | ||
| 17113 | WEB-CLIENT Microsoft SilverLight ImageSource redefine flowbit (more info ...) | misc-activity | ||||
| 17117 | EXPLOIT Microsoft MPEG Layer-3 audio heap corruption attempt (more info ...) | attempted-user | 2010-1882 | URL | ||
| 17118 | EXPLOIT Microsoft .NET CreateDelegate method arbitrary code execution attempt (more info ...) | attempted-user | 2010-1898 | URL | ||
| 17125 | NETBIOS SMB Trans2 MaxDataCount overflow attempt (more info ...) | attempted-admin | 2010-2550 | URL | ||
| 17126 | NETBIOS SMB large session length with small packet (more info ...) | protocol-command-decode | 2010-2551 | URL | ||
| 17127 | NETBIOS BytesIndicated validation dos attempt (more info ...) | attempted-dos | 2010-2551 | URL | ||
| 17135 | EXPLOIT Microsoft Windows Movie Maker string size overflow attempt (more info ...) | attempted-user | 2010-2564 | URL | ||
| 17160 | SPECIFIC-THREATS Liquid XML Studio LtXmlComHelp8.dll ActiveX OpenFile buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 17161 | WEB-ACTIVEX Liquid XML Studio ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 17162 | WEB-ACTIVEX Liquid XML Studio ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 17163 | WEB-ACTIVEX Liquid XML Studio ActiveX function call access (more info ...) | attempted-user | URL | |||
| 17164 | WEB-ACTIVEX Liquid XML Studio ActiveX function call unicode access (more info ...) | attempted-user | URL | |||
| 17167 | WEB-ACTIVEX Oracle Siebel Option Pack 1 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17168 | WEB-ACTIVEX Oracle Siebel Option Pack 1 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17169 | WEB-ACTIVEX Oracle Siebel Option Pack 2 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17170 | WEB-ACTIVEX Oracle Siebel Option Pack 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17171 | WEB-ACTIVEX Oracle Siebel Option Pack 3 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17172 | WEB-ACTIVEX Oracle Siebel Option Pack 3 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17173 | WEB-ACTIVEX Oracle Siebel Option Pack 4 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17174 | WEB-ACTIVEX Oracle Siebel Option Pack 4 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17175 | WEB-ACTIVEX Oracle Siebel Option Pack 5 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17176 | WEB-ACTIVEX Oracle Siebel Option Pack 5 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17177 | WEB-ACTIVEX Oracle Siebel Option Pack 6 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17178 | WEB-ACTIVEX Oracle Siebel Option Pack 6 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17226 | WEB-ACTIVEX AXIS Camera ActiveX initialization via script (more info ...) | attempted-user | 2008-5260 | 33408 | ||
| 17241 | WEB-CLIENT Microsoft wmv file download request (more info ...) | misc-activity | ||||
| 17249 | EXPLOIT Microsoft LSASS integer overflow attempt (more info ...) | attempted-user | 2010-0820 | URL | ||
| 17256 | WEB-CLIENT Microsoft Windows uniscribe fonts parsing memory corruption attempt (more info ...) | attempted-user | 2010-2738 | URL | ||
| 17271 | WEB-CLIENT Microsoft Windows Web View script injection attempt (more info ...) | attempted-user | 2005-1191 | 13248 | ||
| 17285 | WEB-CLIENT Microsoft Powerpoint PPT file parsing memory corruption attempt (more info ...) | attempted-user | 2006-3656 | 18993 | ||
| 17292 | WEB-CLIENT Microsoft Powerpoint malformed data record code execution attempt (more info ...) | attempted-user | 2006-3876 | 20322 | ||
| 17304 | WEB-CLIENT Microsoft Works file converter file section header index table stack overflow attempt (more info ...) | attempted-user | 2008-0105 | 27658 | ||
| 17306 | SPECIFIC-THREATS Microsoft Malware Protection Engine file processing denial of service attempt (more info ...) | denial-of-service | 2008-1437 | URL | ||
| 17310 | SPECIFIC-THREATS Microsoft Powerpoint Viewer Memory Allocation Code Execution (more info ...) | attempted-user | 2008-0120 | 30552 | ||
| 17316 | WEB-CLIENT Microsoft Windows Folder GUID Code Execution attempt (more info ...) | attempted-user | 2006-3281 | 19389 | ||
| 17318 | WEB-CLIENT Microsoft Powerpoint MCAtom remote code execution attempt (more info ...) | attempted-user | 2006-5296 | 20495 | ||
| 17319 | WEB-CLIENT Microsoft Powerpoint MCAtom remote code execution attempt (more info ...) | attempted-user | 2006-5296 | 20495 | ||
| 17320 | WEB-CLIENT Microsoft Powerpoint MCAtom remote code execution attempt (more info ...) | attempted-user | 2006-5296 | 20495 | ||
| 17321 | NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters name overflow attempt (more info ...) | attempted-admin | 2007-6701 | 25092 | URL | |
| 17330 | WEB-CLIENT Microsoft Windows GRE WMF Handling Memory Read Exception attempt (more info ...) | attempted-user | 2006-0143 | 16167 | ||
| 17347 | WEB-CLIENT Microsoft Windows Color Management Module buffer overflow attempt (more info ...) | attempted-user | 2005-1219 | 14214 | ||
| 17348 | WEB-CLIENT Microsoft Windows Color Management Module buffer overflow attempt (more info ...) | attempted-user | 2005-1219 | 14214 | ||
| 17349 | WEB-CLIENT Microsoft Windows Color Management Module buffer overflow attempt (more info ...) | attempted-user | 2005-1219 | 14214 | ||
| 17364 | WEB-CLIENT Microsoft Help Workshop CNT Help contents (more info ...) | web-application-activity | ||||
| 17365 | WEB-CLIENT Microsoft Help Workshop CNT Help contents buffer overflow attempt (more info ...) | web-application-attack | 2007-0352 | 22100 | ||
| 17366 | WEB-CLIENT Microsoft Help Workshop HPJ OPTIONS section buffer overflow attempt (more info ...) | attempted-user | 2007-0427 | 22135 | ||
| 17374 | SPECIFIC-THREATS Microsoft Windows HLP File Handling heap overflow attempt (more info ...) | attempted-user | 2007-1912 | 23382 | ||
| 17382 | SPECIFIC-THREATS Microsoft Project Invalid Memory Pointer Code Execution attempt (more info ...) | attempted-user | 2008-1088 | 28607 | ||
| 17383 | SPECIFIC-THREATS Microsoft Publisher Object Handler Validation Code Execution attempted (more info ...) | attempted-user | 2008-0119 | 29158 | ||
| 17408 | WEB-CLIENT Microsoft DirectX Targa image file heap overflow attempt (more info ...) | attempted-user | 2006-4183 | 24963 | ||
| 17413 | SPECIFIC-THREATS Microsoft Jet DB Engine Buffer Overflow attempt (more info ...) | attempted-user | 2005-0944 | 12960 | ||
| 17421 | WEB-CLIENT Microsoft OLE automation string manipulation overflow attempt (more info ...) | attempted-user | 2007-2224 | 25282 | ||
| 17428 | WEB-MISC Microsoft ASP.NET information disclosure attempt (more info ...) | misc-activity | 2010-3332 | URL | ||
| 17429 | WEB-MISC Microsoft ASP.NET information disclosure attempt (more info ...) | misc-activity | 2010-3332 | URL | ||
| 17436 | NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 17438 | NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 17443 | WEB-CLIENT Microsoft DirectShow AVI decoder buffer overflow attempt (more info ...) | attempted-user | 2005-2128 | 15063 | ||
| 17464 | WEB-ACTIVEX AOL Radio AmpX ActiveX clsid access (more info ...) | attempted-user | 2007-5755 | 26396 | ||
| 17465 | WEB-ACTIVEX AOL Radio AmpX ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5755 | 26396 | ||
| 17467 | WEB-CLIENT Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 17468 | WEB-CLIENT Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 17489 | SPECIFIC-THREATS Microsoft Windows Help File Heap Buffer Overflow attempt (more info ...) | attempted-user | 2006-1591 | 17325 | ||
| 17490 | SPECIFIC-THREATS Microsoft Windows itss.dll CHM File Handling Heap Corruption attempt (more info ...) | attempted-admin | 2006-2297 | 17926 | ||
| 17496 | WEB-CLIENT Microsoft Powerpoint malformed NamedShows record code execution attempt (more info ...) | attempted-user | 2006-4694 | 20226 | ||
| 17497 | WEB-CLIENT Microsoft Powerpoint malformed NamedShows record code execution attempt (more info ...) | attempted-user | 2006-4694 | 20226 | ||
| 17508 | WEB-MISC Microsoft .NET Application download attempt (more info ...) | suspicious-filename-detect | 2006-6696 | 21688 | ||
| 17509 | WEB-MISC Microsoft .NET Manifest download attempt (more info ...) | suspicious-filename-detect | 2006-6696 | 21688 | ||
| 17510 | WEB-MISC Microsoft .NET Deploy download attempt (more info ...) | suspicious-filename-detect | 2006-6696 | 21688 | ||
| 17571 | WEB-ACTIVEX obfuscated instantiation of ActiveX object - likely malicious (more info ...) | attempted-user | 2008-3558 | |||
| 17572 | WEB-CLIENT Microsoft XML Core Services cross-site information disclosure attempt (more info ...) | attempted-recon | 2008-4029 | 32155 | URL | |
| 17575 | WEB-ACTIVEX SizerOne 2 ActiveX clsid access (more info ...) | attempted-user | 2008-4827 | 33148 | ||
| 17576 | WEB-ACTIVEX SizerOne 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4827 | 33148 | ||
| 17582 | WEB-ACTIVEX Symantec Norton AntiVirus CcErrDisp ActiveX function call access (more info ...) | attempted-user | 12175 | |||
| 17583 | WEB-ACTIVEX Symantec Norton AntiVirus CcErrDisp ActiveX function call unicode access (more info ...) | attempted-user | 12175 | |||
| 17587 | SPECIFIC-THREATS AcroPDF.PDF ActiveX exploit attempt (more info ...) | attempted-user | 2006-6027 | 21155 | URL | |
| 17592 | WEB-ACTIVEX Microsoft MyInfo.dll ActiveX clsid access (more info ...) | attempted-user | 2006-4495 | 19636 | URL | |
| 17593 | WEB-ACTIVEX Microsoft msdxm.ocx ActiveX clsid access (more info ...) | attempted-user | 2006-4495 | 19636 | URL | |
| 17594 | WEB-ACTIVEX Microsoft creator.dll 1 ActiveX clsid access (more info ...) | attempted-user | 2006-4495 | 19636 | URL | |
| 17595 | WEB-ACTIVEX Microsoft creator.dll 2 ActiveX clsid access (more info ...) | attempted-user | 2006-4495 | 19636 | URL | |
| 17596 | WEB-ACTIVEX Microsoft ciodm.dll ActiveX clsid access (more info ...) | attempted-user | 2006-4495 | 19636 | URL | |
| 17614 | WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 17615 | WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 17616 | WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX function call access (more info ...) | attempted-user | URL | |||
| 17617 | WEB-ACTIVEX SAP GUI SAPBExCommonResources ActiveX function call unicode access (more info ...) | attempted-user | URL | |||
| 17618 | SPECIFIC-THREATS Microsoft Windows hraphics engine EMF rendering vulnerability (more info ...) | attempted-user | 2005-2123 | 15352 | ||
| 17626 | SPECIFIC-THREATS Microsoft Windows embedded web font handling buffer overflow attempt (more info ...) | attempted-user | 2006-0010 | 16194 | ||
| 17639 | NETBIOS Samba Root File System access bypass attempt (more info ...) | attempted-recon | 2009-0022 | 33118 | ||
| 17646 | WEB-CLIENT Microsoft Powerpoint Legacy file format picture object code execution attempt (more info ...) | attempted-user | 2009-0223 | 34834 | ||
| 17654 | SPECIFIC-THREATS Facebook Photo Uploader ActiveX exploit attempt (more info ...) | attempted-user | 2008-5711 | 27756 | URL | |
| 17694 | WEB-CLIENT Microsoft Windows AVI file chunk length integer overflow attempt (more info ...) | attempted-user | 2009-1546 | 35970 | ||
| 17695 | WEB-CLIENT Microsoft PowerPoint paragraph format array inner header overflow attempt (more info ...) | attempted-user | 2009-0220 | 34833 | ||
| 17702 | NETBIOS DCERPC NCACN-IP-TCP srvsvc NetrDfsCreateExitPoint dos attempt (more info ...) | attempted-dos | 2005-3644 | 15460 | URL | |
| 17711 | WEB-CLIENT Microsoft Windows ASF parsing memory corruption attempt (more info ...) | attempted-user | 2007-0064 | URL | ||
| 17721 | EXPLOIT WINS replication inform2 request memory corruption attempt (more info ...) | attempted-admin | 2009-1924 | URL | ||
| 17723 | NETBIOS possible SMB replay attempt - overlapping encryption keys detected (more info ...) | attempted-user | 2010-0231 | URL | ||
| 17730 | WEB-CLIENT Microsoft XML Core Services MIME Viewer memory corruption attempt (more info ...) | attempted-user | 2007-0099 | URL | ||
| 17737 | SPECIFIC-THREATS Microsoft collaboration data objects buffer overflow attempt (more info ...) | attempted-user | 2005-1987 | 15067 | ||
| 17745 | NETBIOS SMB TRANS2 Find_First2 request attempt (more info ...) | misc-activity | ||||
| 17746 | NETBIOS SMB client TRANS response Find_First2 filesize overflow attempt (more info ...) | attempted-admin | 2005-0045 | URL | ||
| 17749 | RPC Linux Kernel nfsd v4 CAP_MKNOD security bypass attempt (more info ...) | misc-attack | 2009-1072 | 34205 | ||
| 17770 | WEB-ACTIVEX Microsoft HtmlDlgHelper ActiveX clsid access (more info ...) | attempted-user | 2010-3329 | URL | ||
| 17772 | WEB-ACTIVEX Microsoft Scriptlet Component ActiveX clsid access (more info ...) | attempted-user | 2010-3331 | URL | ||
| 18064 | EXPLOIT Microsoft .NET framework EntityObject execution attempt (more info ...) | attempted-user | 2010-3228 | URL | ||
| 18065 | EXPLOIT Microsoft PowerPoint converter bad indirection remote code execution attempt (more info ...) | attempted-user | 2010-2572 | URL | ||
| 18066 | WEB-CLIENT Microsoft PowerPoint integer underflow heap corruption attempt (more info ...) | attempted-user | 2010-2573 | URL | ||
| 18070 | NETBIOS pptimpconv.dll access (more info ...) | attempted-user | 2010-3337 | URL | ||
| 18073 | WEB-MISC Microsoft Forefront UAG arbitrary embedded scripting attempt (more info ...) | attempted-user | 2010-2733 | URL | ||
| 18097 | WEB-ACTIVEX VMWare Remote Console Plug-In ActiveX clsid access (more info ...) | attempted-user | 2009-3732 | |||
| 18169 | WEB-ACTIVEX WinZip FileView 6.1 ActiveX function call unicode access (more info ...) | attempted-user | 2006-5198 | 21108 | URL | |
| 18189 | NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (more info ...) | protocol-command-decode | 2007-2446 | 24198 | ||
| 18190 | NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (more info ...) | protocol-command-decode | 2007-2446 | 24198 | ||
| 18191 | NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (more info ...) | protocol-command-decode | 2007-2446 | 24198 | ||
| 18192 | NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (more info ...) | protocol-command-decode | 2007-2446 | 24198 | ||
| 18197 | WEB-ACTIVEX Microsoft COleSite ActiveX memory corruption attempt (more info ...) | attempted-user | 2010-3340 | URL | ||
| 18198 | WEB-ACTIVEX Microsoft COleSite ActiveX memory corruption attempt (more info ...) | attempted-user | 2010-3340 | URL | ||
| 18199 | WEB-ACTIVEX Microsoft COleSite ActiveX memory corruption attempt (more info ...) | attempted-user | 2010-3340 | URL | ||
| 18203 | NETBIOS Windows Address Book smmscrpt.dll malicious DLL load (more info ...) | attempted-user | 2010-3144 | URL | ||
| 18206 | NETBIOS Windows Address Book wab32res.dll malicious DLL load (more info ...) | attempted-user | 2010-3147 | URL | ||
| 18207 | NETBIOS Windows Address Book msoeres32.dll malicious DLL load (more info ...) | attempted-user | 2010-3147 | URL | ||
| 18209 | NETBIOS Windows 7 Home peerdist.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3966 | URL | ||
| 18210 | WEB-CLIENT Microsoft Movie Maker hhctrl.ocx dll-load exploit attempt (more info ...) | attempted-user | 2010-3967 | URL | ||
| 18211 | NETBIOS Microsoft Movie Maker hhctrl.ocx dll-load exploit attempt (more info ...) | attempted-user | 2010-3967 | URL | ||
| 18215 | NETBIOS NETAPI RPC interface reboot attempt (more info ...) | attempted-user | 2010-2742 | URL | ||
| 18219 | WEB-CLIENT Microsoft Windows ATMFD font driver remote code execution attempt (more info ...) | attempted-user | 2010-3957 | URL | ||
| 18220 | WEB-CLIENT Microsoft Windows ATMFD font driver malformed character glyph remote code execution attempt (more info ...) | attempted-user | 2010-3959 | URL | ||
| 18230 | SPECIFIC-THREATS Microsoft Publisher memory corruption attempt (more info ...) | attempted-user | 2010-3954 | URL | ||
| 18231 | WEB-CLIENT Microsoft Publisher oversized oti length attempt (more info ...) | attempted-user | 2010-3955 | URL | ||
| 18238 | EXPLOIT Microsoft Sharepoint document conversion remote code excution attempt (more info ...) | attempted-admin | 2010-3964 | URL | ||
| 18241 | WEB-ACTIVEX Microsoft WMI Administrator Tools Object Viewer ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 18242 | WEB-ACTIVEX Microsoft WMI Administrator Tools Object Viewer ActiveX function call access (more info ...) | attempted-user | URL | |||
| 18246 | WEB-CLIENT Microsoft Windows Fax Services Cover Page Editor overflow attempt (more info ...) | attempted-user | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 529 | NETBIOS DCERPC NCACN-IP-TCP srvsvc NetrShareEnum null policy handle attempt (more info ...) | protocol-command-decode | ||||
| 530 | NETBIOS NT NULL session (more info ...) | attempted-recon | 2000-0347 | 1163 | ||
| 532 | NETBIOS SMB ADMIN$ share access (more info ...) | protocol-command-decode | ||||
| 533 | NETBIOS SMB C$ share access (more info ...) | protocol-command-decode | ||||
| 534 | NETBIOS SMB CD.. (more info ...) | attempted-recon | ||||
| 535 | NETBIOS SMB CD... (more info ...) | attempted-recon | ||||
| 536 | NETBIOS SMB D$ share access (more info ...) | protocol-command-decode | ||||
| 572 | RPC DOS ttdbserv Solaris (more info ...) | attempted-dos | 1999-0003 | 122 | ||
| 574 | RPC mountd TCP export request (more info ...) | attempted-recon | ||||
| 575 | RPC portmap admind request UDP (more info ...) | rpc-portmap-decode | ||||
| 576 | RPC portmap amountd request UDP (more info ...) | rpc-portmap-decode | 1999-0704 | 614 | ||
| 577 | RPC portmap bootparam request UDP (more info ...) | rpc-portmap-decode | 1999-0647 | |||
| 578 | RPC portmap cmsd request UDP (more info ...) | rpc-portmap-decode | ||||
| 579 | RPC portmap mountd request UDP (more info ...) | rpc-portmap-decode | ||||
| 580 | RPC portmap nisd request UDP (more info ...) | rpc-portmap-decode | 1999-0008 | |||
| 581 | RPC portmap pcnfsd request UDP (more info ...) | rpc-portmap-decode | 2002-0910 | 4816 | ||
| 582 | RPC portmap rexd request UDP (more info ...) | rpc-portmap-decode | ||||
| 583 | RPC portmap rstatd request UDP (more info ...) | rpc-portmap-decode | ||||
| 584 | RPC portmap rusers request UDP (more info ...) | rpc-portmap-decode | 1999-0626 | |||
| 585 | RPC portmap sadmind request UDP (more info ...) | rpc-portmap-decode | ||||
| 586 | RPC portmap selection_svc request UDP (more info ...) | rpc-portmap-decode | 1999-0209 | 8 | ||
| 587 | RPC portmap status request UDP (more info ...) | rpc-portmap-decode | ||||
| 588 | RPC portmap ttdbserv request UDP (more info ...) | rpc-portmap-decode | 2001-0717 | 3382 | URL | |
| 589 | RPC portmap yppasswd request UDP (more info ...) | rpc-portmap-decode | ||||
| 590 | RPC portmap ypserv request UDP (more info ...) | rpc-portmap-decode | 2002-1232 | 6016 | ||
| 591 | RPC portmap ypupdated request TCP (more info ...) | rpc-portmap-decode | 1999-0208 | 1749 | ||
| 595 | RPC portmap espd request TCP (more info ...) | rpc-portmap-decode | 2001-0331 | 2714 | ||
| 598 | RPC portmap listing TCP 111 (more info ...) | rpc-portmap-decode | ||||
| 599 | RPC portmap listing TCP 32771 (more info ...) | rpc-portmap-decode | ||||
| 612 | RPC rusers query UDP (more info ...) | attempted-recon | 1999-0626 | |||
| 1262 | RPC portmap admind request TCP (more info ...) | rpc-portmap-decode | ||||
| 1263 | RPC portmap amountd request TCP (more info ...) | rpc-portmap-decode | 1999-0704 | 614 | ||
| 1264 | RPC portmap bootparam request TCP (more info ...) | rpc-portmap-decode | 1999-0647 | |||
| 1265 | RPC portmap cmsd request TCP (more info ...) | rpc-portmap-decode | ||||
| 1267 | RPC portmap nisd request TCP (more info ...) | rpc-portmap-decode | ||||
| 1268 | RPC portmap pcnfsd request TCP (more info ...) | rpc-portmap-decode | 2002-0910 | 4816 | ||
| 1269 | RPC portmap rexd request TCP (more info ...) | rpc-portmap-decode | ||||
| 1270 | RPC portmap rstatd request TCP (more info ...) | rpc-portmap-decode | ||||
| 1271 | RPC portmap rusers request TCP (more info ...) | rpc-portmap-decode | 1999-0626 | |||
| 1272 | RPC portmap sadmind request TCP (more info ...) | rpc-portmap-decode | ||||
| 1273 | RPC portmap selection_svc request TCP (more info ...) | rpc-portmap-decode | 1999-0209 | 205 | ||
| 1274 | RPC portmap ttdbserv request TCP (more info ...) | rpc-portmap-decode | 2001-0717 | 3382 | URL | |
| 1275 | RPC portmap yppasswd request TCP (more info ...) | rpc-portmap-decode | ||||
| 1276 | RPC portmap ypserv request TCP (more info ...) | rpc-portmap-decode | 2002-1232 | 6016 | ||
| 1277 | RPC portmap ypupdated request UDP (more info ...) | rpc-portmap-decode | 1999-0208 | 28383 | ||
| 1280 | RPC portmap listing UDP 111 (more info ...) | rpc-portmap-decode | ||||
| 1281 | RPC portmap listing UDP 32771 (more info ...) | rpc-portmap-decode | ||||
| 1295 | NETBIOS nimda RICHED20.DLL (more info ...) | bad-unknown | URL | |||
| 1447 | MISC MS Terminal server request RDP (more info ...) | protocol-command-decode | 2001-0540 | 3099 | 10940 | URL |
| 1732 | RPC portmap rwalld request UDP (more info ...) | rpc-portmap-decode | 1999-0181 | 205 | ||
| 1733 | RPC portmap rwalld request TCP (more info ...) | rpc-portmap-decode | 1999-0181 | 205 | ||
| 1746 | RPC portmap cachefsd request UDP (more info ...) | rpc-portmap-decode | 2002-0084 | 4674 | 10951 | |
| 1747 | RPC portmap cachefsd request TCP (more info ...) | rpc-portmap-decode | 2002-0084 | 4674 | 10951 | |
| 1890 | RPC status GHBN format string attack (more info ...) | misc-attack | 2000-0666 | 1480 | 10544 | |
| 1891 | RPC status GHBN format string attack (more info ...) | misc-attack | 2000-0666 | 1480 | 10544 | |
| 1905 | RPC AMD UDP amqproc_mount plog overflow attempt (more info ...) | misc-attack | 1999-0704 | 614 | ||
| 1906 | RPC AMD TCP amqproc_mount plog overflow attempt (more info ...) | misc-attack | 1999-0704 | 614 | ||
| 1907 | RPC CMSD UDP CMSD_CREATE buffer overflow attempt (more info ...) | attempted-admin | 1999-0696 | 524 | ||
| 1908 | RPC CMSD TCP CMSD_CREATE buffer overflow attempt (more info ...) | attempted-admin | 1999-0696 | 524 | ||
| 1909 | RPC CMSD TCP CMSD_INSERT buffer overflow attempt (more info ...) | misc-attack | 1999-0696 | 524 | URL | |
| 1910 | RPC CMSD udp CMSD_INSERT buffer overflow attempt (more info ...) | misc-attack | 1999-0696 | URL | ||
| 1911 | RPC sadmind UDP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (more info ...) | attempted-admin | 1999-0977 | 866 | ||
| 1912 | RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (more info ...) | attempted-admin | 1999-0977 | 866 | ||
| 1913 | RPC STATD UDP stat mon_name format string exploit attempt (more info ...) | attempted-admin | 2000-0666 | 1480 | 10544 | |
| 1914 | RPC STATD TCP stat mon_name format string exploit attempt (more info ...) | attempted-admin | 2000-0666 | 1480 | 10544 | |
| 1915 | RPC STATD UDP monitor mon_name format string exploit attempt (more info ...) | attempted-admin | 2000-0666 | 1480 | 10544 | |
| 1916 | RPC STATD TCP monitor mon_name format string exploit attempt (more info ...) | attempted-admin | 2000-0666 | 1480 | 10544 | |
| 1922 | RPC portmap proxy attempt TCP (more info ...) | rpc-portmap-decode | ||||
| 1923 | RPC portmap proxy attempt UDP (more info ...) | rpc-portmap-decode | ||||
| 1924 | RPC mountd UDP export request (more info ...) | attempted-recon | ||||
| 1925 | RPC mountd TCP exportall request (more info ...) | attempted-recon | ||||
| 1926 | RPC mountd UDP exportall request (more info ...) | attempted-recon | ||||
| 1949 | RPC portmap SET attempt TCP 111 (more info ...) | rpc-portmap-decode | ||||
| 1950 | RPC portmap SET attempt UDP 111 (more info ...) | rpc-portmap-decode | ||||
| 1951 | RPC mountd TCP mount request (more info ...) | attempted-recon | 1999-0210 | |||
| 1952 | RPC mountd UDP mount request (more info ...) | attempted-recon | ||||
| 1953 | RPC AMD TCP pid request (more info ...) | rpc-portmap-decode | ||||
| 1954 | RPC AMD UDP pid request (more info ...) | rpc-portmap-decode | ||||
| 1955 | RPC AMD TCP version request (more info ...) | rpc-portmap-decode | ||||
| 1956 | RPC AMD UDP version request (more info ...) | rpc-portmap-decode | 2000-0696 | 1554 | ||
| 1957 | RPC sadmind UDP PING (more info ...) | protocol-command-decode | 1999-0977 | 866 | 10229 | |
| 1958 | RPC sadmind TCP PING (more info ...) | protocol-command-decode | 1999-0977 | 866 | 10229 | |
| 1959 | RPC portmap NFS request UDP (more info ...) | rpc-portmap-decode | ||||
| 1960 | RPC portmap NFS request TCP (more info ...) | rpc-portmap-decode | ||||
| 1961 | RPC portmap RQUOTA request UDP (more info ...) | rpc-portmap-decode | ||||
| 1962 | RPC portmap RQUOTA request TCP (more info ...) | rpc-portmap-decode | ||||
| 1963 | RPC RQUOTA getquota overflow attempt UDP (more info ...) | misc-attack | 1999-0974 | 864 | ||
| 1964 | RPC tooltalk UDP overflow attempt (more info ...) | attempted-admin | 1999-0003 | 122 | ||
| 1965 | RPC tooltalk TCP overflow attempt (more info ...) | attempted-admin | 2001-0717 | 122 | ||
| 2006 | RPC portmap kcms_server request TCP (more info ...) | rpc-portmap-decode | 2003-0027 | 6665 | URL | |
| 2014 | RPC portmap UNSET attempt TCP 111 (more info ...) | rpc-portmap-decode | 1892 | |||
| 2015 | RPC portmap UNSET attempt UDP 111 (more info ...) | rpc-portmap-decode | 1892 | |||
| 2016 | RPC portmap status request TCP (more info ...) | rpc-portmap-decode | ||||
| 2017 | RPC portmap espd request UDP (more info ...) | rpc-portmap-decode | 2001-0331 | 2714 | ||
| 2018 | RPC mountd TCP dump request (more info ...) | attempted-recon | ||||
| 2019 | RPC mountd UDP dump request (more info ...) | attempted-recon | ||||
| 2020 | RPC mountd TCP unmount request (more info ...) | attempted-recon | ||||
| 2021 | RPC mountd UDP unmount request (more info ...) | attempted-recon | ||||
| 2022 | RPC mountd TCP unmountall request (more info ...) | attempted-recon | ||||
| 2023 | RPC mountd UDP unmountall request (more info ...) | attempted-recon | ||||
| 2024 | RPC RQUOTA getquota overflow attempt TCP (more info ...) | misc-attack | 1999-0974 | 864 | ||
| 2025 | RPC yppasswd username overflow attempt UDP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | 10684 | |
| 2026 | RPC yppasswd username overflow attempt TCP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | 10684 | |
| 2031 | RPC yppasswd user update UDP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2032 | RPC yppasswd user update TCP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2033 | RPC ypserv maplist request UDP (more info ...) | rpc-portmap-decode | 2002-1232 | 6016 | 13976 | |
| 2034 | RPC ypserv maplist request TCP (more info ...) | rpc-portmap-decode | 2002-1232 | 6016 | ||
| 2035 | RPC portmap network-status-monitor request UDP (more info ...) | rpc-portmap-decode | ||||
| 2036 | RPC portmap network-status-monitor request TCP (more info ...) | rpc-portmap-decode | ||||
| 2037 | RPC network-status-monitor mon-callback request UDP (more info ...) | rpc-portmap-decode | ||||
| 2038 | RPC network-status-monitor mon-callback request TCP (more info ...) | rpc-portmap-decode | ||||
| 2079 | RPC portmap nlockmgr request UDP (more info ...) | rpc-portmap-decode | 2000-0508 | 1372 | 10220 | |
| 2080 | RPC portmap nlockmgr request TCP (more info ...) | rpc-portmap-decode | 2000-0508 | 1372 | 10220 | |
| 2081 | RPC portmap rpc.xfsmd request UDP (more info ...) | rpc-portmap-decode | 2002-0359 | 5075 | ||
| 2082 | RPC portmap rpc.xfsmd request TCP (more info ...) | rpc-portmap-decode | 2002-0359 | 5075 | ||
| 2083 | RPC rpc.xfsmd xfs_export attempt UDP (more info ...) | rpc-portmap-decode | 2002-0359 | 5075 | ||
| 2084 | RPC rpc.xfsmd xfs_export attempt TCP (more info ...) | rpc-portmap-decode | 2002-0359 | 5075 | ||
| 2088 | RPC ypupdated arbitrary command attempt UDP (more info ...) | misc-attack | 1999-0208 | 28383 | ||
| 2089 | RPC ypupdated arbitrary command attempt TCP (more info ...) | misc-attack | 1999-0208 | 1749 | ||
| 2092 | RPC portmap proxy integer overflow attempt UDP (more info ...) | rpc-portmap-decode | 2003-0028 | 7123 | 11420 | |
| 2093 | RPC portmap proxy integer overflow attempt TCP (more info ...) | rpc-portmap-decode | 2003-0028 | 7123 | 11420 | |
| 2094 | RPC CMSD UDP CMSD_CREATE array buffer overflow attempt (more info ...) | attempted-admin | 2002-0391 | 5356 | 11418 | |
| 2095 | RPC CMSD TCP CMSD_CREATE array buffer overflow attempt (more info ...) | attempted-admin | 2002-0391 | 5356 | 11418 | |
| 2101 | NETBIOS SMB Trans Max Param/Count DOS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 2126 | MISC Microsoft PPTP Start Control Request buffer overflow attempt (more info ...) | attempted-admin | 2002-1214 | 5807 | 11178 | URL |
| 2177 | NETBIOS SMB startup folder unicode access (more info ...) | attempted-recon | ||||
| 2184 | RPC mountd TCP mount path overflow attempt (more info ...) | misc-attack | 2003-0252 | 8179 | 11800 | |
| 2185 | RPC mountd UDP mount path overflow attempt (more info ...) | misc-attack | 2003-0252 | 8179 | 11800 | |
| 2190 | NETBIOS DCERPC invalid bind attempt (more info ...) | attempted-dos | ||||
| 2191 | NETBIOS SMB DCERPC invalid bind attempt (more info ...) | attempted-dos | ||||
| 2382 | NETBIOS SMB Session Setup NTMLSSP asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 2383 | NETBIOS SMB-DS Session Setup NTMLSSP asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 2402 | NETBIOS SMB-DS Session Setup andx username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 2404 | NETBIOS SMB-DS Session Setup unicode andx username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 2467 | NETBIOS SMB D$ unicode share access (more info ...) | protocol-command-decode | ||||
| 2468 | NETBIOS SMB-DS D$ share access (more info ...) | protocol-command-decode | ||||
| 2470 | NETBIOS SMB C$ unicode share access (more info ...) | protocol-command-decode | ||||
| 2471 | NETBIOS SMB-DS C$ share access (more info ...) | protocol-command-decode | ||||
| 2473 | NETBIOS SMB ADMIN$ unicode share access (more info ...) | protocol-command-decode | ||||
| 2474 | NETBIOS SMB-DS ADMIN$ share access (more info ...) | protocol-command-decode | ||||
| 2475 | NETBIOS SMB-DS ADMIN$ unicode share access (more info ...) | protocol-command-decode | ||||
| 2563 | NETBIOS NS lookup response name overflow attempt (more info ...) | attempted-admin | 2004-0444 | 10333 | URL | |
| 2564 | NETBIOS NS lookup short response attempt (more info ...) | attempted-admin | 2004-0444 | 10335 | URL | |
| 2936 | NETBIOS DCERPC NCACN-IP-TCP nddeapi NDdeSetTrustedShareW overflow attempt (more info ...) | attempted-admin | 2004-0206 | 11372 | URL | |
| 2973 | NETBIOS SMB D$ unicode andx share access (more info ...) | protocol-command-decode | ||||
| 2974 | NETBIOS SMB-DS D$ andx share access (more info ...) | protocol-command-decode | ||||
| 2975 | NETBIOS SMB-DS D$ unicode andx share access (more info ...) | protocol-command-decode | ||||
| 2976 | NETBIOS SMB C$ andx share access (more info ...) | protocol-command-decode | ||||
| 2977 | NETBIOS SMB C$ unicode andx share access (more info ...) | protocol-command-decode | ||||
| 2978 | NETBIOS SMB-DS C$ andx share access (more info ...) | protocol-command-decode | ||||
| 2979 | NETBIOS SMB-DS C$ unicode andx share access (more info ...) | protocol-command-decode | ||||
| 2980 | NETBIOS SMB ADMIN$ andx share access (more info ...) | protocol-command-decode | ||||
| 2981 | NETBIOS SMB ADMIN$ unicode andx share access (more info ...) | protocol-command-decode | ||||
| 2982 | NETBIOS SMB-DS ADMIN$ andx share access (more info ...) | protocol-command-decode | ||||
| 2983 | NETBIOS SMB-DS ADMIN$ unicode andx share access (more info ...) | protocol-command-decode | ||||
| 3001 | NETBIOS SMB Session Setup NTMLSSP andx asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 3002 | NETBIOS SMB Session Setup NTMLSSP unicode andx asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 3004 | NETBIOS SMB-DS Session Setup NTMLSSP andx asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 3005 | NETBIOS SMB-DS Session Setup NTMLSSP unicode andx asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 3017 | EXPLOIT WINS overflow attempt (more info ...) | misc-attack | 2004-1080 | 11763 | URL | |
| 3040 | NETBIOS SMB-DS NT Trans NT CREATE unicode DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3041 | NETBIOS SMB-DS NT Trans NT CREATE unicode andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3042 | NETBIOS SMB NT Trans NT CREATE invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3043 | NETBIOS SMB NT Trans NT CREATE andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3044 | NETBIOS SMB NT Trans NT CREATE unicode invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3045 | NETBIOS SMB NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3046 | NETBIOS SMB-DS NT Trans NT CREATE invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3047 | NETBIOS SMB-DS NT Trans NT CREATE andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3048 | NETBIOS SMB-DS NT Trans NT CREATE unicode invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3049 | NETBIOS SMB-DS NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3050 | NETBIOS SMB NT Trans NT CREATE invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3051 | NETBIOS SMB NT Trans NT CREATE andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3052 | NETBIOS SMB NT Trans NT CREATE unicode invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3053 | NETBIOS SMB NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3054 | NETBIOS SMB-DS NT Trans NT CREATE invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3055 | NETBIOS SMB-DS NT Trans NT CREATE andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3056 | NETBIOS SMB-DS NT Trans NT CREATE unicode invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3057 | NETBIOS SMB-DS NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3114 | NETBIOS DCERPC NCACN-IP-TCP llsrpc LlsrConnect overflow attempt (more info ...) | attempted-admin | 2005-0050 | 12481 | URL | |
| 3195 | NETBIOS name query overflow attempt TCP (more info ...) | attempted-admin | 2003-0825 | 9624 | 15912 | |
| 3196 | NETBIOS name query overflow attempt UDP (more info ...) | attempted-admin | 2003-0825 | 9624 | 15912 | |
| 3199 | EXPLOIT WINS name query overflow attempt TCP (more info ...) | attempted-admin | 2003-0825 | 9624 | 15912 | URL |
| 3200 | EXPLOIT WINS name query overflow attempt UDP (more info ...) | attempted-admin | 2003-0825 | 9624 | 15912 | URL |
| 3234 | NETBIOS Messenger message little endian overflow attempt (more info ...) | attempted-admin | 2003-0717 | 8826 | ||
| 3235 | NETBIOS Messenger message overflow attempt (more info ...) | attempted-admin | 2003-0717 | 8826 | ||
| 3238 | NETBIOS DCERPC NCACN-IP-TCP irot IrotIsRunning/Revoke overflow attempt (more info ...) | attempted-admin | 2002-1561 | 6005 | URL | |
| 3239 | NETBIOS DCERPC NCADG-IP-UDP irot IrotIsRunning/Revoke overflow attempt (more info ...) | attempted-admin | 2002-1561 | 6005 | URL | |
| 3590 | NETBIOS DCERPC NCACN-IP-TCP mqqm QMDeleteObject overflow attempt (more info ...) | attempted-admin | 2005-0059 | 18027 | URL | |
| 3591 | NETBIOS DCERPC NCADG-IP-UDP mqqm QMDeleteObject overflow attempt (more info ...) | attempted-admin | 2005-0059 | 18027 | URL | |
| 3639 | NETBIOS SMB Trans andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3640 | NETBIOS SMB Trans data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3641 | NETBIOS SMB Trans unicode data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3642 | NETBIOS SMB Trans unicode andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3643 | NETBIOS SMB-DS Trans andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3644 | NETBIOS SMB-DS Trans data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3645 | NETBIOS SMB-DS Trans unicode data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3646 | NETBIOS SMB-DS Trans unicode andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3647 | NETBIOS-DG SMB Trans andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3648 | NETBIOS-DG SMB Trans data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3649 | NETBIOS-DG SMB Trans unicode data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3650 | NETBIOS-DG SMB Trans unicode andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 13504 | URL | ||
| 3673 | MISC Microsoft SMS remote control client DoS overly long length attempt (more info ...) | attempted-user | 2004-0728 | 10726 | ||
| 4334 | NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 4413 | NETBIOS DCERPC NCACN-IP-TCP spoolss AddPrinterEx overflow attempt (more info ...) | attempted-admin | 2005-1984 | 14514 | URL | |
| 4608 | NETBIOS DCERPC NCACN-IP-TCP netware_cs function 43 overflow attempt (more info ...) | attempted-admin | 2005-1985 | 15066 | URL | |
| 4651 | NETBIOS SMB NT Trans NT SET SECURITY DESC SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4652 | NETBIOS SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4653 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4654 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4655 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4656 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4657 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC unicode SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4658 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4659 | NETBIOS-DG SMB NT Trans NT SET SECURITY DESC SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4660 | NETBIOS-DG SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4661 | NETBIOS-DG SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4662 | NETBIOS-DG SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4663 | NETBIOS SMB NT Trans NT SET SECURITY DESC DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4664 | NETBIOS SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4665 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4666 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4667 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4668 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4669 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC unicode DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4670 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4671 | NETBIOS-DG SMB NT Trans NT SET SECURITY DESC DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4672 | NETBIOS-DG SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4673 | NETBIOS-DG SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4674 | NETBIOS-DG SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4826 | NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetRootDeviceInstance attempt (more info ...) | protocol-command-decode | 2005-3644 | 15460 | URL | |
| 4918 | NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList dos attempt (more info ...) | protocol-command-decode | 2005-3644 | 15460 | URL | |
| 5096 | NETBIOS DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation attempt (more info ...) | protocol-command-decode | 2003-0533 | 10108 | 12205 | URL |
| 5678 | NETBIOS SMB-DS Session Setup username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 5679 | NETBIOS SMB-DS Session Setup unicode username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 5680 | NETBIOS-DG SMB Session Setup username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 5681 | NETBIOS-DG SMB Session Setup unicode username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 5683 | NETBIOS-DG SMB Session Setup andx username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 5684 | NETBIOS-DG SMB Session Setup unicode andx username overflow attempt (more info ...) | protocol-command-decode | 9752 | URL | ||
| 5717 | NETBIOS SMB-DS Trans Max Param/Count DOS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5719 | NETBIOS-DG SMB Trans Max Param/Count DOS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5720 | NETBIOS-DG SMB Trans unicode Max Param/Count DOS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5721 | NETBIOS SMB Trans andx Max Param/Count DOS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5722 | NETBIOS SMB Trans unicode andx Max Param/Count DOS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5723 | NETBIOS SMB-DS Trans andx Max Param/Count DOS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5724 | NETBIOS SMB-DS Trans unicode andx Max Param/Count DOS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5725 | NETBIOS-DG SMB Trans andx Max Param/Count DOS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5726 | NETBIOS-DG SMB Trans unicode andx Max Param/Count DOS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5727 | NETBIOS SMB Trans unicode Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5728 | NETBIOS-DG SMB Trans Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5729 | NETBIOS SMB Trans Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5730 | NETBIOS SMB-DS Trans Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5731 | NETBIOS SMB-DS Trans unicode Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5732 | NETBIOS-DG SMB Trans unicode Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5733 | NETBIOS SMB Trans unicode andx Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5734 | NETBIOS-DG SMB Trans andx Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5735 | NETBIOS SMB Trans andx Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5736 | NETBIOS SMB-DS Trans andx Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5737 | NETBIOS SMB-DS Trans unicode andx Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5738 | NETBIOS-DG SMB Trans unicode andx Max Param DOS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 6584 | NETBIOS DCERPC NCACN-IP-TCP rras RasRpcSubmitRequest overflow attempt (more info ...) | attempted-admin | 2006-2370 | 18325 | URL | |
| 6702 | NETBIOS SMB NT Trans Secondary Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6703 | NETBIOS SMB NT Trans Secondary unicode Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6704 | NETBIOS SMB-DS NT Trans Secondary Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6705 | NETBIOS SMB-DS NT Trans Secondary unicode Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6706 | NETBIOS-DG SMB NT Trans Secondary Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6707 | NETBIOS-DG SMB NT Trans Secondary unicode Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6708 | NETBIOS SMB NT Trans Secondary andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6709 | NETBIOS SMB NT Trans Secondary unicode andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6710 | NETBIOS SMB-DS NT Trans Secondary andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6711 | NETBIOS SMB-DS NT Trans Secondary unicode andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6712 | NETBIOS-DG SMB NT Trans Secondary andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6713 | NETBIOS-DG SMB NT Trans Secondary unicode andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6810 | NETBIOS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences area/country overflow attempt (more info ...) | attempted-admin | 2006-2371 | 18358 | URL | |
| 7037 | NETBIOS-DG SMB Trans mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7038 | NETBIOS-DG SMB Trans unicode mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7042 | NETBIOS-DG SMB Trans unicode andx mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7196 | EXPLOIT Microsoft DHCP option overflow attempt (more info ...) | attempted-admin | 2006-2372 | URL | ||
| 7422 | EXPLOIT Microsoft MMC mmcndmgr.dll cross site scripting attempt (more info ...) | attempted-user | 2006-3643 | 19417 | URL | |
| 7423 | EXPLOIT Microsoft MMC mmc.exe cross site scripting attempt (more info ...) | attempted-user | 2006-3643 | 19417 | URL | |
| 7424 | EXPLOIT Microsoft MMC createcab.cmd cross site scripting attempt (more info ...) | attempted-user | 2006-3643 | 19417 | URL | |
| 8157 | NETBIOS DCERPC NCACN-IP-TCP webdav DavrCreateConnection hostname overflow attempt (more info ...) | attempted-admin | 2006-0013 | 16636 | URL | |
| 8449 | NETBIOS SMB Rename invalid buffer type andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8450 | NETBIOS SMB Rename invalid buffer type attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8451 | NETBIOS SMB Rename invalid buffer type unicode andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8452 | NETBIOS SMB Rename invalid buffer type unicode attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8453 | NETBIOS SMB-DS Rename invalid buffer type andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8454 | NETBIOS SMB-DS Rename invalid buffer type attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8455 | NETBIOS SMB-DS Rename invalid buffer type unicode andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8456 | NETBIOS SMB-DS Rename invalid buffer type unicode attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8457 | NETBIOS-DG SMB Rename invalid buffer type andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8458 | NETBIOS-DG SMB Rename invalid buffer type attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8459 | NETBIOS-DG SMB Rename invalid buffer type unicode andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8460 | NETBIOS-DG SMB Rename invalid buffer type unicode attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8925 | NETBIOS DCERPC NCACN-IP-TCP wkssvc NetrAddAlternateComputerName overflow attempt (more info ...) | attempted-admin | 2003-0812 | 9011 | 11921 | URL |
| 9132 | NETBIOS DCERPC NCACN-IP-TCP netware_cs NwrOpenEnumNdsStubTrees_Any overflow attempt (more info ...) | attempted-admin | 2006-4689 | URL | ||
| 9228 | NETBIOS DCERPC NCACN-IP-TCP netware_cs NwGetConnectionInformation overflow attempt (more info ...) | attempted-admin | 2006-4689 | URL | ||
| 9431 | EXPLOIT Microsoft NNTP response overflow attempt (more info ...) | attempted-user | 2005-1213 | 13951 | URL | |
| 9432 | WEB-CLIENT Microsoft Agent buffer overflow attempt (more info ...) | attempted-user | 2006-3445 | 21034 | URL | |
| 9441 | NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath overflow attempt (more info ...) | attempted-admin | 2006-5143 | 20365 | URL | |
| 9623 | RPC UNIX authentication machinename string overflow attempt TCP (more info ...) | attempted-user | 2006-5780 | 20941 | ||
| 9624 | RPC UNIX authentication machinename string overflow attempt UDP (more info ...) | attempted-user | 2006-5780 | 20941 | ||
| 9772 | NETBIOS DCERPC NCACN-IP-TCP msqueue function 1 overflow attempt (more info ...) | attempted-admin | ||||
| 9773 | NETBIOS DCERPC NCADG-IP-UDP msqueue function 1 overflow attempt (more info ...) | attempted-admin | ||||
| 9914 | NETBIOS DCERPC NCACN-IP-TCP tapisrv ClientRequest LSetAppPriority overflow attempt (more info ...) | attempted-admin | 2005-0058 | 14518 | URL | |
| 10024 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc ClientDBMiniAgentClose attempt (more info ...) | protocol-command-decode | 2007-0168 | 22010 | URL | |
| 10030 | NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath_Function_45 overflow attempt (more info ...) | attempted-admin | 2006-5143 | 20365 | ||
| 10036 | NETBIOS DCERPC NCACN-IP-TCP brightstor ASRemotePFC overflow attempt (more info ...) | attempted-admin | 2007-0169 | 22005 | URL | |
| 10117 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc GetGCBHandleFromGroupName overflow attempt (more info ...) | attempted-admin | 2007-0169 | 22005 | ||
| 10202 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _SetRealTimeScanConfigInfo attempt (more info ...) | protocol-command-decode | 2007-1070 | 22639 | URL | |
| 10208 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect COMN_NetTestConnection attempt (more info ...) | protocol-command-decode | 2007-1070 | 22639 | URL | |
| 10285 | NETBIOS DCERPC NCACN-IP-TCP svcctl ChangeServiceConfig2A attempt (more info ...) | protocol-command-decode | ||||
| 10393 | WEB-ACTIVEX Symantec SupportSoft SmartIssue ActiveX clsid access (more info ...) | attempted-user | 2006-6490 | 22564 | URL | |
| 10394 | WEB-ACTIVEX Symantec SupportSoft SmartIssue ActiveX clsid unicode access (more info ...) | attempted-user | 2006-6490 | 22564 | URL | |
| 10395 | WEB-ACTIVEX Symantec SupportSoft SmartIssue ActiveX function call access (more info ...) | attempted-user | 2006-6490 | 22564 | URL | |
| 10408 | RPC portmap HP-UX Single Logical Screen SLSD tcp request (more info ...) | rpc-portmap-decode | 2007-0915 | 22551 | ||
| 10409 | RPC portmap HP-UX Single Logical Screen SLSD udp request (more info ...) | rpc-portmap-decode | 2007-0915 | 22551 | ||
| 10410 | RPC portmap HP-UX Single Logical Screen SLSD tcp request (more info ...) | rpc-portmap-decode | 2007-0915 | 22551 | ||
| 10411 | RPC portmap HP-UX Single Logical Screen SLSD udp request (more info ...) | rpc-portmap-decode | 2007-0915 | 22551 | ||
| 10486 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 15,16,17 attempt (more info ...) | protocol-command-decode | 2007-1447 | 22994 | URL | |
| 11073 | NETBIOS DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject attempt (more info ...) | protocol-command-decode | 2003-0605 | URL | ||
| 11074 | NETBIOS DCERPC NCADG-IP-UDP rpcss _RemoteGetClassObject attempt (more info ...) | protocol-command-decode | 2003-0605 | URL | ||
| 11288 | RPC portmap mountd tcp request (more info ...) | rpc-portmap-decode | 2006-0900 | 16838 | ||
| 11289 | RPC portmap mountd tcp zero-length payload denial of service attempt (more info ...) | rpc-portmap-decode | 2006-0900 | 16838 | ||
| 11442 | NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt (more info ...) | attempted-admin | 2007-2446 | |||
| 11443 | NETBIOS DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt (more info ...) | attempted-admin | 2007-2446 | |||
| 11620 | WEB-ACTIVEX DXImageTransform.Microsoft.Chroma ActiveX function call access (more info ...) | attempted-user | 24188 | URL | ||
| 11621 | WEB-ACTIVEX DXImageTransform.Microsoft.Chroma ActiveX function call unicode access (more info ...) | attempted-user | 24188 | URL | ||
| 11624 | WEB-ACTIVEX LeadTools ISIS ActiveX clsid access (more info ...) | attempted-user | 24094 | URL | ||
| 11625 | WEB-ACTIVEX LeadTools ISIS ActiveX clsid unicode access (more info ...) | attempted-user | 24094 | URL | ||
| 11626 | WEB-ACTIVEX LeadTools ISIS ActiveX function call access (more info ...) | attempted-user | 24094 | URL | ||
| 11627 | WEB-ACTIVEX LeadTools ISIS ActiveX function call unicode access (more info ...) | attempted-user | 24094 | URL | ||
| 11628 | WEB-ACTIVEX LeadTools JPEG 2000 COM Object ActiveX function call access (more info ...) | attempted-user | 24040 | URL | ||
| 11629 | WEB-ACTIVEX LeadTools JPEG 2000 COM Object ActiveX function call unicode access (more info ...) | attempted-user | 24040 | URL | ||
| 11630 | WEB-ACTIVEX LeadTools Raster Dialog File Object ActiveX clsid access (more info ...) | attempted-user | 24133 | URL | ||
| 11631 | WEB-ACTIVEX LeadTools Raster Dialog File Object ActiveX clsid unicode access (more info ...) | attempted-user | 24133 | URL | ||
| 11632 | WEB-ACTIVEX LeadTools Raster Dialog File Object ActiveX function call access (more info ...) | attempted-user | 24133 | URL | ||
| 11633 | WEB-ACTIVEX LeadTools Raster Dialog File Object ActiveX function call unicode access (more info ...) | attempted-user | 24133 | URL | ||
| 11634 | WEB-ACTIVEX LeadTools Raster Dialog File_D Object ActiveX clsid access (more info ...) | attempted-user | 24153 | URL | ||
| 11635 | WEB-ACTIVEX LeadTools Raster Dialog File_D Object ActiveX clsid unicode access (more info ...) | attempted-user | 24153 | URL | ||
| 11636 | WEB-ACTIVEX LeadTools Raster Dialog File_D Object ActiveX function call access (more info ...) | attempted-user | 24153 | URL | ||
| 11637 | WEB-ACTIVEX LeadTools Raster Dialog File_D Object ActiveX function call unicode access (more info ...) | attempted-user | 24153 | URL | ||
| 11638 | WEB-ACTIVEX LeadTools Raster Document Object Library ActiveX clsid access (more info ...) | attempted-user | 24179 | URL | ||
| 11639 | WEB-ACTIVEX LeadTools Raster Document Object Library ActiveX clsid unicode access (more info ...) | attempted-user | 24179 | URL | ||
| 11640 | WEB-ACTIVEX LeadTools Raster Document Object Library ActiveX function call access (more info ...) | attempted-user | 24179 | URL | ||
| 11641 | WEB-ACTIVEX LeadTools Raster Document Object Library ActiveX function call unicode access (more info ...) | attempted-user | 24179 | URL | ||
| 11642 | WEB-ACTIVEX LeadTools Raster ISIS Object ActiveX clsid access (more info ...) | attempted-user | 24193 | URL | ||
| 11643 | WEB-ACTIVEX LeadTools Raster ISIS Object ActiveX clsid unicode access (more info ...) | attempted-user | 24193 | URL | ||
| 11644 | WEB-ACTIVEX LeadTools Raster ISIS Object ActiveX function call access (more info ...) | attempted-user | 24193 | URL | ||
| 11645 | WEB-ACTIVEX LeadTools Raster ISIS Object ActiveX function call unicode access (more info ...) | attempted-user | 24193 | URL | ||
| 11646 | WEB-ACTIVEX LeadTools Raster Thumbnail Object Library ActiveX clsid access (more info ...) | attempted-user | 24057 | URL | ||
| 11647 | WEB-ACTIVEX LeadTools Raster Thumbnail Object Library ActiveX clsid unicode access (more info ...) | attempted-user | 24057 | URL | ||
| 11648 | WEB-ACTIVEX LeadTools Raster Thumbnail Object Library ActiveX function call access (more info ...) | attempted-user | 24057 | URL | ||
| 11649 | WEB-ACTIVEX LeadTools Raster Thumbnail Object Library ActiveX function call unicode access (more info ...) | attempted-user | 24057 | URL | ||
| 11650 | WEB-ACTIVEX LeadTools Raster Variant Object Library ActiveX clsid access (more info ...) | attempted-user | 24075 | URL | ||
| 11651 | WEB-ACTIVEX LeadTools Raster Variant Object Library ActiveX clsid unicode access (more info ...) | attempted-user | 24075 | URL | ||
| 11652 | WEB-ACTIVEX LeadTools Raster Variant Object Library ActiveX function call access (more info ...) | attempted-user | 24075 | URL | ||
| 11653 | WEB-ACTIVEX LeadTools Raster Variant Object Library ActiveX function call unicode access (more info ...) | attempted-user | 24075 | URL | ||
| 11654 | WEB-ACTIVEX LeadTools Thumbnail Browser Control ActiveX clsid access (more info ...) | attempted-user | 24053 | URL | ||
| 11655 | WEB-ACTIVEX LeadTools Thumbnail Browser Control ActiveX clsid unicode access (more info ...) | attempted-user | 24053 | URL | ||
| 11656 | WEB-ACTIVEX LeadTools Thumbnail Browser Control ActiveX function call access (more info ...) | attempted-user | 24053 | URL | ||
| 11657 | WEB-ACTIVEX LeadTools Thumbnail Browser Control ActiveX function call unicode access (more info ...) | attempted-user | 24053 | URL | ||
| 11658 | WEB-ACTIVEX Dart ZipLite Compression ActiveX clsid access (more info ...) | attempted-user | 24099 | URL | ||
| 11659 | WEB-ACTIVEX Dart ZipLite Compression ActiveX clsid unicode access (more info ...) | attempted-user | 24099 | URL | ||
| 11673 | WEB-ACTIVEX Zenturi ProgramChecker ActiveX clsid access (more info ...) | attempted-user | 2007-3703 | 24883 | ||
| 11674 | WEB-ACTIVEX Zenturi ProgramChecker ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3703 | 24883 | ||
| 11675 | WEB-ACTIVEX Zenturi ProgramChecker ActiveX function call access (more info ...) | attempted-user | 2007-3703 | 24883 | ||
| 11676 | WEB-ACTIVEX Zenturi ProgramChecker ActiveX function call unicode access (more info ...) | attempted-user | 2007-3703 | 24883 | ||
| 11677 | WEB-ACTIVEX Provideo Camimage Class ISSCamControl ActiveX clsid access (more info ...) | attempted-user | 24279 | |||
| 11678 | WEB-ACTIVEX Provideo Camimage Class ISSCamControl ActiveX clsid unicode access (more info ...) | attempted-user | 24279 | |||
| 11684 | EXPLOIT WINS overflow attempt (more info ...) | misc-attack | 2004-0567 | 11922 | URL | |
| 11816 | NETBIOS Session Service NetDDE attack (more info ...) | attempted-admin | 2004-0206 | 11372 | ||
| 11818 | WEB-ACTIVEX Yahoo Webcam Viewer Wrapper ActiveX clsid access (more info ...) | attempted-user | 2007-3148 | 24341 | URL | |
| 11819 | WEB-ACTIVEX Yahoo Webcam Viewer Wrapper ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3148 | 24341 | URL | |
| 11820 | WEB-ACTIVEX Yahoo Webcam Viewer Wrapper ActiveX function call access (more info ...) | attempted-user | 2007-3148 | 24341 | URL | |
| 11821 | WEB-ACTIVEX Yahoo Webcam Viewer Wrapper ActiveX function call unicode access (more info ...) | attempted-user | 2007-3148 | 24341 | URL | |
| 11826 | WEB-ACTIVEX Microsoft Voice Control ActiveX clsid access (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11827 | WEB-ACTIVEX Microsoft Voice Control ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11828 | WEB-ACTIVEX Microsoft Voice Control ActiveX function call access (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11829 | WEB-ACTIVEX Microsoft Voice Control ActiveX function call unicode access (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11830 | WEB-ACTIVEX Microsoft Direct Speech Recognition ActiveX clsid access (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11831 | WEB-ACTIVEX Microsoft Direct Speech Recognition ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11832 | WEB-ACTIVEX Microsoft Direct Speech Recognition ActiveX function call access (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11833 | WEB-ACTIVEX Microsoft Direct Speech Recognition ActiveX function call unicode access (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11839 | WEB-ACTIVEX TEC-IT TBarCode ActiveX clsid access (more info ...) | attempted-user | 24440 | |||
| 11840 | WEB-ACTIVEX TEC-IT TBarCode ActiveX clsid unicode access (more info ...) | attempted-user | 24440 | |||
| 11841 | WEB-ACTIVEX TEC-IT TBarCode ActiveX function call access (more info ...) | attempted-user | 24440 | |||
| 11842 | WEB-ACTIVEX TEC-IT TBarCode ActiveX function call unicode access (more info ...) | attempted-user | 24440 | |||
| 11843 | NETBIOS DCERPC NCACN-IP-TCP spoolss AddPrinter overflow attempt (more info ...) | attempted-admin | 2005-1984 | 14514 | URL | |
| 11939 | WEB-ACTIVEX Westbyte Internet Download Accelerator ActiveX clsid unicode access (more info ...) | attempted-user | 24400 | |||
| 11940 | WEB-ACTIVEX Westbyte Internet Download Accelerator ActiveX function call access (more info ...) | attempted-user | 24400 | |||
| 11941 | WEB-ACTIVEX Westbyte Internet Download Accelerator ActiveX function call unicode access (more info ...) | attempted-user | 24400 | |||
| 11942 | WEB-ACTIVEX Westbyte internet download accelerator ActiveX clsid access (more info ...) | attempted-user | 24400 | |||
| 11943 | WEB-ACTIVEX HP ModemUtil ActiveX clsid access (more info ...) | attempted-user | ||||
| 11944 | WEB-ACTIVEX HP ModemUtil ActiveX clsid unicode access (more info ...) | attempted-user | ||||
| 11945 | NETBIOS SMB Trans2 OPEN2 maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11946 | NETBIOS Datagram Service NetDDE attack (more info ...) | attempted-admin | 2004-0206 | 11372 | ||
| 11951 | BACKDOOR winshadow runtime detection - init connection request (more info ...) | trojan-activity | URL | |||
| 11952 | BACKDOOR winshadow runtime detection - udp response (more info ...) | trojan-activity | URL | |||
| 11955 | NETBIOS SMB-DS Trans2 OPEN2 maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11956 | NETBIOS SMB-DS Trans2 OPEN2 unicode maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11957 | NETBIOS-DG SMB Trans2 OPEN2 maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11958 | NETBIOS-DG SMB Trans2 OPEN2 unicode maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11959 | NETBIOS SMB Trans2 OPEN2 andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11960 | NETBIOS SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11961 | NETBIOS SMB-DS Trans2 OPEN2 andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11962 | NETBIOS SMB-DS Trans2 OPEN2 unicode andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11963 | NETBIOS-DG SMB Trans2 OPEN2 andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11964 | NETBIOS-DG SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 12015 | WEB-ACTIVEX NCTAudioStudio2 NCT WavChunksEditor ActiveX clsid access (more info ...) | attempted-user | 24656 | URL | ||
| 12016 | WEB-ACTIVEX NCTAudioStudio2 NCT WavChunksEditor ActiveX clsid unicode access (more info ...) | attempted-user | 24656 | URL | ||
| 12017 | WEB-ACTIVEX NCTAudioStudio2 NCT WavChunksEditor ActiveX function call access (more info ...) | attempted-user | 24656 | URL | ||
| 12018 | WEB-ACTIVEX NCTAudioStudio2 NCT WavChunksEditor ActiveX function call unicode access (more info ...) | attempted-user | 24656 | URL | ||
| 12019 | WEB-ACTIVEX NCTsoft NCTAudioFile2 NCTWMAFile ActiveX clsid access (more info ...) | attempted-user | 24613 | URL | ||
| 12020 | WEB-ACTIVEX NCTsoft NCTAudioFile2 NCTWMAFile ActiveX clsid unicode access (more info ...) | attempted-user | 24613 | URL | ||
| 12021 | WEB-ACTIVEX NCTsoft NCTAudioFile2 NCTWMAFile ActiveX function call access (more info ...) | attempted-user | 24613 | URL | ||
| 12022 | WEB-ACTIVEX NCTsoft NCTAudioFile2 NCTWMAFile ActiveX function call unicode access (more info ...) | attempted-user | 24613 | URL | ||
| 12029 | WEB-ACTIVEX HP Digital Imaging hpqxml.dll ActiveX clsid access (more info ...) | attempted-user | 2007-3487 | 24678 | URL | |
| 12030 | WEB-ACTIVEX HP Digital Imaging hpqxml.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3487 | 24678 | URL | |
| 12058 | SPECIFIC-THREATS Microsoft SPNEGO ASN.1 library heap corruption overflow attempt (more info ...) | attempted-admin | 2003-0818 | 9633 | URL | |
| 12062 | WEB-ACTIVEX HP Instant Support ActiveX clsid access (more info ...) | attempted-user | 2007-3554 | 24730 | URL | |
| 12063 | WEB-ACTIVEX HP Instant Support ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3554 | 24730 | URL | |
| 12083 | WEB-ACTIVEX Data Dynamics ActiveBar Actbar3 ActiveX clsid access (more info ...) | attempted-user | 2007-3883 | 24959 | ||
| 12084 | WEB-ACTIVEX Data Dynamics ActiveBar Actbar3 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3883 | 24959 | ||
| 12085 | WEB-ACTIVEX Data Dynamics ActiveBar Actbar3 ActiveX function call access (more info ...) | attempted-user | 2007-3883 | 24959 | ||
| 12086 | WEB-ACTIVEX Data Dynamics ActiveBar Actbar3 ActiveX function call unicode access (more info ...) | attempted-user | 2007-3883 | 24959 | ||
| 12087 | WEB-ACTIVEX McAfee NeoTrace ActiveX clsid access (more info ...) | attempted-user | 2006-6707 | 21697 | ||
| 12088 | WEB-ACTIVEX McAfee NeoTrace ActiveX clsid unicode access (more info ...) | attempted-user | 2006-6707 | 21697 | ||
| 12089 | WEB-ACTIVEX McAfee NeoTrace ActiveX function call access (more info ...) | attempted-user | 2006-6707 | 21697 | ||
| 12090 | WEB-ACTIVEX McAfee NeoTrace ActiveX function call unicode access (more info ...) | attempted-user | 2006-6707 | 21697 | ||
| 12091 | WEB-ACTIVEX EldoS SecureBlackbox PGPBBox ActiveX clsid access (more info ...) | attempted-user | 2007-3785 | 24882 | ||
| 12092 | WEB-ACTIVEX EldoS SecureBlackbox PGPBBox ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3785 | 24882 | ||
| 12093 | WEB-ACTIVEX EldoS SecureBlackbox PGPBBox ActiveX function call access (more info ...) | attempted-user | 2007-3785 | 24882 | ||
| 12094 | WEB-ACTIVEX EldoS SecureBlackbox PGPBBox ActiveX function call unicode access (more info ...) | attempted-user | 2007-3785 | 24882 | ||
| 12100 | NETBIOS DCERPC NCACN-IP-TCP ca-alert function 16,23 overflow attempt (more info ...) | attempted-admin | 2007-3825 | 24947 | URL | |
| 12116 | WEB-ACTIVEX Zenturi ProgramChecker SASATL ActiveX clsid access (more info ...) | attempted-user | 2007-3984 | 25025 | ||
| 12117 | WEB-ACTIVEX Zenturi ProgramChecker SASATL ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3984 | 25025 | ||
| 12118 | WEB-ACTIVEX Zenturi ProgramChecker SASATL ActiveX function call access (more info ...) | attempted-user | 2007-3984 | 25025 | ||
| 12119 | WEB-ACTIVEX Zenturi ProgramChecker SASATL ActiveX function call unicode access (more info ...) | attempted-user | 2007-3984 | 25025 | ||
| 12145 | BACKDOOR access remote pc runtime detection - rpc setup (more info ...) | trojan-activity | URL | |||
| 12168 | WEB-ACTIVEX Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX clsid access (more info ...) | attempted-user | 2007-3302 | 25050 | URL | |
| 12169 | WEB-ACTIVEX Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3302 | 25050 | URL | |
| 12185 | RPC portmap 2112 tcp request (more info ...) | rpc-portmap-decode | 2007-2798 | 24653 | URL | |
| 12186 | RPC portmap 2112 udp request (more info ...) | rpc-portmap-decode | 2007-2798 | 24653 | URL | |
| 12189 | WEB-ACTIVEX Clever Internet Suite ActiveX clsid access (more info ...) | attempted-user | 2007-4067 | 25063 | ||
| 12190 | WEB-ACTIVEX Clever Internet Suite ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4067 | 25063 | ||
| 12191 | WEB-ACTIVEX Clever Internet Suite ActiveX function call access (more info ...) | attempted-user | 2007-4067 | 25063 | ||
| 12192 | WEB-ACTIVEX Clever Internet Suite ActiveX function call unicode access (more info ...) | attempted-user | 2007-4067 | 25063 | ||
| 12193 | WEB-ACTIVEX Yahoo Widgets Engine ActiveX clsid access (more info ...) | attempted-user | 2007-4034 | 25086 | URL | |
| 12194 | WEB-ACTIVEX Yahoo Widgets Engine ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4034 | 25086 | URL | |
| 12195 | WEB-ACTIVEX Yahoo Widgets Engine ActiveX function call access (more info ...) | attempted-user | 2007-4034 | 25086 | URL | |
| 12196 | WEB-ACTIVEX Yahoo Widgets Engine ActiveX function call unicode access (more info ...) | attempted-user | 2007-4034 | 25086 | URL | |
| 12200 | WEB-ACTIVEX VMWare IntraProcessLogging ActiveX clsid access (more info ...) | attempted-user | 2007-4059 | 25110 | ||
| 12201 | WEB-ACTIVEX VMWare IntraProcessLogging ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4059 | 25110 | ||
| 12203 | WEB-ACTIVEX VMWare Vielib.dll ActiveX clsid access (more info ...) | attempted-user | 2007-4058 | 25118 | ||
| 12204 | WEB-ACTIVEX VMWare Vielib.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4058 | 25118 | ||
| 12205 | WEB-ACTIVEX VMWare Vielib.dll ActiveX function call access (more info ...) | attempted-user | 2007-4058 | 25118 | ||
| 12206 | WEB-ACTIVEX VMWare Vielib.dll ActiveX function call unicode access (more info ...) | attempted-user | 2007-4058 | 25118 | ||
| 12207 | WEB-ACTIVEX Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX function call access (more info ...) | attempted-user | 2007-3302 | 25050 | URL | |
| 12208 | WEB-ACTIVEX Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX function call unicode access (more info ...) | attempted-user | 2007-3302 | 25050 | URL | |
| 12246 | WEB-ACTIVEX Symantec NavComUI AxSysListView32 ActiveX clsid access (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12247 | WEB-ACTIVEX Symantec NavComUI AxSysListView32 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12248 | WEB-ACTIVEX Symantec NavComUI AxSysListView32 ActiveX function call access (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12249 | WEB-ACTIVEX Symantec NavComUI AxSysListView32 ActiveX function call unicode access (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12250 | WEB-ACTIVEX Symantec NavComUI AxSysListView32OAA ActiveX clsid access (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12251 | WEB-ACTIVEX Symantec NavComUI AxSysListView32OAA ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12252 | WEB-ACTIVEX Symantec NavComUI AxSysListView32OAA ActiveX function call access (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12253 | WEB-ACTIVEX Symantec NavComUI AxSysListView32OAA ActiveX function call unicode access (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12257 | WEB-ACTIVEX Microsoft DirectX Media SDK ActiveX clsid access (more info ...) | attempted-user | 2007-4336 | 25279 | ||
| 12258 | WEB-ACTIVEX Microsoft DirectX Media SDK ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4336 | 25279 | ||
| 12259 | WEB-ACTIVEX Microsoft DirectX Media SDK ActiveX function call access (more info ...) | attempted-user | 2007-4336 | 25279 | ||
| 12260 | WEB-ACTIVEX Microsoft DirectX Media SDK ActiveX function call unicode access (more info ...) | attempted-user | 2007-4336 | 25279 | ||
| 12277 | EXPLOIT Microsoft IE CSS memory corruption exploit (more info ...) | attempted-user | 2007-0943 | URL | ||
| 12301 | WEB-ACTIVEX eCentrex VOIP Client Module ActiveX clsid access (more info ...) | attempted-user | 2007-4489 | 25383 | URL | |
| 12302 | WEB-ACTIVEX eCentrex VOIP Client Module ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4489 | 25383 | URL | |
| 12380 | WEB-ACTIVEX Oracle JInitiator ActiveX clsid access (more info ...) | attempted-user | 2007-4467 | 25473 | ||
| 12381 | WEB-ACTIVEX Oracle JInitiator ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4467 | 25473 | ||
| 12382 | WEB-ACTIVEX EasyMail Objects ActiveX clsid access (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 12383 | WEB-ACTIVEX EasyMail Objects ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 12384 | WEB-ACTIVEX Yahoo Messenger YVerInfo ActiveX clsid access (more info ...) | attempted-user | 2007-4515 | 25494 | URL | |
| 12385 | WEB-ACTIVEX Yahoo Messenger YVerInfo ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4515 | 25494 | URL | |
| 12386 | WEB-ACTIVEX Yahoo Messenger YVerInfo ActiveX function call access (more info ...) | attempted-user | 2007-4515 | 25494 | URL | |
| 12387 | WEB-ACTIVEX Yahoo Messenger YVerInfo ActiveX function call unicode access (more info ...) | attempted-user | 2007-4515 | 25494 | URL | |
| 12388 | WEB-ACTIVEX PPStream PowerPlayer ActiveX clsid access (more info ...) | attempted-user | 2007-4748 | 25502 | ||
| 12389 | WEB-ACTIVEX PPStream PowerPlayer ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4748 | 25502 | ||
| 12413 | WEB-ACTIVEX Earth Resource Mapper NCSView ActiveX clsid access (more info ...) | attempted-user | 2007-4470 | 25584 | ||
| 12414 | WEB-ACTIVEX Earth Resource Mapper NCSView ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4470 | 25584 | ||
| 12415 | WEB-ACTIVEX Earth Resource Mapper NCSView ActiveX function call access (more info ...) | attempted-user | 2007-4470 | 25584 | ||
| 12416 | WEB-ACTIVEX Earth Resource Mapper NCSView ActiveX function call unicode access (more info ...) | attempted-user | 2007-4470 | 25584 | ||
| 12428 | WEB-ACTIVEX GlobalLink glitemflat.dll ActiveX clsid access (more info ...) | attempted-user | 25586 | |||
| 12429 | WEB-ACTIVEX GlobalLink glitemflat.dll ActiveX clsid unicode access (more info ...) | attempted-user | 25586 | |||
| 12434 | WEB-ACTIVEX BaoFeng Storm MPS.dll ActiveX clsid access (more info ...) | attempted-user | 2009-1612 | 25601 | ||
| 12435 | WEB-ACTIVEX BaoFeng Storm MPS.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2009-1612 | 25601 | ||
| 12438 | WEB-ACTIVEX Ultra Crypto Component CryptoX.dll ActiveX clsid access (more info ...) | attempted-user | 25609 | URL | ||
| 12439 | WEB-ACTIVEX Ultra Crypto Component CryptoX.dll ActiveX clsid unicode access (more info ...) | attempted-user | 25609 | URL | ||
| 12440 | WEB-ACTIVEX Ultra Crypto Component CryptoX.dll ActiveX function call access (more info ...) | attempted-user | 25609 | URL | ||
| 12441 | WEB-ACTIVEX Ultra Crypto Component CryptoX.dll ActiveX function call unicode access (more info ...) | attempted-user | 25609 | URL | ||
| 12442 | WEB-ACTIVEX Ultra Crypto Component CryptoX.dll 2 ActiveX clsid access (more info ...) | attempted-user | 25611 | URL | ||
| 12443 | WEB-ACTIVEX Ultra Crypto Component CryptoX.dll 2 ActiveX clsid unicode access (more info ...) | attempted-user | 25611 | URL | ||
| 12448 | WEB-ACTIVEX Microsoft Agent Control ActiveX clsid access (more info ...) | attempted-user | 2007-3040 | 25566 | URL | |
| 12449 | WEB-ACTIVEX Microsoft Agent Control ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3040 | 25566 | URL | |
| 12450 | WEB-ACTIVEX Microsoft Agent Control ActiveX function call access (more info ...) | attempted-user | 2007-3040 | 25566 | URL | |
| 12451 | WEB-ACTIVEX Microsoft Agent Control ActiveX function call unicode access (more info ...) | attempted-user | 2007-3040 | 25566 | URL | |
| 12452 | WEB-ACTIVEX MS Agent File Provider ActiveX clsid access (more info ...) | attempted-user | 2007-3040 | 25566 | URL | |
| 12453 | WEB-ACTIVEX MS Agent File Provider ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3040 | 25566 | URL | |
| 12458 | RPC portmap Solaris sadmin port query tcp request (more info ...) | rpc-portmap-decode | 2003-0722 | 8615 | ||
| 12459 | WEB-ACTIVEX Microsoft Visual Studio 6 PDWizard.ocx ActiveX clsid access (more info ...) | attempted-user | 2007-4891 | 25638 | ||
| 12460 | WEB-ACTIVEX Microsoft Visual Studio 6 PDWizard.ocx ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4891 | 25638 | ||
| 12461 | WEB-ACTIVEX Microsoft Visual Studio 6 VBTOVSI.dll ActiveX clsid access (more info ...) | attempted-user | 2007-4890 | 25635 | ||
| 12462 | WEB-ACTIVEX Microsoft Visual Studio 6 VBTOVSI.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4890 | 25635 | ||
| 12468 | WEB-ACTIVEX COWON America JetAudio JetFlExt.dll ActiveX clsid access (more info ...) | attempted-user | 2007-4983 | 25723 | ||
| 12469 | WEB-ACTIVEX COWON America JetAudio JetFlExt.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4983 | 25723 | ||
| 12470 | WEB-ACTIVEX COWON America JetAudio JetFlExt.dll ActiveX function call access (more info ...) | attempted-user | 2007-4983 | 25723 | ||
| 12471 | WEB-ACTIVEX COWON America JetAudio JetFlExt.dll ActiveX function call unicode access (more info ...) | attempted-user | 2007-4983 | 25723 | ||
| 12476 | WEB-ACTIVEX Yahoo Messenger CYFT ActiveX clsid access (more info ...) | attempted-user | 2007-5017 | 25727 | ||
| 12477 | WEB-ACTIVEX Yahoo Messenger CYFT ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5017 | 25727 | ||
| 12478 | WEB-ACTIVEX Yahoo Messenger CYFT ActiveX function call access (more info ...) | attempted-user | 2007-5017 | 25727 | ||
| 12479 | WEB-ACTIVEX Yahoo Messenger CYFT ActiveX function call unicode access (more info ...) | attempted-user | 2007-5017 | 25727 | ||
| 12598 | WEB-ACTIVEX Xunlei Web Thunder ActiveX clsid access (more info ...) | attempted-user | 2007-5064 | 25751 | ||
| 12599 | WEB-ACTIVEX Xunlei Web Thunder ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5064 | 25751 | ||
| 12600 | WEB-ACTIVEX ebCrypt IncrementalHash ActiveX clsid access (more info ...) | attempted-user | 2007-5111 | 25789 | ||
| 12601 | WEB-ACTIVEX ebCrypt IncrementalHash ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5111 | 25789 | ||
| 12602 | WEB-ACTIVEX ebCrypt IncrementalHash ActiveX function call access (more info ...) | attempted-user | 2007-5111 | 25789 | ||
| 12603 | WEB-ACTIVEX ebCrypt IncrementalHash ActiveX function call unicode access (more info ...) | attempted-user | 2007-5111 | 25789 | ||
| 12604 | WEB-ACTIVEX ebCrypt PRNGenerator ActiveX clsid access (more info ...) | attempted-user | 2007-5110 | 25787 | ||
| 12605 | WEB-ACTIVEX ebCrypt PRNGenerator ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5110 | 25787 | ||
| 12606 | WEB-ACTIVEX ebCrypt PRNGenerator ActiveX function call access (more info ...) | attempted-user | 2007-5110 | 25787 | ||
| 12607 | WEB-ACTIVEX ebCrypt PRNGenerator ActiveX function call unicode access (more info ...) | attempted-user | 2007-5110 | 25787 | ||
| 12608 | RPC portmap walld udp request (more info ...) | rpc-portmap-decode | 2002-0573 | 4639 | ||
| 12609 | RPC portmap walld udp format string attack attempt (more info ...) | rpc-portmap-decode | 2002-0573 | 4639 | ||
| 12616 | WEB-ACTIVEX Microsoft Visual Studio 6 PDWizard.ocx ActiveX function call access (more info ...) | attempted-user | 2007-4891 | 25638 | ||
| 12617 | WEB-ACTIVEX Microsoft Visual Studio 6 PDWizard.ocx ActiveX function call unicode access (more info ...) | attempted-user | 2007-4891 | 25638 | ||
| 12626 | RPC portmap Solaris sadmin port query udp request (more info ...) | rpc-portmap-decode | 2003-0722 | 8615 | ||
| 12627 | RPC portmap Solaris sadmin port query tcp portmapper sadmin port query attempt (more info ...) | rpc-portmap-decode | 2003-0722 | 8615 | ||
| 12628 | RPC portmap Solaris sadmin port query udp portmapper sadmin port query attempt (more info ...) | rpc-portmap-decode | 2003-0722 | 8615 | ||
| 12631 | EXPLOIT Microsoft Kodak Imaging small offset malformed jpeg tables (more info ...) | attempted-user | 2007-2217 | URL | ||
| 12632 | EXPLOIT Microsoft Kodak Imaging large offset malformed jpeg tables (more info ...) | attempted-user | 2007-2217 | URL | ||
| 12635 | DOS RPC NTLMSSP malformed credentials (more info ...) | denial-of-service | 2007-2228 | URL | ||
| 12637 | WEB-ACTIVEX Kaspersky Online Scanner KAVWebScan.dll ActiveX clsid access (more info ...) | attempted-user | 2007-3675 | 26004 | ||
| 12638 | WEB-ACTIVEX Kaspersky Online Scanner KAVWebScan.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3675 | 26004 | ||
| 12639 | WEB-ACTIVEX Kaspersky Online Scanner KAVWebScan.dll ActiveX function call access (more info ...) | attempted-user | 2007-3675 | 26004 | ||
| 12640 | WEB-ACTIVEX Kaspersky Online Scanner KAVWebScan.dll ActiveX function call unicode access (more info ...) | attempted-user | 2007-3675 | 26004 | ||
| 12642 | DOS RPC NTLMSSP malformed credentials (more info ...) | denial-of-service | 2007-2228 | URL | ||
| 12644 | WEB-ACTIVEX PBEmail7 ActiveX clsid access (more info ...) | attempted-user | 2007-5446 | 26058 | ||
| 12645 | WEB-ACTIVEX PBEmail7 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5446 | 26058 | ||
| 12646 | WEB-ACTIVEX PBEmail7 ActiveX function call access (more info ...) | attempted-user | 2007-5446 | 26058 | ||
| 12647 | WEB-ACTIVEX PBEmail7 ActiveX function call unicode access (more info ...) | attempted-user | 2007-5446 | 26058 | ||
| 12648 | WEB-ACTIVEX DB Software Laboratory VImpX ActiveX clsid access (more info ...) | attempted-user | 2007-5445 | 26064 | ||
| 12649 | WEB-ACTIVEX DB Software Laboratory VImpX ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5445 | 26064 | ||
| 12650 | WEB-ACTIVEX DB Software Laboratory VImpX ActiveX function call access (more info ...) | attempted-user | 2007-5445 | 26064 | ||
| 12651 | WEB-ACTIVEX DB Software Laboratory VImpX ActiveX function call unicode access (more info ...) | attempted-user | 2007-5445 | 26064 | ||
| 12689 | WEB-ACTIVEX GlobalLink ConnectAndEnterRoom ActiveX clsid access (more info ...) | attempted-user | 2007-5722 | 26244 | ||
| 12690 | WEB-ACTIVEX GlobalLink ConnectAndEnterRoom ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5722 | 26244 | ||
| 12714 | WEB-ACTIVEX WebEx GPCContainer ActiveX clsid access (more info ...) | attempted-user | 2007-6005 | 26430 | ||
| 12715 | WEB-ACTIVEX WebEx GPCContainer ActiveX clsid unicode access (more info ...) | attempted-user | 2007-6005 | 26430 | ||
| 12716 | WEB-ACTIVEX WebEx GPCContainer ActiveX function call access (more info ...) | attempted-user | 2007-6005 | 26430 | ||
| 12717 | WEB-ACTIVEX WebEx GPCContainer ActiveX function call unicode access (more info ...) | attempted-user | 2007-6005 | 26430 | ||
| 12729 | WEB-ACTIVEX AOL Radio AmpX ActiveX clsid access (more info ...) | attempted-user | 2007-5755 | 26396 | ||
| 12730 | WEB-ACTIVEX AOL Radio AmpX ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5755 | 26396 | ||
| 12731 | WEB-ACTIVEX AOL Radio AmpX ActiveX function call access (more info ...) | attempted-user | 2007-5755 | 35028 | ||
| 12732 | WEB-ACTIVEX AOL Radio AmpX ActiveX function call unicode access (more info ...) | attempted-user | 2007-5755 | 26396 | ||
| 12733 | WEB-ACTIVEX ComponentOne FlexGrid ActiveX clsid access (more info ...) | attempted-user | 2007-6028 | 26467 | ||
| 12734 | WEB-ACTIVEX ComponentOne FlexGrid ActiveX clsid unicode access (more info ...) | attempted-user | 2007-6028 | 26467 | ||
| 12735 | WEB-ACTIVEX ComponentOne FlexGrid ActiveX function call access (more info ...) | attempted-user | 2007-6028 | 26467 | ||
| 12736 | WEB-ACTIVEX ComponentOne FlexGrid ActiveX function call unicode access (more info ...) | attempted-user | 2007-6028 | 26467 | ||
| 12737 | WEB-ACTIVEX Xunlei Thunder PPLAYER.DLL ActiveX clsid access (more info ...) | attempted-user | 2007-6144 | 26536 | ||
| 12738 | WEB-ACTIVEX Xunlei Thunder PPLAYER.DLL ActiveX clsid unicode access (more info ...) | attempted-user | 2007-6144 | 26536 | ||
| 12739 | WEB-ACTIVEX Xunlei Thunder PPLAYER.DLL ActiveX function call access (more info ...) | attempted-user | 2007-6144 | 26536 | ||
| 12740 | WEB-ACTIVEX Xunlei Thunder PPLAYER.DLL ActiveX function call unicode access (more info ...) | attempted-user | 2007-6144 | 26536 | ||
| 12747 | WEB-ACTIVEX BitDefender Online Scanner ActiveX clsid access (more info ...) | attempted-user | 2007-5775 | 26210 | ||
| 12748 | WEB-ACTIVEX BitDefender Online Scanner ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5775 | 26210 | ||
| 12749 | WEB-ACTIVEX BitDefender Online Scanner ActiveX function call access (more info ...) | attempted-user | 2007-5775 | 26210 | ||
| 12750 | WEB-ACTIVEX BitDefender Online Scanner ActiveX function call unicode access (more info ...) | attempted-user | 2007-5775 | 26210 | ||
| 12780 | WEB-ACTIVEX Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access (more info ...) | attempted-user | 27577 | URL | ||
| 12781 | WEB-ACTIVEX Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid unicode access (more info ...) | attempted-user | 27577 | URL | ||
| 12782 | WEB-ACTIVEX Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access (more info ...) | attempted-user | 27577 | URL | ||
| 12783 | WEB-ACTIVEX Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call unicode access (more info ...) | attempted-user | 27577 | URL | ||
| 12905 | SPECIFIC-THREATS Microsoft SPNEGO ASN.1 library heap corruption overflow attempt (more info ...) | attempted-admin | 2003-0818 | 9633 | URL | |
| 12940 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc2 CA call 269 overflow attempt (more info ...) | attempted-admin | 2007-5327 | 26015 | ||
| 12977 | NETBIOS DCERPC NCACN-IP-TCP mqqm QMCreateObjectInternal overflow attempt (more info ...) | attempted-admin | 2007-3039 | URL | ||
| 12978 | NETBIOS DCERPC NCADG-IP-UDP mqqm QMCreateObjectInternal overflow attempt (more info ...) | attempted-admin | 2007-3039 | URL | ||
| 12984 | NETBIOS DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity integer overflow attempt (more info ...) | protocol-command-decode | 2007-2446 | 24196 | ||
| 12985 | NETBIOS DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt (more info ...) | protocol-command-decode | 2007-2446 | 24196 | ||
| 13210 | NETBIOS DCERPC NCACN-IP-TCP mqqm QMObjectPathToObjectFormat overflow attempt (more info ...) | attempted-admin | 2007-3039 | URL | ||
| 13211 | NETBIOS DCERPC NCADG-IP-UDP mqqm QMObjectPathToObjectFormat overflow attempt (more info ...) | attempted-admin | 2007-3039 | URL | ||
| 13228 | WEB-ACTIVEX HP eSupportDiagnostics 1 ActiveX clsid access (more info ...) | attempted-user | 26967 | URL | ||
| 13229 | WEB-ACTIVEX HP eSupportDiagnostics 1 ActiveX clsid unicode access (more info ...) | attempted-user | 26967 | URL | ||
| 13230 | WEB-ACTIVEX HP eSupportDiagnostics 2 ActiveX clsid access (more info ...) | attempted-user | 26967 | URL | ||
| 13231 | WEB-ACTIVEX HP eSupportDiagnostics 2 ActiveX clsid unicode access (more info ...) | attempted-user | 26967 | URL | ||
| 13232 | WEB-ACTIVEX Persits Software XUpload ActiveX clsid access (more info ...) | attempted-user | 2009-3693 | 36550 | ||
| 13233 | WEB-ACTIVEX Persits Software XUpload ActiveX clsid unicode access (more info ...) | attempted-user | 2009-3693 | 36550 | ||
| 13234 | WEB-ACTIVEX Persits Software XUpload ActiveX function call access (more info ...) | attempted-user | 2009-3693 | 36550 | ||
| 13235 | WEB-ACTIVEX Persits Software XUpload ActiveX function call unicode access (more info ...) | attempted-user | 2009-3693 | 36550 | ||
| 13434 | WEB-ACTIVEX Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (more info ...) | attempted-user | 27577 | URL | ||
| 13435 | WEB-ACTIVEX Aurigma Image Uploader 4 Property Overflows ActiveX clsid unicode access (more info ...) | attempted-user | 27577 | URL | ||
| 13436 | WEB-ACTIVEX Aurigma Image Uploader 4 Property Overflows ActiveX function call access (more info ...) | attempted-user | 27577 | URL | ||
| 13437 | WEB-ACTIVEX Aurigma Image Uploader 4 Property Overflows ActiveX function call unicode access (more info ...) | attempted-user | 27577 | URL | ||
| 13438 | WEB-ACTIVEX Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (more info ...) | attempted-user | 27577 | URL | ||
| 13439 | WEB-ACTIVEX Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid unicode access (more info ...) | attempted-user | 27577 | URL | ||
| 13440 | WEB-ACTIVEX Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (more info ...) | attempted-user | 27577 | URL | ||
| 13441 | WEB-ACTIVEX Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call unicode access (more info ...) | attempted-user | 27577 | URL | ||
| 13442 | WEB-ACTIVEX Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (more info ...) | attempted-user | 27577 | URL | ||
| 13443 | WEB-ACTIVEX Aurigma Image Uploader 5 Property Overflows ActiveX clsid unicode access (more info ...) | attempted-user | 27577 | URL | ||
| 13444 | WEB-ACTIVEX Aurigma Image Uploader 5 Property Overflows ActiveX function call access (more info ...) | attempted-user | 27577 | URL | ||
| 13445 | WEB-ACTIVEX Aurigma Image Uploader 5 Property Overflows ActiveX function call unicode access (more info ...) | attempted-user | 27577 | URL | ||
| 13451 | WEB-ACTIVEX Microsoft Visual FoxPro foxtlib ActiveX clsid access (more info ...) | attempted-user | 2007-5322 | 25977 | URL | |
| 13452 | WEB-ACTIVEX Microsoft Visual FoxPro foxtlib ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5322 | 25977 | URL | |
| 13454 | WEB-CLIENT Microsoft DXLUTBuilder ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0078 | URL | ||
| 13456 | WEB-CLIENT Microsoft DXLUTBuilder ActiveX function call unicode access (more info ...) | attempted-user | 2008-0078 | URL | ||
| 13458 | WEB-ACTIVEX Microsoft Forms 2.0 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0065 | URL | ||
| 13460 | WEB-ACTIVEX Microsoft Forms 2.0 ActiveX function call unicode access (more info ...) | attempted-user | 2007-0065 | URL | ||
| 13472 | EXPLOIT Microsoft Works invalid chunk size (more info ...) | attempted-user | 2008-0108 | URL | ||
| 13475 | DOS Microsoft Active Directory LDAP denial of service attempt (more info ...) | attempted-dos | 2008-0088 | URL | ||
| 13594 | SPECIFIC-THREATS Microsoft Windows print spooler little endian DoS attempt (more info ...) | protocol-command-decode | 2006-6296 | 21401 | ||
| 13669 | WEB-ACTIVEX Microsoft Help 2.0 Contents Control ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13671 | WEB-ACTIVEX Microsoft Help 2.0 Contents Control ActiveX function call unicode access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13673 | WEB-ACTIVEX Microsoft Help 2.0 Contents Control 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13675 | WEB-ACTIVEX Microsoft Help 2.0 Contents Control 2 ActiveX function call unicode access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13828 | WEB-ACTIVEX sapi.dll ActiveX clsid access (more info ...) | attempted-user | 2007-0675 | URL | ||
| 13829 | WEB-ACTIVEX sapi.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0675 | URL | ||
| 13830 | WEB-ACTIVEX sapi.dll alternate killbit ActiveX clsid access (more info ...) | attempted-user | 2007-0675 | URL | ||
| 13831 | WEB-ACTIVEX sapi.dll alternate killbit ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0675 | URL | ||
| 13832 | WEB-ACTIVEX backweb ActiveX clsid access (more info ...) | attempted-user | 2007-0675 | URL | ||
| 13833 | WEB-ACTIVEX backweb ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0675 | URL | ||
| 13835 | DOS Microsoft Active Directory LDAP cookie denial of service attempt (more info ...) | attempted-dos | 2008-1445 | URL | ||
| 13966 | WEB-ACTIVEX Microsoft Message System ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0082 | URL | ||
| 13968 | WEB-ACTIVEX Microsoft Message System ActiveX function call unicode access (more info ...) | attempted-user | 2008-0082 | URL | ||
| 13976 | WEB-CLIENT Microsoft Windows Event System ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1457 | URL | ||
| 13978 | WEB-CLIENT Microsoft Windows Event System ActiveX function call unicode access (more info ...) | attempted-user | 2008-1457 | URL | ||
| 14033 | WEB-ACTIVEX Orbit Downloader ActiveX clsid access (more info ...) | attempted-user | 2008-1602 | |||
| 14034 | WEB-ACTIVEX Orbit Downloader ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1602 | |||
| 14035 | WEB-ACTIVEX Orbit Downloader ActiveX function call access (more info ...) | attempted-user | 2008-1602 | |||
| 14036 | WEB-ACTIVEX Orbit Downloader ActiveX function call unicode access (more info ...) | attempted-user | 2008-1602 | |||
| 14038 | WEB-ACTIVEX Novell iPrint ActiveX target-frame parameter overflow attempt (more info ...) | attempted-user | 2008-2908 | 29736 | ||
| 14066 | SPYWARE-PUT Adware winsecuredisc runtime detection (more info ...) | misc-activity | URL | |||
| 14078 | SPYWARE-PUT Adware winspywareprotect runtime detection - download malicous code (more info ...) | misc-activity | URL | |||
| 14079 | SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious sites (more info ...) | misc-activity | URL | |||
| 14080 | SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious server (more info ...) | misc-activity | URL | |||
| 14232 | WEB-ACTIVEX SoftArtisans XFile FileManager ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1682 | 30826 | URL | |
| 15085 | WEB-ACTIVEX Microsoft Common Controls Animation Object ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4255 | URL | ||
| 15087 | WEB-ACTIVEX Microsoft Common Controls Animation Object ActiveX function call unicode access (more info ...) | attempted-user | 2008-4255 | URL | ||
| 15109 | WEB-ACTIVEX Shell.Explorer 1 ActiveX clsid access (more info ...) | attempted-user | 2008-4258 | URL | ||
| 15110 | WEB-ACTIVEX Shell.Explorer 1 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4258 | URL | ||
| 15111 | WEB-ACTIVEX Shell.Explorer 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4258 | 11466 | URL | |
| 15112 | WEB-ACTIVEX Shell.Explorer 2 ActiveX function call access (more info ...) | attempted-user | 2008-4258 | 11466 | URL | |
| 15113 | WEB-ACTIVEX Shell.Explorer 2 ActiveX function call unicode access (more info ...) | attempted-user | 2008-4258 | 11466 | URL | |
| 15122 | WEB-ACTIVEX Shell.Explorer 2 ActiveX clsid access (more info ...) | attempted-user | 2008-4258 | 11466 | URL | |
| 15448 | NETBIOS DCERPC NCADG-IP-UDP srvsvc NetrShareEnum null policy handle attempt (more info ...) | protocol-command-decode | ||||
| 15507 | SPECIFIC-THREATS DCERPC NCACN-IP-TCP lsarpc LsarLookupSids translated_names overflow attempt (more info ...) | protocol-command-decode | 2007-2446 | 24196 | ||
| 15508 | SPECIFIC-THREATS DCERPC NCADG-IP-UDP lsarpc LsarLookupSids translated_names overflow attempt (more info ...) | protocol-command-decode | 2007-2446 | 24196 | ||
| 15862 | WEB-ACTIVEX Microsoft Remote Desktop Client ActiveX clsid unicode access (more info ...) | attempted-user | 2009-1929 | URL | ||
| 15864 | WEB-ACTIVEX Microsoft Remote Desktop Client ActiveX function call unicode access (more info ...) | attempted-user | 2009-1929 | URL | ||
| 15881 | NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters Name Field attempt (more info ...) | protocol-command-decode | 2008-0639 | |||
| 15911 | NETBIOS DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt (more info ...) | protocol-command-decode | 2007-2446 | |||
| 16012 | WEB-ACTIVEX Symantec SupportSoft SmartIssue ActiveX function call unicode access (more info ...) | attempted-user | 2006-6490 | 22564 | URL | |
| 16016 | SPECIFIC-THREATS Microsoft client for netware overflow attempt (more info ...) | attempted-admin | 2006-4688 | URL | ||
| 16034 | SPECIFIC-THREATS Samba spools RPC smb_io_notify_option_type_data request handling buffer overflow attempt (more info ...) | attempted-user | 2007-2446 | |||
| 16058 | SPECIFIC-THREATS Samba WINS Server Name Registration handling stack buffer overflow attempt (more info ...) | attempted-user | 2007-5398 | 26455 | ||
| 16066 | EXPLOIT Microsoft Windows Server driver crafted SMB data denial of service (more info ...) | attempted-dos | 2006-3942 | URL | ||
| 16081 | RPC portmap 395650 tcp XDR SString buffer overflow attempt (more info ...) | rpc-portmap-decode | 2008-2242 | 29283 | URL | |
| 16082 | RPC portmap 395650 udp XDR SString buffer overflow attempt (more info ...) | rpc-portmap-decode | 2008-2242 | 29283 | URL | |
| 16083 | RPC portmap 395650 tcp request (more info ...) | rpc-portmap-decode | 2008-2242 | URL | ||
| 16084 | RPC portmap 395650 udp request (more info ...) | rpc-portmap-decode | 2008-2242 | URL | ||
| 16085 | RPC portmap 395650 tcp xml buffer overflow attempt (more info ...) | rpc-portmap-decode | 2008-2242 | URL | ||
| 16086 | RPC portmap 395650 udp xml buffer overflow attempt (more info ...) | rpc-portmap-decode | 2008-2242 | URL | ||
| 16221 | EXPLOIT Microsoft ISA and Forefront Threat Management Web Proxy TCP Listener denial of service attempt (more info ...) | attempted-dos | 2009-0077 | 34414 | URL | |
| 16294 | EXPLOIT Microsoft Windows TCP stack zero window size exploit attempt (more info ...) | attempted-dos | 2008-4609 | 31545 | URL | |
| 16386 | WEB-ACTIVEX AcroPDF.PDF ActiveX clsid access (more info ...) | attempted-user | 2009-2987 | |||
| 16387 | WEB-ACTIVEX AcroPDF.PDF ActiveX clsid unicode access (more info ...) | attempted-user | 2009-2987 | |||
| 16388 | WEB-ACTIVEX AcroPDF.PDF ActiveX function call access (more info ...) | attempted-user | 2009-2987 | |||
| 16389 | WEB-ACTIVEX AcroPDF.PDF ActiveX function call unicode access (more info ...) | attempted-user | 2009-2987 | |||
| 16397 | NETBIOS SMB andx invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16398 | NETBIOS SMB invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16399 | NETBIOS SMB unicode andx invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16400 | NETBIOS SMB unicode invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16401 | NETBIOS-DG SMB andx invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16402 | NETBIOS-DG SMB invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16403 | NETBIOS-DG SMB unicode andx invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16404 | NETBIOS-DG SMB unicode invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16413 | WEB-CLIENT Microsoft PowerPoint invalid TextCharsAtom remote code execution attempt (more info ...) | attempted-user | 2010-0034 | URL | ||
| 16420 | WEB-ACTIVEX Microsoft Data Analyzer 3.5 ActiveX clsid unicode access (more info ...) | attempted-user | 2010-0252 | URL | ||
| 16446 | RPC portmap Solaris sadmin tcp request (more info ...) | rpc-portmap-decode | 2008-4556 | 31751 | ||
| 16447 | RPC portmap Solaris sadmin udp request (more info ...) | rpc-portmap-decode | 2008-4556 | 31751 | ||
| 16448 | RPC portmap Solaris sadmin tcp adm_build_path overflow attempt (more info ...) | rpc-portmap-decode | 2008-4556 | 31751 | ||
| 16449 | RPC portmap Solaris sadmin udp adm_build_path overflow attempt (more info ...) | rpc-portmap-decode | 2008-4556 | 31751 | ||
| 16533 | BAD-TRAFFIC Microsoft Windows ISATAP-addressed IPv6 traffic spoofing attempt (more info ...) | misc-attack | 2010-0812 | URL | ||
| 16540 | NETBIOS SMB2 client NetBufferList NULL entry remote code execution attempt (more info ...) | attempted-admin | 2010-0477 | URL | ||
| 16581 | SPECIFIC-THREATS Persits Software XUpload ActiveX clsid unsafe function access attempt (more info ...) | attempted-user | 2009-3693 | 36550 | ||
| 16926 | BLACKLIST URI request for known malicious URI - strMode=setup&strID=pcvaccine&strPC= (more info ...) | trojan-activity | URL | |||
| 17111 | SPECIFIC-THREATS Microsoft Video ActiveX Control stack buffer overflow attempt (more info ...) | attempted-user | 2008-0015 | 35558 | ||
| 17112 | SPECIFIC-THREATS DCERPC rpcss2 _RemoteGetClassObject attempt (more info ...) | attempted-user | 2003-0715 | 8205 | URL | |
| 17133 | WEB-CLIENT MSXML2 ActiveX malformed HTTP response (more info ...) | attempted-dos | 2010-2561 | URL | ||
| 17205 | RPC Multiple vendors librpc.dll stack buffer overflow attempt - udp (more info ...) | attempted-admin | 2009-2754 | 38472 | ||
| 17206 | RPC Multiple vendors librpc.dll stack buffer overflow attempt - tcp (more info ...) | attempted-admin | 2009-2754 | 38472 | ||
| 17231 | WEB-CLIENT Microsoft Kodak Imaging small offset malformed tiff - little-endian (more info ...) | attempted-user | 2007-2217 | URL | ||
| 17232 | WEB-CLIENT Microsoft Kodak Imaging large offset malformed tiff - big-endian (more info ...) | attempted-user | 2007-2217 | URL | ||
| 17252 | NETBIOS Microsoft Windows Print Spooler arbitrary file write attempt (more info ...) | attempted-user | 2010-2729 | URL | ||
| 17253 | NETBIOS Microsoft Windows Print Spooler arbitrary file write attempt (more info ...) | attempted-user | 2010-2729 | URL | ||
| 17435 | NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 17437 | NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 17439 | EXPLOIT Microsoft Distributed Transaction Controller TIP DoS attempt (more info ...) | attempted-dos | 2005-1979 | 15058 | ||
| 17634 | NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 little endian object call overflow attempt (more info ...) | attempted-admin | 2008-4398 | URL | ||
| 17635 | NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 little endian overflow attempt (more info ...) | attempted-admin | 2008-4398 | URL | ||
| 17636 | NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 object call overflow attempt (more info ...) | attempted-admin | 2008-4398 | URL | ||
| 17637 | NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 overflow attempt (more info ...) | attempted-admin | 2008-4398 | URL | ||
| 17640 | NETBIOS DCERPC NCACN-IP-TCP brightstor opnum 43 overflow attempt (more info ...) | attempted-admin | 2007-0169 | 22005 | URL | |
| 17707 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect trend_req_num buffer overflow attempt (more info ...) | protocol-command-decode | 2007-1070 | 22639 | URL | |
| 17714 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt (more info ...) | protocol-command-decode | 2007-1070 | 22639 | URL | |
| 17715 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt (more info ...) | protocol-command-decode | 2007-1070 | 22639 | URL | |
| 18072 | WEB-MISC Microsoft Forefront UAG external redirect attempt (more info ...) | policy-violation | 2010-2732 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 15490 | EXPLOIT Linux SCTP malformed forward-tsn chunk arbitrary code execution attempt (more info ...) | attempted-admin | 2009-0065 | 33113 | ||
| 16352 | EXPLOIT Linux Kernel NFSD Subsystem overflow attempt (more info ...) | attempted-dos | 2008-3915 | 31133 | ||
| 17324 | SHELLCODE x86 Linux reverse connect shellcode (more info ...) | shellcode-detect | ||||
| 17738 | SPECIFIC-THREATS Linux Kernel SNMP Netfilter Memory Corruption attempt (more info ...) | attempted-dos | 2006-2444 | 18081 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 213 | BACKDOOR MISC Linux rootkit attempt (more info ...) | attempted-admin | ||||
| 214 | BACKDOOR MISC Linux rootkit attempt lrkr0x (more info ...) | attempted-admin | ||||
| 215 | BACKDOOR MISC Linux rootkit attempt (more info ...) | attempted-admin | ||||
| 216 | BACKDOOR MISC Linux rootkit satori attempt (more info ...) | attempted-admin | ||||
| 292 | EXPLOIT x86 Linux samba overflow (more info ...) | attempted-admin | 1999-0811 | 536 | ||
| 302 | EXPLOIT Redhat 7.0 lprd overflow (more info ...) | attempted-admin | 2000-0917 | 1712 | ||
| 313 | EXPLOIT ntalkd x86 Linux overflow (more info ...) | attempted-admin | 210 | |||
| 315 | EXPLOIT x86 Linux mountd overflow (more info ...) | attempted-admin | 1999-0002 | 121 | ||
| 316 | EXPLOIT x86 Linux mountd overflow (more info ...) | attempted-admin | 1999-0002 | 121 | ||
| 317 | EXPLOIT x86 Linux mountd overflow (more info ...) | attempted-admin | 1999-0002 | 121 | ||
| 601 | RSERVICES rlogin LinuxNIS (more info ...) | bad-unknown | ||||
| 652 | SHELLCODE Linux shellcode (more info ...) | shellcode-detect | ||||
| 1225 | X11 MIT Magic Cookie detected (more info ...) | attempted-user | ||||
| 1226 | X11 xopen (more info ...) | unknown | ||||
| 7021 | DOS linux kernel SCTP chunkless packet denial of service attempt (more info ...) | attempted-dos | 2006-2934 | 18755 | ||
| 15906 | EXPLOIT Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (more info ...) | denial-of-service | 2008-3276 | 30704 | ||
| 15907 | EXPLOIT Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (more info ...) | denial-of-service | 2008-3276 | 30704 | ||
| 16724 | EXPLOIT Linux kernel sctp_process_unk_param SCTPChunkInit buffer overflow attempt (more info ...) | attempted-admin | 2010-1173 | 39794 | ||
| 17302 | DOS Linux kernel SCTP Unknown Chunk Types denial of service attempt (more info ...) | attempted-dos | 2007-2876 | 24376 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 5760 | SPYWARE-PUT Hijacker marketscore runtime detection (more info ...) | misc-activity | URL | |||
| 5798 | SPYWARE-PUT Adware mydailyhoroscope runtime detection (more info ...) | misc-activity | URL | |||
| 5799 | SPYWARE-PUT mydailyhoroscope update or installation in progress (more info ...) | misc-activity | URL | |||
| 5834 | SPYWARE-PUT Trickler conscorr runtime detection (more info ...) | misc-activity | URL | |||
| 6017 | BACKDOOR dsk lite 1.0 runtime detection - disconnect (more info ...) | trojan-activity | URL | |||
| 6384 | SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - agent discover broadcast (more info ...) | successful-recon-limited | URL | |||
| 7020 | WEB-CLIENT isComponentInstalled function buffer overflow (more info ...) | attempted-user | 2006-1016 | 16870 | ||
| 7720 | BACKDOOR desktop scout runtime detection (more info ...) | trojan-activity | URL | |||
| 8090 | WEB-MISC HP Openview NNM freeIPaddrs.ovpl Unix command execution attempt (more info ...) | web-application-attack | 2005-2773 | 14662 | ||
| 9635 | EXPLOIT Computer Associates Product Discovery Service type 9B remote buffer overflow attempt UDP (more info ...) | attempted-admin | 2006-6379 | 21502 | ||
| 10134 | SPECIFIC-THREATS CA Brightstor discovery service buffer overflow attempt (more info ...) | attempted-admin | 2005-0260 | 12491 | ||
| 10998 | EXPLOIT Novell GroupWise WebAccess authentication overflow (more info ...) | attempted-admin | 2007-2171 | 23556 | ||
| 11970 | VOIP-SIP Cisco 7940/7960 INVITE Remote-Party-ID denial of service attempt (more info ...) | attempted-dos | 2007-1542 | 23047 | URL | |
| 13363 | EXPLOIT Cisco Unified Communications Manager heap overflow attempt (more info ...) | attempted-admin | 2008-0027 | 27313 | ||
| 13613 | SPECIFIC-THREATS Solaris username overflow authentication bypass attempt (more info ...) | attempted-admin | 2001-0797 | |||
| 13912 | SPECIFIC-THREATS isComponentInstalled Metasploit attack attempt (more info ...) | attempted-user | 16870 | |||
| 14989 | WEB-MISC Novell eDirectory SOAP Accept Language header overflow attempt (more info ...) | attempted-user | 2008-4479 | |||
| 15446 | WEB-MISC Novell eDirectory management console Accept-Language buffer overflow attempt (more info ...) | attempted-admin | 2008-5094 | 31553 | URL | |
| 15958 | WEB-MISC Novell ZENworks Remote Management overflow attempt (more info ...) | attempted-admin | 2005-1543 | 13678 | ||
| 16019 | SPECIFIC-THREATS Novell Distributed Print Services integer overflow attempt (more info ...) | attempted-user | 2006-2327 | |||
| 16194 | WEB-MISC Novell eDirectory HTTP request content-length heap buffer overflow attempt (more info ...) | attempted-user | 2008-4478 | |||
| 16195 | WEB-MISC Novell eDirectory HTTP request content-length heap buffer overflow attempt (more info ...) | attempted-user | 2008-4478 | |||
| 16429 | WEB-MISC Novell iManager eDirectory plugin schema buffer overflow attempt - GET request (more info ...) | attempted-admin | 2009-4486 | 37672 | ||
| 16430 | WEB-MISC Novell iManager eDirectory plugin schema buffer overflow attempt - POST request (more info ...) | attempted-admin | 2009-4486 | 37672 | ||
| 16522 | WEB-CLIENT Novell QuickFinder server cross-site-scripting attempt (more info ...) | web-application-attack | 2009-0611 | |||
| 16587 | SPECIFIC-THREATS Symantec multiple products AeXNSConsoleUtilities buffer overflow attempt (more info ...) | attempted-user | 2009-3031 | 36698 | ||
| 16787 | SPECIFIC-THREATS Symantec multiple products AeXNSConsoleUtilities RunCMD buffer overflow attempt (more info ...) | attempted-user | 2009-3033 | 37092 | ||
| 17057 | SPECIFIC-THREATS Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (more info ...) | attempted-admin | 2009-1350 | 34400 | ||
| 17620 | SPECIFIC-THREATS Products Discovery Service Buffer Overflow (more info ...) | attempted-user | 2006-5143 | 20364 | ||
| 17621 | SPECIFIC-THREATS Products Discovery Service Buffer Overflow (more info ...) | attempted-user | 2006-5143 | 20364 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 218 | BACKDOOR MISC Solaris 2.5 attempt (more info ...) | attempted-user | ||||
| 300 | EXPLOIT nlps x86 Solaris overflow (more info ...) | attempted-admin | 2319 | |||
| 304 | EXPLOIT SCO calserver overflow (more info ...) | attempted-admin | 2000-0306 | 2353 | ||
| 640 | SHELLCODE AIX NOOP (more info ...) | shellcode-detect | ||||
| 641 | SHELLCODE Digital UNIX NOOP (more info ...) | shellcode-detect | ||||
| 1132 | WEB-MISC Netscape Unixware overflow (more info ...) | attempted-recon | 1999-0744 | 908 | ||
| 1165 | WEB-MISC Novell Groupwise gwweb.exe access (more info ...) | attempted-recon | 1999-1006 | 879 | 10877 | |
| 1209 | WEB-MISC .nsconfig access (more info ...) | attempted-recon | URL | |||
| 1250 | WEB-MISC Cisco IOS HTTP configuration attempt (more info ...) | web-application-attack | 2001-0537 | 2936 | 10700 | |
| 1499 | WEB-MISC SiteScope Service access (more info ...) | web-application-activity | 10778 | |||
| 1544 | WEB-MISC Cisco Catalyst command execution attempt (more info ...) | web-application-activity | 2000-0945 | 1846 | 10545 | |
| 1545 | DOS Cisco attempt (more info ...) | web-application-attack | ||||
| 1614 | WEB-MISC Novell Groupwise gwweb.exe attempt (more info ...) | attempted-recon | 1999-1006 | 879 | 10877 | |
| 1814 | WEB-MISC CISCO VoIP DOS ATTEMPT (more info ...) | misc-attack | 2002-0882 | 4794 | 11013 | |
| 1858 | WEB-MISC CISCO PIX Firewall Manager directory traversal attempt (more info ...) | misc-attack | 1999-0158 | 691 | 10819 | |
| 3467 | WEB-MISC CISCO VoIP Portinformation access (more info ...) | web-application-activity | 2002-0882 | 4798 | ||
| 3527 | EXPLOIT Solaris LPD overflow attempt (more info ...) | attempted-admin | 3274 | |||
| 4127 | EXPLOIT Novell eDirectory Server iMonitor overflow attempt (more info ...) | attempted-admin | 2005-2551 | 14548 | ||
| 4129 | EXPLOIT Novell ZenWorks Remote Management Agent large login packet DoS attempt (more info ...) | attempted-dos | 2005-1543 | 13678 | ||
| 4130 | EXPLOIT Novell ZenWorks Remote Management Agent buffer overflow Attempt (more info ...) | attempted-dos | 2005-1543 | 13678 | ||
| 4144 | EXPLOIT lpd Solaris control file upload attempt (more info ...) | misc-attack | ||||
| 6414 | WEB-MISC Novell GroupWise Messenger Accept-Language header buffer overflow attempt (more info ...) | attempted-admin | 2006-0992 | 17503 | ||
| 6507 | WEB-MISC novell edirectory imonitor overflow attempt (more info ...) | attempted-admin | 2006-2496 | 18026 | ||
| 8081 | SCAN UPnP service discover attempt (more info ...) | network-scan | ||||
| 8085 | WEB-MISC HP Openview NNM connectedNodes.ovpl port 3443 Unix command execution attempt (more info ...) | web-application-attack | 2005-2773 | 14662 | ||
| 8086 | WEB-MISC HP Openview NNM cdpView.ovpl port 3443 Unix command execution attempt (more info ...) | web-application-attack | 2005-2773 | 14662 | ||
| 8087 | WEB-MISC HP Openview NNM freeIPaddrs.ovpl port 3443 Unix command execution attempt (more info ...) | web-application-attack | 2005-2773 | 14662 | ||
| 8088 | WEB-MISC HP Openview NNM connectedNodes.ovpl Unix command execution attempt (more info ...) | web-application-attack | 2005-2773 | 14662 | ||
| 8089 | WEB-MISC HP Openview NNM cdpView.ovpl Unix command execution attempt (more info ...) | web-application-attack | 2005-2773 | 14662 | ||
| 8711 | WEB-MISC Novell eDirectory HTTP redirection buffer overflow attempt (more info ...) | attempted-admin | 2006-5478 | 20655 | ||
| 9633 | EXPLOIT Computer Associates Product Discovery Service type 9B remote buffer overflow attempt TCP (more info ...) | attempted-admin | 2006-6379 | 21502 | ||
| 9634 | EXPLOIT Computer Associates Product Discovery Service type 9C remote buffer overflow attempt TCP (more info ...) | attempted-admin | 2006-6379 | 21502 | ||
| 9636 | EXPLOIT Computer Associates Product Discovery Service type 9C remote buffer overflow attempt UDP (more info ...) | attempted-admin | 2006-6379 | 21502 | ||
| 10418 | EXPLOIT lpd Solaris unlink file attempt (more info ...) | misc-attack | 2005-4797 | 14510 | ||
| 11670 | EXPLOIT Symantec Discovery logging buffer overflow (more info ...) | attempted-admin | 2007-1173 | 24002 | ||
| 12080 | EXPLOIT Sun Solaris printd arbitrary file deletion vulnerability (more info ...) | misc-attack | 2005-4797 | 14510 | ||
| 12223 | EXPLOIT Novell WebAdmin long user name (more info ...) | attempted-admin | 2007-1350 | 22857 | ||
| 12299 | EXPLOIT Cisco NHRP incorrect packet size (more info ...) | attempted-user | 2007-4286 | 25238 | ||
| 12300 | EXPLOIT Cisco NHRP incorrect packet size (more info ...) | attempted-user | 2007-4286 | 25238 | ||
| 13510 | EXPLOIT Novell eDirectory EventsRequest heap overflow attempt (more info ...) | attempted-admin | 2006-4509 | 20663 | URL | |
| 13511 | EXPLOIT Novell eDirectory EventsRequest invalid event count exploit attempt (more info ...) | attempted-admin | 2006-4510 | 20663 | URL | |
| 13620 | SPECIFIC-THREATS CA Brightstor discovery service alternate buffer overflow attempt (more info ...) | attempted-admin | 2005-0260 | |||
| 14990 | WEB-MISC Novell eDirectory SOAP Accept Charset header overflow attempt (more info ...) | attempted-user | 2008-4479 | |||
| 15960 | SPECIFIC-THREATS Novell eDirectory MS-DOS device name DoS attempt (more info ...) | attempted-dos | 2005-1729 | |||
| 15973 | EXPLOIT Novell eDirectory LDAP null search parameter buffer overflow attempt (more info ...) | attempted-admin | 2008-1809 | 30175 | URL | |
| 16014 | DOS Novell eDirectory HTTP headers denial of service attempt (more info ...) | attempted-dos | 2008-0927 | 28757 | ||
| 16950 | PHISHING-SPAM tabscotti71i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17027 | PHISHING-SPAM scoreenjoy.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17287 | WEB-MISC Cisco IOS HTTP service HTML injection attempt (more info ...) | attempted-dos | 2005-3921 | 15602 | ||
| 17353 | EXPLOIT Sun Solaris printd Daemon Arbitrary File Deletion attempt (more info ...) | misc-attack | 2005-4797 | 14510 | ||
| 17433 | EXPLOIT Sun Solaris DHCP Client Arbitrary Code Execution attempt (more info ...) | attempted-user | 2005-2870 | 14687 | ||
| 17504 | EXPLOIT Novell ZENworks Asset Management buffer overflow attempt (more info ...) | attempted-admin | 2006-6299 | 21395 | ||
| 17713 | EXPLOIT Novell NetMail NMAP STOR buffer overflow attempt (more info ...) | attempted-admin | 2006-6424 | 21725 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 13258 | WEB-ACTIVEX IBM Lotus Domino Web Access 6 ActiveX clsid access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 13259 | WEB-ACTIVEX IBM Lotus Domino Web Access 6 ActiveX clsid unicode access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 13260 | WEB-ACTIVEX IBM Lotus Domino Web Access 6 ActiveX function call access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 13261 | WEB-ACTIVEX IBM Lotus Domino Web Access 6 ActiveX function call unicode access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 13262 | WEB-ACTIVEX IBM Lotus Domino Web Access 7 ActiveX clsid access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 13263 | WEB-ACTIVEX IBM Lotus Domino Web Access 7 ActiveX clsid unicode access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 13264 | WEB-ACTIVEX IBM Lotus Domino Web Access 7 ActiveX function call access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 13265 | WEB-ACTIVEX IBM Lotus Domino Web Access 7 ActiveX function call unicode access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 15956 | ORACLE http Server mod_access restriction bypass attempt (more info ...) | attempted-user | 2005-1383 | 13418 | ||
| 16017 | SPECIFIC-THREATS IBM Lotus Domino LDAP server invalid DN message buffer overflow attempt (more info ...) | attempted-user | 2007-1739 | 23174 | ||
| 16052 | WEB-CLIENT Novell iManager Tomcat http post handling DoS attempt (more info ...) | attempted-dos | 2006-4517 | 20841 | ||
| 16060 | SPECIFIC-THREATS IBM Lotus Domino LDAP server memory exception attempt (more info ...) | attempted-dos | 2006-0580 | 16523 | ||
| 16216 | SPECIFIC-THREATS IBM Tivoli Provisioning Manager for OS deployment HTTP server buffer attempt (more info ...) | attempted-user | 2008-0401 | 27387 | ||
| 16671 | SPECIFIC-THREATS IBM Lotus Domino Web Access ActiveX exploit attempt (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 17391 | WEB-MISC Tomcat UNIX platform directory traversal (more info ...) | web-application-attack | 2007-0450 | 22960 | URL | |
| 17466 | SPECIFIC-THREATS IBM Lotus Domino Web Access 7 ActiveX exploit attempt (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 17498 | WEB-MISC Tomcat UNIX platform directory traversal (more info ...) | web-application-attack | 2007-0450 | 22960 | URL | |
| 17499 | WEB-MISC Tomcat UNIX platform directory traversal (more info ...) | web-application-attack | 2007-0450 | 22960 | URL | |
| 17500 | WEB-MISC Tomcat UNIX platform directory traversal (more info ...) | web-application-attack | 2007-0450 | 22960 | URL | |
| 17501 | WEB-MISC Tomcat UNIX platform directory traversal (more info ...) | web-application-attack | 2007-0450 | 22960 | URL | |
| 17502 | WEB-MISC Tomcat UNIX platform directory traversal (more info ...) | web-application-attack | 2007-0450 | 22960 | URL | |
| 17545 | WEB-ACTIVEX Lotus Domino Web Access ActiveX Controls buffer overflow attempt (more info ...) | attempted-user | 2010-0919 | 38457 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 903 | WEB-COLDFUSION cfcache.map access (more info ...) | attempted-recon | 2000-0057 | 917 | ||
| 904 | WEB-COLDFUSION exampleapp application.cfm (more info ...) | attempted-recon | 2001-0535 | 1021 | ||
| 905 | WEB-COLDFUSION application.cfm access (more info ...) | attempted-recon | 2001-0535 | 1021 | ||
| 906 | WEB-COLDFUSION getfile.cfm access (more info ...) | attempted-recon | 2001-0535 | 229 | ||
| 907 | WEB-COLDFUSION addcontent.cfm access (more info ...) | attempted-recon | 2001-0535 | |||
| 908 | WEB-COLDFUSION administrator access (more info ...) | attempted-recon | 2000-0538 | 1314 | 10581 | |
| 909 | WEB-COLDFUSION datasource username attempt (more info ...) | web-application-attack | 1999-0760 | 550 | ||
| 910 | WEB-COLDFUSION fileexists.cfm access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 911 | WEB-COLDFUSION exprcalc access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 912 | WEB-COLDFUSION parks access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 913 | WEB-COLDFUSION cfappman access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 914 | WEB-COLDFUSION beaninfo access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 915 | WEB-COLDFUSION evaluate.cfm access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 916 | WEB-COLDFUSION getodbcdsn access (more info ...) | web-application-attack | 1999-0760 | 550 | ||
| 917 | WEB-COLDFUSION db connections flush attempt (more info ...) | web-application-attack | 1999-0760 | 550 | ||
| 918 | WEB-COLDFUSION expeval access (more info ...) | attempted-user | 1999-0760 | 550 | ||
| 919 | WEB-COLDFUSION datasource passwordattempt (more info ...) | web-application-attack | 1999-0760 | 550 | ||
| 920 | WEB-COLDFUSION datasource attempt (more info ...) | web-application-attack | 1999-0760 | 550 | ||
| 921 | WEB-COLDFUSION admin encrypt attempt (more info ...) | web-application-attack | 1999-0760 | 550 | ||
| 922 | WEB-COLDFUSION displayfile access (more info ...) | web-application-attack | 1999-0760 | 550 | ||
| 923 | WEB-COLDFUSION getodbcin attempt (more info ...) | web-application-attack | 1999-0760 | 550 | ||
| 924 | WEB-COLDFUSION admin decrypt attempt (more info ...) | web-application-attack | 1999-0760 | 550 | ||
| 925 | WEB-COLDFUSION mainframeset access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 926 | WEB-COLDFUSION set odbc ini attempt (more info ...) | web-application-attack | 1999-0760 | 550 | ||
| 927 | WEB-COLDFUSION settings refresh attempt (more info ...) | web-application-attack | 1999-0760 | 550 | ||
| 928 | WEB-COLDFUSION exampleapp access (more info ...) | attempted-recon | 2001-0535 | |||
| 929 | WEB-COLDFUSION CFUSION_VERIFYMAIL access (more info ...) | attempted-user | 1999-0760 | 550 | ||
| 930 | WEB-COLDFUSION snippets attempt (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 931 | WEB-COLDFUSION cfmlsyntaxcheck.cfm access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 932 | WEB-COLDFUSION application.cfm access (more info ...) | attempted-recon | 2000-0189 | 550 | ||
| 933 | WEB-COLDFUSION onrequestend.cfm access (more info ...) | attempted-recon | 2000-0189 | 550 | ||
| 935 | WEB-COLDFUSION startstop DOS access (more info ...) | web-application-attack | 1999-0756 | 247 | ||
| 936 | WEB-COLDFUSION gettempdirectory.cfm access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 1056 | WEB-MISC Tomcat view source attempt (more info ...) | web-application-attack | 2001-0590 | 2527 | ||
| 1072 | WEB-MISC Lotus Domino directory traversal (more info ...) | web-application-attack | 2001-0009 | 2173 | 12248 | |
| 1108 | WEB-MISC Tomcat server snoop access (more info ...) | attempted-recon | 2000-0760 | 1532 | 10478 | |
| 1111 | WEB-MISC Tomcat server exploit access (more info ...) | attempted-recon | 2000-0672 | 1548 | 10477 | |
| 1115 | WEB-MISC ICQ webserver DOS (more info ...) | attempted-dos | 1999-0474 | URL | ||
| 1150 | WEB-MISC Domino catalog.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1151 | WEB-MISC Domino domcfg.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1152 | WEB-MISC Domino domlog.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1153 | WEB-MISC Domino log.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1154 | WEB-MISC Domino names.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1540 | WEB-COLDFUSION ?Mode=debug attempt (more info ...) | web-application-activity | 1999-0760 | 10797 | ||
| 1575 | WEB-MISC Domino mab.nsf access (more info ...) | attempted-recon | 4022 | 10953 | ||
| 1576 | WEB-MISC Domino cersvr.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1577 | WEB-MISC Domino setup.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1578 | WEB-MISC Domino statrep.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1579 | WEB-MISC Domino webadmin.nsf access (more info ...) | attempted-recon | 9901 | 10629 | ||
| 1580 | WEB-MISC Domino events4.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1581 | WEB-MISC Domino ntsync4.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1582 | WEB-MISC Domino collect4.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1583 | WEB-MISC Domino mailw46.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1584 | WEB-MISC Domino bookmark.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1585 | WEB-MISC Domino agentrunner.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1586 | WEB-MISC Domino mail.box access (more info ...) | attempted-recon | 881 | 10629 | ||
| 1659 | WEB-COLDFUSION sendmail.cfm access (more info ...) | attempted-recon | 2001-0535 | |||
| 1827 | WEB-MISC Tomcat servlet mapping cross site scripting attempt (more info ...) | web-application-attack | 2002-0682 | 5193 | 11041 | |
| 1829 | WEB-MISC Tomcat TroubleShooter servlet access (more info ...) | web-application-activity | 4575 | 11046 | ||
| 1830 | WEB-MISC Tomcat SnoopServlet servlet access (more info ...) | web-application-activity | 4575 | 11046 | ||
| 2061 | WEB-MISC Tomcat null byte directory listing attempt (more info ...) | web-application-attack | 2003-0042 | 6721 | 11438 | |
| 8485 | WEB-COLDFUSION CFNEWINTERNALADMINSECURITY access (more info ...) | attempted-user | 1999-0760 | 550 | ||
| 8486 | WEB-COLDFUSION CFNEWINTERNALREGISTRY access (more info ...) | attempted-user | 1999-0760 | 550 | ||
| 8487 | WEB-COLDFUSION CFADMIN_REGISTRY_SET access (more info ...) | attempted-user | 1999-0760 | 550 | ||
| 8488 | WEB-COLDFUSION CFADMIN_REGISTRY_GET access (more info ...) | attempted-user | 1999-0760 | 550 | ||
| 8489 | WEB-COLDFUSION CFADMIN_REGISTRY_DELETE access (more info ...) | attempted-user | 1999-0760 | 550 | ||
| 8490 | WEB-COLDFUSION viewexample.cfm access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 8491 | WEB-COLDFUSION eval.cfm access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 8492 | WEB-COLDFUSION openfile.cfm access (more info ...) | attempted-recon | 1999-0760 | 550 | ||
| 8493 | WEB-COLDFUSION sourcewindow.cfm access (more info ...) | attempted-recon | 1999-0922 | 550 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 14771 | WEB-MISC BEA WebLogic Apache Oracle connector Transfer-Encoding buffer overflow (more info ...) | attempted-admin | 2008-4008 | URL | ||
| 16198 | SPECIFIC-THREATS Apache mod_auth_pgsql module logging facility format string exploit attempt (more info ...) | attempted-user | 2005-3656 | 16153 | ||
| 16479 | SPECIFIC-THREATS Apache mod_isapi dangling pointer exploit attempt - public shell code (more info ...) | attempted-admin | 2010-0425 | 38494 | ||
| 16480 | SPECIFIC-THREATS Apache mod_isapi dangling pointer exploit attempt (more info ...) | attempted-admin | 2010-0425 | 38494 | ||
| 16611 | WEB-MISC Apache 413 error HTTP request method cross-site scripting attack (more info ...) | web-application-attack | 2007-6203 | 26663 | ||
| 17156 | EXPLOIT HP Performance Manager Apache Tomcat policy bypass attempt (more info ...) | attempted-admin | 2009-3548 | 36954 | ||
| 17387 | WEB-MISC Apache Tomcat allowLinking URIencoding directory traversal attempt (more info ...) | suspicious-filename-detect | 2008-2938 | 30633 | ||
| 17533 | WEB-MISC Apache Struts Information Disclosure Attempt (more info ...) | attempted-recon | 2008-6505 | 32104 | ||
| 17656 | WEB-MISC Apache HTTP server mod_rewrite module LDAP scheme handling buffer overflow attempt (more info ...) | attempted-user | 2006-3747 | |||
| 18096 | WEB-MISC Apache Tomcat username enumeration attempt (more info ...) | attempted-recon | 2009-0580 | 35196 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1110 | WEB-MISC apache source.asp file access (more info ...) | attempted-recon | 2000-0628 | 1457 | 10480 | |
| 1519 | WEB-MISC apache ?M=D directory list attempt (more info ...) | web-application-activity | 2001-0731 | 3009 | 10704 | |
| 1808 | WEB-MISC apache chunked encoding memory corruption exploit attempt (more info ...) | web-application-activity | 2002-0392 | 5033 | ||
| 1809 | WEB-MISC Apache Chunked-Encoding worm attempt (more info ...) | web-application-attack | 2002-0392 | 5033 | 10932 | |
| 11272 | WEB-MISC Apache newline exploit attempt (more info ...) | web-application-attack | 2003-0132 | 7254 | ||
| 11273 | WEB-MISC Apache header parsing space saturation denial of service attempt (more info ...) | attempted-dos | 2004-0942 | |||
| 11679 | WEB-MISC Apache mod_rewrite buffer overflow attempt (more info ...) | attempted-admin | 2006-3747 | |||
| 12465 | EXPLOIT Apache APR memory corruption attempt (more info ...) | attempted-user | 2003-0245 | 7723 | ||
| 12591 | DOS Apache mod_cache denial of service attempt (more info ...) | denial-of-service | 2007-1863 | 24649 | ||
| 12711 | WEB-MISC Apache Tomcat WebDAV system tag remote file disclosure attempt (more info ...) | successful-recon-limited | 2007-5461 | 26070 | URL | |
| 13302 | WEB-CLIENT Apache mod_imagemap cross site scripting attempt (more info ...) | web-application-attack | 2007-5000 | 26838 | ||
| 15511 | SPECIFIC-THREATS Oracle WebLogic Apache Connector buffer overflow attempt (more info ...) | attempted-admin | 2008-3257 | 30273 | URL | |
| 15578 | SPECIFIC-THREATS Slowloris http DoS tool (more info ...) | attempted-dos | 2007-0086 | |||
| 15980 | WEB-MISC Apache mod_ssl hook functions format string attempt (more info ...) | attempted-user | 2004-0700 | 10736 | ||
| 16021 | SPECIFIC-THREATS Apache http Server mod_tcl format string attempt (more info ...) | attempted-user | 2006-4154 | 20527 | ||
| 17107 | SPECIFIC-THREATS Apache Tomcat JK Web Server Connector long URL stack overflow attempt - 1 (more info ...) | attempted-admin | 2007-0774 | 22791 | ||
| 17108 | SPECIFIC-THREATS Apache Tomcat JK Web Server Connector long URL stack overflow attempt - 2 (more info ...) | attempted-admin | 2007-0774 | 22791 | ||
| 17354 | SPECIFIC-THREATS Apache Byte-Range Filter denial of service attempt (more info ...) | attempted-dos | 2005-2728 | 14660 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1002 | WEB-IIS cmd.exe access (more info ...) | web-application-attack | ||||
| 1661 | WEB-IIS cmd32.exe access (more info ...) | web-application-attack | ||||
| 2091 | WEB-IIS WEBDAV nessus safe scan attempt (more info ...) | attempted-admin | 2003-0109 | 7116 | 11413 | URL |
| 15470 | WEB-MISC IIS ASP/ASP.NET potentially malicious file upload attempt (more info ...) | attempted-user | 2009-0080 | URL | ||
| 15974 | EXPLOIT Microsoft IIS ASP handling buffer overflow (more info ...) | web-application-attack | 2008-0075 | 27676 | URL | |
| 16147 | SPECIFIC-THREATS Microsoft IIS malformed URL .dll denial of service attempt (more info ...) | attempted-dos | 2005-4360 | 15921 | URL | |
| 16312 | WEB-IIS ADFS custom header arbitrary code execution attempt (more info ...) | attempted-admin | 2009-2509 | URL | ||
| 16356 | WEB-IIS multiple extension code execution attempt (more info ...) | web-application-attack | 2009-4444 | |||
| 17103 | WEB-IIS IIS 5.1 alternate data stream authentication bypass attempt (more info ...) | web-application-attack | 2010-2731 | URL | ||
| 17254 | WEB-MISC Microsoft IIS stack exhaustion DoS attempt (more info ...) | attempted-dos | 2010-1899 | URL | ||
| 17255 | EXPLOIT Microsoft IIS FastCGI heap overflow attempt (more info ...) | attempted-admin | 2010-2730 | URL | ||
| 17431 | EXPLOIT Microsoft IIS SChannel improper certificate verification (more info ...) | misc-activity | 2009-0085 | URL | ||
| 17525 | SPECIFIC-THREATS Microsoft IIS 5.0 WebDav Request Directory Security Bypass (more info ...) | attempted-admin | 2009-1122 | 35232 | ||
| 17564 | WEB-IIS WebDAV Request Directory Security Bypass attempt (more info ...) | attempted-admin | 2009-1535 | 34993 | ||
| 17652 | WEB-MISC Microsoft IIS source code disclosure attempt (more info ...) | misc-attack | 2005-2678 | URL | ||
| 17653 | WEB-MISC Microsoft IIS source code disclosure attempt (more info ...) | misc-attack | 2005-2678 | URL | ||
| 18243 | SPECIFIC-THREATS Microsoft Windows 7 IIS7.5 FTPSVC buffer overflow attempt (more info ...) | attempted-admin | 45542 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 971 | WEB-IIS ISAPI .printer access (more info ...) | web-application-activity | 2001-0241 | 2674 | 10661 | URL |
| 973 | WEB-IIS *.idc attempt (more info ...) | web-application-attack | 2000-0661 | 1448 | ||
| 974 | WEB-IIS Directory transversal attempt (more info ...) | web-application-attack | 1999-0229 | 2218 | ||
| 975 | WEB-IIS Alternate Data streams ASP file access attempt (more info ...) | web-application-attack | 1999-0278 | 149 | 10362 | URL |
| 977 | WEB-IIS .cnf access (more info ...) | web-application-activity | 2002-1717 | 4078 | 10575 | |
| 978 | WEB-IIS ASP contents view (more info ...) | web-application-attack | 2000-0302 | 1084 | 10356 | URL |
| 979 | WEB-IIS ASP contents view (more info ...) | web-application-attack | 2000-0942 | 1861 | URL | |
| 980 | WEB-IIS CGImail.exe access (more info ...) | web-application-activity | 2000-0726 | 1623 | 11721 | |
| 984 | WEB-IIS JET VBA access (more info ...) | web-application-activity | 1999-0874 | 307 | 10116 | |
| 985 | WEB-IIS JET VBA access (more info ...) | web-application-activity | 1999-0874 | 286 | ||
| 986 | WEB-IIS MSProxy access (more info ...) | web-application-activity | URL | |||
| 987 | WEB-IIS .htr access (more info ...) | web-application-activity | 2000-0630 | 1488 | 10680 | |
| 991 | WEB-IIS achg.htr access (more info ...) | web-application-activity | 1999-0407 | 2110 | ||
| 992 | WEB-IIS adctest.asp access (more info ...) | web-application-activity | ||||
| 993 | WEB-IIS iisadmin access (more info ...) | web-application-attack | 1999-1538 | 189 | 11032 | |
| 994 | WEB-IIS /scripts/iisadmin/default.htm access (more info ...) | web-application-attack | ||||
| 995 | WEB-IIS ism.dll access (more info ...) | web-application-attack | 2000-0630 | 189 | ||
| 996 | WEB-IIS anot.htr access (more info ...) | web-application-activity | 1999-0407 | 2110 | ||
| 997 | WEB-IIS asp-dot attempt (more info ...) | web-application-attack | 1814 | 10363 | ||
| 998 | WEB-IIS asp-srch attempt (more info ...) | web-application-attack | ||||
| 999 | WEB-IIS bdir access (more info ...) | web-application-activity | 2280 | |||
| 1000 | WEB-IIS bdir.htr access (more info ...) | web-application-activity | 2280 | 10577 | ||
| 1003 | WEB-IIS cmd? access (more info ...) | web-application-attack | ||||
| 1004 | WEB-IIS codebrowser Exair access (more info ...) | web-application-activity | 1999-0815 | |||
| 1005 | WEB-IIS codebrowser SDK access (more info ...) | web-application-activity | 1999-0736 | 167 | ||
| 1007 | WEB-IIS Form_JScript.asp access (more info ...) | web-application-attack | 2000-1104 | 1595 | 10572 | URL |
| 1008 | WEB-IIS del attempt (more info ...) | web-application-attack | ||||
| 1009 | WEB-IIS directory listing (more info ...) | web-application-attack | 10573 | |||
| 1011 | WEB-IIS exec-src access (more info ...) | web-application-activity | ||||
| 1012 | WEB-IIS fpcount attempt (more info ...) | web-application-attack | 1999-1376 | 2252 | ||
| 1013 | WEB-IIS fpcount access (more info ...) | web-application-activity | 1999-1376 | 2252 | ||
| 1015 | WEB-IIS getdrvs.exe access (more info ...) | web-application-activity | ||||
| 1016 | WEB-IIS global.asa access (more info ...) | web-application-activity | 2000-0778 | 10991 | ||
| 1017 | WEB-IIS idc-srch attempt (more info ...) | web-application-attack | 1999-0874 | |||
| 1018 | WEB-IIS iisadmpwd attempt (more info ...) | web-application-attack | 1999-0407 | 2110 | 10371 | |
| 1019 | WEB-IIS Malformed Hit-Highlighting Argument File Access Attempt (more info ...) | web-application-attack | 2000-0097 | 950 | URL | |
| 1020 | WEB-IIS isc$data attempt (more info ...) | web-application-attack | 1999-0874 | 307 | 10116 | |
| 1021 | WEB-IIS ism.dll attempt (more info ...) | web-application-attack | 2000-0457 | 1193 | 10680 | URL |
| 1022 | WEB-IIS jet vba access (more info ...) | web-application-activity | 1999-0874 | 286 | URL | |
| 1023 | WEB-IIS msadcs.dll access (more info ...) | web-application-activity | 1999-1011 | 529 | 10357 | URL |
| 1024 | WEB-IIS newdsn.exe access (more info ...) | web-application-activity | 1999-0191 | 1818 | 10360 | |
| 1025 | WEB-IIS perl access (more info ...) | web-application-activity | ||||
| 1026 | WEB-IIS perl-browse newline attempt (more info ...) | web-application-attack | 6833 | |||
| 1027 | WEB-IIS perl-browse space attempt (more info ...) | web-application-attack | 6833 | |||
| 1028 | WEB-IIS query.asp access (more info ...) | web-application-activity | 1999-0449 | 193 | ||
| 1029 | WEB-IIS scripts-browse access (more info ...) | web-application-attack | 11032 | |||
| 1030 | WEB-IIS search97.vts access (more info ...) | web-application-activity | 162 | |||
| 1031 | WEB-IIS /SiteServer/Publishing/viewcode.asp access (more info ...) | web-application-activity | 10576 | |||
| 1032 | WEB-IIS showcode access (more info ...) | web-application-activity | 1999-0737 | 10576 | URL | |
| 1033 | WEB-IIS viewcode access (more info ...) | web-application-activity | 1999-0737 | 10576 | URL | |
| 1034 | WEB-IIS viewcode access (more info ...) | web-application-activity | 1999-0737 | 10576 | URL | |
| 1035 | WEB-IIS viewcode access (more info ...) | web-application-activity | 1999-0737 | 10576 | URL | |
| 1036 | WEB-IIS viewcode access (more info ...) | web-application-activity | 1999-0737 | 10576 | URL | |
| 1037 | WEB-IIS showcode.asp access (more info ...) | web-application-activity | 1999-0736 | 167 | 10007 | URL |
| 1038 | WEB-IIS site server config access (more info ...) | web-application-activity | 1999-1520 | 256 | ||
| 1039 | WEB-IIS srch.htm access (more info ...) | web-application-activity | ||||
| 1040 | WEB-IIS srchadm access (more info ...) | web-application-activity | 11032 | |||
| 1041 | WEB-IIS uploadn.asp access (more info ...) | web-application-activity | 1999-0360 | 1811 | ||
| 1043 | WEB-IIS viewcode.asp access (more info ...) | web-application-activity | 1999-0737 | 10576 | ||
| 1044 | WEB-IIS webhits access (more info ...) | web-application-activity | 2000-0097 | 950 | ||
| 1045 | WEB-IIS Unauthorized IP Access Attempt (more info ...) | web-application-attack | ||||
| 1046 | WEB-IIS site/iisamples access (more info ...) | web-application-activity | 10370 | |||
| 1075 | WEB-IIS postinfo.asp access (more info ...) | web-application-activity | 1999-0360 | 1811 | ||
| 1076 | WEB-IIS repost.asp access (more info ...) | web-application-activity | 10372 | |||
| 1242 | WEB-IIS ISAPI .ida access (more info ...) | web-application-activity | 2000-0071 | 1065 | ||
| 1243 | WEB-IIS ISAPI .ida attempt (more info ...) | web-application-attack | 2001-0500 | 1065 | ||
| 1244 | WEB-IIS ISAPI .idq attempt (more info ...) | web-application-attack | 2001-0500 | 968 | 10115 | |
| 1245 | WEB-IIS ISAPI .idq access (more info ...) | web-application-activity | 2000-0071 | 1065 | ||
| 1256 | WEB-IIS CodeRed v2 root.exe access (more info ...) | web-application-attack | URL | |||
| 1283 | WEB-IIS outlook web dos (more info ...) | web-application-attack | 3223 | |||
| 1285 | WEB-IIS msdac access (more info ...) | web-application-activity | 11032 | |||
| 1286 | WEB-IIS _mem_bin access (more info ...) | web-application-activity | 11032 | |||
| 1380 | WEB-IIS Form_VBScript.asp access (more info ...) | web-application-attack | 2000-1104 | 1595 | 10572 | URL |
| 1400 | WEB-IIS /scripts/samples/ access (more info ...) | web-application-attack | 10370 | |||
| 1401 | WEB-IIS /msadc/samples/ access (more info ...) | web-application-attack | 1999-0736 | 167 | 1007 | |
| 1402 | WEB-IIS iissamples access (more info ...) | web-application-attack | 11032 | |||
| 1485 | WEB-IIS mkilog.exe access (more info ...) | web-application-activity | 10359 | URL | ||
| 1486 | WEB-IIS ctss.idc access (more info ...) | web-application-activity | 10359 | |||
| 1487 | WEB-IIS /iisadmpwd/aexp2.htr access (more info ...) | web-application-activity | 2002-0421 | 4236 | 10371 | |
| 1567 | WEB-IIS /exchange/root.asp attempt (more info ...) | web-application-attack | 2001-0660 | 3301 | 10781 | URL |
| 1568 | WEB-IIS /exchange/root.asp access (more info ...) | web-application-activity | 2001-0660 | 3301 | 10781 | |
| 1595 | WEB-IIS htimage.exe access (more info ...) | web-application-activity | 2000-0256 | 964 | 10376 | |
| 1618 | WEB-IIS .asp chunked Transfer-Encoding (more info ...) | web-application-attack | 2002-0079 | 4485 | 10932 | |
| 1626 | WEB-IIS /StoreCSVS/InstantOrder.asmx request (more info ...) | web-application-activity | ||||
| 1660 | WEB-IIS trace.axd access (more info ...) | web-application-activity | 10993 | |||
| 1725 | WEB-IIS +.htr code fragment attempt (more info ...) | web-application-attack | 2000-0630 | 1488 | 10680 | URL |
| 1726 | WEB-IIS doctodep.btr access (more info ...) | web-application-activity | ||||
| 1750 | WEB-IIS users.xml access (more info ...) | web-application-activity | ||||
| 1753 | WEB-IIS as_web.exe access (more info ...) | web-application-activity | 4670 | |||
| 1754 | WEB-IIS as_web4.exe access (more info ...) | web-application-activity | 4670 | |||
| 1756 | WEB-IIS NewsPro administration authentication attempt (more info ...) | web-application-activity | 2002-1734 | 4672 | ||
| 1772 | WEB-IIS pbserver access (more info ...) | web-application-activity | 2000-1089 | URL | ||
| 1802 | WEB-IIS .asa HTTP header buffer overflow attempt (more info ...) | web-application-attack | 2002-0150 | 4476 | 10936 | URL |
| 1803 | WEB-IIS .cer HTTP header buffer overflow attempt (more info ...) | web-application-attack | 2002-0150 | 4476 | 10936 | URL |
| 1804 | WEB-IIS .cdx HTTP header buffer overflow attempt (more info ...) | web-application-attack | 2002-0150 | 4476 | 10936 | URL |
| 1806 | WEB-IIS .htr chunked Transfer-Encoding (more info ...) | web-application-attack | 2002-0364 | 5003 | 11028 | |
| 1817 | WEB-IIS MS Site Server default login attempt (more info ...) | web-application-attack | 11018 | |||
| 1818 | WEB-IIS MS Site Server admin attempt (more info ...) | web-application-attack | 11018 | |||
| 1970 | WEB-IIS MDAC Content-Type overflow attempt (more info ...) | web-application-attack | 2002-1142 | 6214 | 11161 | URL |
| 2090 | WEB-IIS WEBDAV exploit attempt (more info ...) | attempted-admin | 2003-0109 | 7716 | 11413 | URL |
| 2117 | WEB-IIS Battleaxe Forum login.asp access (more info ...) | web-application-activity | 2003-0215 | 7416 | 11548 | |
| 2129 | WEB-IIS nsiislog.dll access (more info ...) | web-application-activity | 2003-0349 | 8035 | 11664 | URL |
| 2130 | WEB-IIS IISProtect siteadmin.asp access (more info ...) | web-application-activity | 2003-0377 | 7675 | 11662 | |
| 2131 | WEB-IIS IISProtect access (more info ...) | web-application-activity | 11661 | |||
| 2132 | WEB-IIS Synchrologic Email Accelerator userid list access attempt (more info ...) | web-application-activity | 11657 | |||
| 2133 | WEB-IIS MS BizTalk server access (more info ...) | web-application-activity | 2003-0118 | 7470 | 11638 | URL |
| 2157 | WEB-IIS IISProtect globaladmin.asp access (more info ...) | web-application-activity | 11661 | |||
| 2247 | WEB-IIS UploadScript11.asp access (more info ...) | web-application-activity | 2001-0938 | 3608 | 11746 | |
| 2248 | WEB-IIS DirectoryListing.asp access (more info ...) | web-application-activity | 2001-0938 | |||
| 2249 | WEB-IIS /pcadmin/login.asp access (more info ...) | web-application-activity | 8103 | 11785 | ||
| 2321 | WEB-IIS foxweb.exe access (more info ...) | web-application-activity | 11939 | |||
| 2322 | WEB-IIS foxweb.dll access (more info ...) | web-application-activity | 11939 | |||
| 2324 | WEB-IIS VP-ASP shopsearch.asp access (more info ...) | web-application-activity | 9134 | 11942 | ||
| 2325 | WEB-IIS VP-ASP ShopDisplayProducts.asp access (more info ...) | web-application-activity | 9134 | 11942 | ||
| 2326 | WEB-IIS sgdynamo.exe access (more info ...) | web-application-activity | 2002-0375 | 4720 | 11955 | |
| 2386 | WEB-IIS NTLM ASN1 vulnerability scan attempt (more info ...) | attempted-dos | 2003-0818 | 9635 | 12065 | URL |
| 2571 | WEB-IIS SmarterTools SmarterMail frmGetAttachment.aspx access (more info ...) | web-application-activity | 9805 | |||
| 2572 | WEB-IIS SmarterTools SmarterMail login.aspx buffer overflow attempt (more info ...) | web-application-attack | 9805 | |||
| 2573 | WEB-IIS SmarterTools SmarterMail frmCompose.asp access (more info ...) | web-application-activity | 9805 | |||
| 2667 | WEB-IIS ping.asp access (more info ...) | web-application-activity | 10968 | |||
| 3087 | WEB-IIS w3who.dll buffer overflow attempt (more info ...) | attempted-admin | 2004-1134 | 11820 | ||
| 3150 | WEB-IIS SQLXML content type overflow (more info ...) | attempted-admin | 2002-0186 | 5004 | 11304 | URL |
| 3193 | WEB-IIS .cmd executable file parsing attack (more info ...) | web-application-attack | 2000-0886 | 1912 | ||
| 3194 | WEB-IIS .bat executable file parsing attack (more info ...) | web-application-attack | 2000-0886 | 1912 | ||
| 3201 | WEB-IIS httpodbc.dll access - nimda (more info ...) | web-application-activity | 2001-0333 | 2708 | ||
| 5695 | WEB-IIS web agent redirect overflow attempt (more info ...) | web-application-attack | 2005-1471 | 13524 | ||
| 7027 | WEB-IIS frontpage server extensions 2002 cross site scripting attempt (more info ...) | attempted-user | 2006-0015 | 17452 | URL | |
| 7028 | WEB-IIS frontpage server extensions 2002 cross site scripting attempt (more info ...) | attempted-user | 2006-0015 | 17452 | URL | |
| 7029 | WEB-IIS frontpage server extensions 2002 cross site scripting attempt (more info ...) | attempted-user | 2006-0015 | 17452 | URL | |
| 8349 | WEB-IIS Indexing Service ciRestriction cross-site scripting attempt (more info ...) | misc-attack | 2006-0032 | 19927 | URL | |
| 8700 | WEB-IIS ASP.NET 2.0 cross-site scripting attempt (more info ...) | attempted-user | 2006-3436 | 20337 | URL | |
| 11191 | WEB-IIS Microsoft Content Management Server memory corruption (more info ...) | attempted-user | 2007-0938 | 22861 | URL | |
| 12043 | DOS Microsoft XML parser IIS WebDAV attack attempt (more info ...) | denial-of-service | 2003-0718 | 11384 | ||
| 12064 | WEB-IIS w3svc _vti_bin null pointer dereference attempt (more info ...) | attempted-dos | 2005-4360 | 15921 | URL | |
| 12595 | WEB-IIS malicious ASP file upload attempt (more info ...) | attempted-user | 2006-0026 | 18858 | URL | |
| 13922 | WEB-IIS Microsoft IIS HTMLEncode Unicode string buffer overflow (more info ...) | web-application-attack | 2008-0075 | URL | ||
| 17648 | WEB-IIS source code disclosure attempt (more info ...) | attempted-recon | 14764 | |||
| 17705 | WEB-IIS web agent chunked encoding overflow attempt (more info ...) | web-application-attack | 2005-1471 | 13524 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 937 | WEB-FRONTPAGE _vti_rpc access (more info ...) | web-application-activity | 2001-0096 | 2144 | 10585 | |
| 939 | WEB-FRONTPAGE posting (more info ...) | web-application-activity | 2001-0096 | 2144 | 10585 | URL |
| 940 | WEB-FRONTPAGE shtml.dll access (more info ...) | web-application-activity | 2000-0746 | 1595 | 11395 | URL |
| 941 | WEB-FRONTPAGE contents.htm access (more info ...) | web-application-activity | ||||
| 942 | WEB-FRONTPAGE orders.htm access (more info ...) | web-application-activity | ||||
| 943 | WEB-FRONTPAGE fpsrvadm.exe access (more info ...) | web-application-activity | ||||
| 944 | WEB-FRONTPAGE fpremadm.exe access (more info ...) | web-application-activity | ||||
| 945 | WEB-FRONTPAGE fpadmin.htm access (more info ...) | web-application-activity | ||||
| 946 | WEB-FRONTPAGE fpadmcgi.exe access (more info ...) | web-application-activity | ||||
| 947 | WEB-FRONTPAGE orders.txt access (more info ...) | web-application-activity | ||||
| 948 | WEB-FRONTPAGE form_results access (more info ...) | web-application-activity | 1999-1052 | |||
| 949 | WEB-FRONTPAGE registrations.htm access (more info ...) | web-application-activity | ||||
| 950 | WEB-FRONTPAGE cfgwiz.exe access (more info ...) | web-application-activity | ||||
| 951 | WEB-FRONTPAGE authors.pwd access (more info ...) | web-application-activity | 1999-0386 | 989 | 10078 | |
| 952 | WEB-FRONTPAGE author.exe access (more info ...) | web-application-activity | ||||
| 953 | WEB-FRONTPAGE administrators.pwd access (more info ...) | web-application-activity | 1205 | |||
| 954 | WEB-FRONTPAGE form_results.htm access (more info ...) | web-application-activity | 1999-1052 | |||
| 955 | WEB-FRONTPAGE access.cnf access (more info ...) | web-application-activity | 2002-1717 | 4078 | 10575 | |
| 956 | WEB-FRONTPAGE register.txt access (more info ...) | web-application-activity | ||||
| 957 | WEB-FRONTPAGE registrations.txt access (more info ...) | web-application-activity | ||||
| 958 | WEB-FRONTPAGE service.cnf access (more info ...) | web-application-activity | 2002-1717 | 4078 | 10575 | |
| 959 | WEB-FRONTPAGE service.pwd (more info ...) | web-application-activity | 1205 | |||
| 960 | WEB-FRONTPAGE service.stp access (more info ...) | web-application-activity | ||||
| 961 | WEB-FRONTPAGE services.cnf access (more info ...) | web-application-activity | 2002-1717 | 4078 | 10575 | |
| 962 | WEB-FRONTPAGE shtml.exe access (more info ...) | web-application-activity | 2002-0692 | 5804 | 11311 | |
| 963 | WEB-FRONTPAGE svcacl.cnf access (more info ...) | web-application-activity | 2002-1717 | 4078 | 10575 | |
| 964 | WEB-FRONTPAGE users.pwd access (more info ...) | web-application-activity | ||||
| 965 | WEB-FRONTPAGE writeto.cnf access (more info ...) | web-application-activity | 2002-1717 | 4078 | 10575 | |
| 966 | WEB-FRONTPAGE .... request (more info ...) | web-application-attack | 2000-0153 | 989 | 10142 | |
| 967 | WEB-FRONTPAGE dvwssr.dll access (more info ...) | web-application-activity | 2000-0260 | 1109 | 10369 | URL |
| 968 | WEB-FRONTPAGE register.htm access (more info ...) | web-application-activity | ||||
| 990 | WEB-FRONTPAGE _vti_inf.html access (more info ...) | web-application-activity | 11455 | |||
| 1248 | WEB-FRONTPAGE rad fp30reg.dll access (more info ...) | web-application-activity | 2003-0822 | 2906 | 10699 | URL |
| 1249 | WEB-FRONTPAGE frontpage rad fp4areg.dll access (more info ...) | web-application-activity | 2001-0341 | 2906 | 10699 | |
| 1288 | WEB-FRONTPAGE /_vti_bin/ access (more info ...) | web-application-activity | 11032 | |||
| 6409 | WEB-FRONTPAGE frontpage server extension long host string overflow attempt (more info ...) | attempted-admin | 2003-0824 | 9008 | URL | |
| 6410 | WEB-FRONTPAGE frontpage server extension long host string overflow attempt (more info ...) | attempted-admin | 2003-0824 | 9008 | URL | |
| 6411 | WEB-FRONTPAGE frontpage server extension long host string overflow attempt (more info ...) | attempted-admin | 2003-0824 | 9008 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 5744 | SPYWARE-PUT Hijacker actualnames runtime detection - online.php request (more info ...) | misc-activity | URL | |||
| 5848 | SPYWARE-PUT Adware warez_p2p runtime detection - ip.php request (more info ...) | misc-activity | URL | |||
| 6020 | BACKDOOR dsk lite 1.0 runtime detection - php notification (more info ...) | trojan-activity | URL | |||
| 6042 | BACKDOOR fear 0.2 runtime detection - php notification (more info ...) | trojan-activity | URL | |||
| 6403 | WEB-PHP horde help module arbitrary command execution attempt (more info ...) | web-application-attack | 2006-1491 | 17292 | ||
| 7149 | SPYWARE-PUT Hacker-Tool sars notifier runtime detection - php notification (more info ...) | misc-activity | URL | |||
| 7639 | BACKDOOR air runtime detection - php notification (more info ...) | trojan-activity | URL | |||
| 9653 | BACKDOOR apofis 1.0 runtime detection - php notification (more info ...) | trojan-activity | URL | |||
| 10196 | BACKDOOR Wordpress backdoor feed.php code execution attempt (more info ...) | trojan-activity | 2007-1277 | 22797 | URL | |
| 10197 | BACKDOOR Wordpress backdoor theme.php code execution attempt (more info ...) | trojan-activity | 2007-1277 | 22797 | URL | |
| 13816 | SPECIFIC-THREATS Metasploit Framework xmlrpc.php command injection attempt (more info ...) | attempted-admin | 2005-1921 | |||
| 13817 | SPECIFIC-THREATS xmlrpc.php command injection attempt (more info ...) | attempted-admin | 2005-1921 | |||
| 13818 | SPECIFIC-THREATS alternate xmlrpc.php command injection attempt (more info ...) | attempted-admin | 2005-1921 | |||
| 14610 | WEB-PHP Joomla invalid token administrative password reset attempt (more info ...) | attempted-admin | 2008-3681 | 30667 | URL | |
| 15257 | ORACLE Secure Backup common.php variable based command injection attempt (more info ...) | attempted-admin | 2008-4006 | |||
| 15258 | ORACLE Secure Backup login.php variable based command injection attempt (more info ...) | attempted-admin | 2008-5449 | |||
| 15424 | WEB-PHP phpBB mod shoutbox sql injection attempt (more info ...) | web-application-attack | 2008-6301 | 32123 | ||
| 15425 | WEB-PHP phpBB mod tag board sql injection attempt (more info ...) | web-application-attack | 2008-6314 | 32701 | ||
| 15432 | WEB-PHP wordpress cat parameter arbitrary file execution attempt (more info ...) | web-application-attack | 2008-4769 | 28845 | ||
| 15977 | SPECIFIC-THREATS PHP strip_tags bypass vulnerability exploit attempt (more info ...) | attempted-user | 2004-0595 | 10724 | ||
| 16190 | ORACLE Oracle Secure Backup Administration server property_box.php command injection attempt (more info ...) | attempted-admin | 2009-1978 | 35678 | ||
| 16678 | WEB-PHP Tandberg VCS local file disclosure attempt (more info ...) | web-application-attack | 2009-4511 | URL | ||
| 16924 | BLACKLIST URI request for known malicious URI - /inst.php?fff= (more info ...) | trojan-activity | URL | |||
| 17597 | WEB-PHP TikiWiki jhot.php script file upload attempt (more info ...) | attempted-user | 19819 | URL | ||
| 17638 | Oracle Secure Backup Administration Server login.php Cookies Command Injection attempt (more info ...) | attempted-admin | 2008-4006 | 33177 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 824 | WEB-CGI php.cgi access (more info ...) | attempted-recon | 1999-0238 | 712 | 10178 | |
| 1085 | WEB-PHP strings overflow (more info ...) | web-application-attack | 802 | |||
| 1086 | WEB-PHP strings overflow (more info ...) | web-application-attack | 2000-0967 | 1786 | ||
| 1134 | WEB-PHP Phorum admin access (more info ...) | attempted-recon | 2271 | |||
| 1137 | WEB-PHP Phorum authentication access (more info ...) | attempted-recon | 2274 | |||
| 1161 | WEB-PHP piranha passwd.php3 access (more info ...) | attempted-recon | 2000-0322 | 1149 | ||
| 1178 | WEB-PHP Phorum read access (more info ...) | attempted-recon | ||||
| 1179 | WEB-PHP Phorum violation access (more info ...) | attempted-recon | 2272 | |||
| 1197 | WEB-PHP Phorum code access (more info ...) | attempted-recon | ||||
| 1254 | WEB-PHP PHPLIB remote command attempt (more info ...) | attempted-user | 2001-1370 | 3079 | 14910 | |
| 1255 | WEB-PHP PHPLIB remote command attempt (more info ...) | attempted-user | 2001-1370 | 3079 | ||
| 1300 | WEB-PHP admin.php file upload attempt (more info ...) | attempted-admin | 2001-1032 | 3361 | ||
| 1301 | WEB-PHP admin.php access (more info ...) | attempted-recon | 2001-1032 | 9270 | ||
| 1399 | WEB-PHP PHP-Nuke remote file include attempt (more info ...) | web-application-attack | 2002-0206 | 3889 | ||
| 1407 | WEB-PHP smssend.php access (more info ...) | web-application-activity | 2002-0220 | 3982 | ||
| 1423 | WEB-PHP content-disposition memchr overflow (more info ...) | web-application-attack | 2002-0081 | 4183 | 10867 | |
| 1490 | WEB-PHP Phorum /support/common.php attempt (more info ...) | web-application-attack | 1997 | |||
| 1491 | WEB-PHP Phorum /support/common.php access (more info ...) | web-application-attack | 9361 | |||
| 1736 | WEB-PHP squirrel mail spell-check arbitrary command attempt (more info ...) | web-application-attack | 3952 | |||
| 1737 | WEB-PHP squirrel mail theme arbitrary command attempt (more info ...) | web-application-attack | 2002-0516 | 4385 | ||
| 1739 | WEB-PHP DNSTools administrator authentication bypass attempt (more info ...) | web-application-attack | 2002-0613 | 4617 | ||
| 1740 | WEB-PHP DNSTools authentication bypass attempt (more info ...) | web-application-attack | 2002-0613 | 4617 | ||
| 1741 | WEB-PHP DNSTools access (more info ...) | web-application-activity | 2002-0613 | 4617 | ||
| 1742 | WEB-PHP Blahz-DNS dostuff.php modify user attempt (more info ...) | web-application-attack | 2002-0599 | 4618 | ||
| 1743 | WEB-PHP Blahz-DNS dostuff.php access (more info ...) | web-application-activity | 2002-0599 | 4618 | ||
| 1745 | WEB-PHP Messagerie supp_membre.php access (more info ...) | web-application-activity | 4635 | |||
| 1773 | WEB-PHP php.exe access (more info ...) | web-application-activity | URL | |||
| 1774 | WEB-PHP bb_smilies.php access (more info ...) | web-application-activity | URL | |||
| 1815 | WEB-PHP directory.php arbitrary command attempt (more info ...) | misc-attack | 2002-0434 | 4278 | 11017 | |
| 1816 | WEB-PHP directory.php access (more info ...) | misc-attack | 2002-0434 | 4278 | ||
| 1834 | WEB-PHP PHP-Wiki cross site scripting attempt (more info ...) | web-application-attack | 2002-1070 | 5254 | ||
| 1967 | WEB-PHP phpbb quick-reply.php arbitrary command attempt (more info ...) | web-application-attack | 6173 | |||
| 1968 | WEB-PHP phpbb quick-reply.php access (more info ...) | web-application-activity | 6173 | |||
| 1999 | WEB-PHP edit_image.php access (more info ...) | web-application-activity | 2001-1020 | 3288 | 11104 | |
| 2000 | WEB-PHP readmsg.php access (more info ...) | web-application-activity | 2001-1408 | 11073 | ||
| 2074 | WEB-PHP Mambo uploadimage.php upload php file attempt (more info ...) | web-application-attack | 2003-1204 | 6572 | 16315 | |
| 2075 | WEB-PHP Mambo upload.php upload php file attempt (more info ...) | web-application-attack | 2003-1204 | 6572 | 16315 | |
| 2076 | WEB-PHP Mambo uploadimage.php access (more info ...) | web-application-activity | 2003-1204 | 6572 | 16315 | |
| 2078 | WEB-PHP phpBB privmsg.php access (more info ...) | web-application-activity | 6634 | |||
| 2140 | WEB-PHP p-news.php access (more info ...) | web-application-activity | 11669 | |||
| 2141 | WEB-PHP shoutbox.php directory traversal attempt (more info ...) | web-application-attack | 11668 | |||
| 2142 | WEB-PHP shoutbox.php access (more info ...) | web-application-activity | 11668 | |||
| 2143 | WEB-PHP b2 cafelog gm-2-b2.php remote file include attempt (more info ...) | web-application-attack | 11667 | |||
| 2144 | WEB-PHP b2 cafelog gm-2-b2.php access (more info ...) | web-application-activity | 11667 | |||
| 2145 | WEB-PHP TextPortal admin.php default password admin attempt (more info ...) | web-application-activity | 7673 | 11660 | ||
| 2146 | WEB-PHP TextPortal admin.php default password 12345 attempt (more info ...) | web-application-activity | 7673 | 11660 | ||
| 2147 | WEB-PHP BLNews objects.inc.php4 remote file include attempt (more info ...) | web-application-attack | 2003-0394 | 7677 | 11647 | |
| 2148 | WEB-PHP BLNews objects.inc.php4 access (more info ...) | web-application-activity | 2003-0394 | 7677 | 11647 | |
| 2149 | WEB-PHP Turba status.php access (more info ...) | web-application-activity | 11646 | |||
| 2150 | WEB-PHP ttCMS header.php remote file include attempt (more info ...) | web-application-attack | 7625 | 11636 | ||
| 2151 | WEB-PHP ttCMS header.php access (more info ...) | web-application-activity | 7625 | 11636 | ||
| 2152 | WEB-PHP test.php access (more info ...) | web-application-activity | 11617 | |||
| 2153 | WEB-PHP autohtml.php directory traversal attempt (more info ...) | web-application-attack | 11630 | |||
| 2154 | WEB-PHP autohtml.php access (more info ...) | web-application-activity | 11630 | |||
| 2155 | WEB-PHP ttforum remote file include attempt (more info ...) | web-application-attack | 7543 | 11615 | ||
| 2226 | WEB-PHP pmachine remote file include attempt (more info ...) | web-application-attack | 7919 | 11739 | ||
| 2227 | WEB-PHP forum_details.php access (more info ...) | web-application-attack | 7933 | 11760 | ||
| 2228 | WEB-PHP phpMyAdmin db_details_importdocsql.php access (more info ...) | web-application-attack | 7965 | 11761 | ||
| 2229 | WEB-PHP viewtopic.php access (more info ...) | web-application-attack | 2003-0486 | 7979 | 11767 | |
| 2279 | WEB-PHP UpdateClasses.php access (more info ...) | web-application-activity | 9057 | |||
| 2282 | WEB-PHP GlobalFunctions.php access (more info ...) | web-application-activity | 9057 | |||
| 2283 | WEB-PHP DatabaseFunctions.php access (more info ...) | web-application-activity | 9057 | |||
| 2284 | WEB-PHP rolis guestbook remote file include attempt (more info ...) | web-application-attack | 9057 | |||
| 2285 | WEB-PHP rolis guestbook access (more info ...) | web-application-activity | 9057 | |||
| 2287 | WEB-PHP Advanced Poll admin_comment.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2288 | WEB-PHP Advanced Poll admin_edit.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2289 | WEB-PHP Advanced Poll admin_embed.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2290 | WEB-PHP Advanced Poll admin_help.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2291 | WEB-PHP Advanced Poll admin_license.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2292 | WEB-PHP Advanced Poll admin_logout.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2293 | WEB-PHP Advanced Poll admin_password.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2294 | WEB-PHP Advanced Poll admin_preview.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2295 | WEB-PHP Advanced Poll admin_settings.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2296 | WEB-PHP Advanced Poll admin_stats.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2297 | WEB-PHP Advanced Poll admin_templates_misc.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2298 | WEB-PHP Advanced Poll admin_templates.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2299 | WEB-PHP Advanced Poll admin_tpl_misc_new.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2300 | WEB-PHP Advanced Poll admin_tpl_new.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2301 | WEB-PHP Advanced Poll booth.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2302 | WEB-PHP Advanced Poll poll_ssi.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2303 | WEB-PHP Advanced Poll popup.php access (more info ...) | web-application-activity | 8890 | 11487 | ||
| 2304 | WEB-PHP files.inc.php access (more info ...) | web-application-activity | 8910 | |||
| 2305 | WEB-PHP chatbox.php access (more info ...) | web-application-activity | 8930 | |||
| 2306 | WEB-PHP gallery remote file include attempt (more info ...) | web-application-attack | 8814 | 11876 | ||
| 2307 | WEB-PHP PayPal Storefront remote file include attempt (more info ...) | web-application-attack | 8791 | 11873 | ||
| 2328 | WEB-PHP authentication_index.php access (more info ...) | web-application-activity | 2004-0032 | 11982 | ||
| 2331 | WEB-PHP MatrikzGB privilege escalation attempt (more info ...) | web-application-activity | 8430 | |||
| 2341 | WEB-PHP DCP-Portal remote file include editor script attempt (more info ...) | web-application-attack | 6525 | |||
| 2342 | WEB-PHP DCP-Portal remote file include lib script attempt (more info ...) | web-application-attack | 6525 | |||
| 2345 | WEB-PHP PhpGedView search.php access (more info ...) | web-application-activity | 2004-0032 | 9369 | ||
| 2346 | WEB-PHP myPHPNuke chatheader.php access (more info ...) | web-application-activity | 6544 | |||
| 2353 | WEB-PHP IdeaBox cord.php file include (more info ...) | web-application-activity | 7488 | |||
| 2354 | WEB-PHP IdeaBox notification.php file include (more info ...) | web-application-activity | 7488 | |||
| 2355 | WEB-PHP Invision Board emailer.php file include (more info ...) | web-application-activity | 7204 | |||
| 2356 | WEB-PHP WebChat db_mysql.php file include (more info ...) | web-application-attack | 7000 | |||
| 2357 | WEB-PHP WebChat english.php file include (more info ...) | web-application-attack | 7000 | |||
| 2358 | WEB-PHP Typo3 translations.php file include (more info ...) | web-application-attack | 6984 | |||
| 2359 | WEB-PHP Invision Board ipchat.php file include (more info ...) | web-application-attack | 6976 | |||
| 2360 | WEB-PHP myphpPagetool pt_config.inc file include (more info ...) | web-application-attack | 6744 | |||
| 2361 | WEB-PHP news.php file include (more info ...) | web-application-attack | 6674 | |||
| 2362 | WEB-PHP YaBB SE packages.php file include (more info ...) | web-application-attack | 6663 | |||
| 2363 | WEB-PHP Cyboards default_header.php access (more info ...) | web-application-activity | 6597 | |||
| 2364 | WEB-PHP Cyboards options_form.php access (more info ...) | web-application-activity | 6597 | |||
| 2365 | WEB-PHP newsPHP Language file include attempt (more info ...) | web-application-activity | 8488 | |||
| 2366 | WEB-PHP PhpGedView PGV authentication_index.php base directory manipulation attempt (more info ...) | web-application-attack | 2004-0030 | 9368 | ||
| 2367 | WEB-PHP PhpGedView PGV functions.php base directory manipulation attempt (more info ...) | web-application-attack | 2004-0030 | 9368 | ||
| 2368 | WEB-PHP PhpGedView PGV config_gedcom.php base directory manipulation attempt (more info ...) | web-application-attack | 2004-0030 | 9368 | ||
| 2372 | WEB-PHP Photopost PHP Pro showphoto.php access (more info ...) | web-application-activity | 9557 | |||
| 2393 | WEB-PHP /_admin access (more info ...) | web-application-activity | 9537 | 12032 | ||
| 2398 | WEB-PHP WAnewsletter newsletter.php file include attempt (more info ...) | web-application-attack | 6965 | |||
| 2399 | WEB-PHP WAnewsletter db_type.php access (more info ...) | web-application-activity | 6964 | |||
| 2405 | WEB-PHP phptest.php access (more info ...) | web-application-activity | 9737 | |||
| 2410 | WEB-PHP IGeneric Free Shopping Cart page.php access (more info ...) | web-application-activity | 9773 | |||
| 2566 | WEB-PHP PHPBB viewforum.php access (more info ...) | web-application-activity | 9866 | 12093 | ||
| 2575 | WEB-PHP Opt-X header.php remote file include attempt (more info ...) | web-application-attack | 9732 | |||
| 2588 | WEB-PHP TUTOS path disclosure attempt (more info ...) | web-application-activity | 10129 | URL | ||
| 2654 | WEB-PHP PHPNuke Forum viewtopic SQL insertion attempt (more info ...) | web-application-attack | 7193 | |||
| 2926 | WEB-PHP PhpGedView PGV base directory manipulation (more info ...) | web-application-attack | 9368 | |||
| 3544 | WEB-MISC TrackerCam ComGetLogFile.php3 directory traversal attempt (more info ...) | web-application-attack | 2005-0481 | 12592 | 17160 | |
| 3545 | WEB-MISC TrackerCam ComGetLogFile.php3 log information disclosure (more info ...) | web-application-activity | 2005-0481 | 12592 | 17160 | |
| 3547 | WEB-MISC TrackerCam overly long php parameter overflow attempt (more info ...) | web-application-attack | 2005-0481 | 12592 | ||
| 3690 | WEB-CGI Nucleus CMS action.php itemid SQL injection (more info ...) | web-application-activity | 2004-2056 | 10798 | 14194 | |
| 3827 | WEB-PHP xmlrpc.php post attempt (more info ...) | web-application-attack | 2005-1921 | 14088 | ||
| 4650 | WEB-MISC cacti graph_image.php access (more info ...) | web-application-activity | 14042 | |||
| 5709 | WEB-PHP file upload directory traversal (more info ...) | misc-attack | URL | |||
| 8708 | WEB-PHP Wordpress cache_lastpostdate code injection attempt (more info ...) | attempted-admin | 2005-2612 | 14533 | ||
| 8712 | WEB-PHP cacti graph_image arbitrary command execution attempt (more info ...) | web-application-attack | 2005-1524 | 14129 | ||
| 8713 | WEB-PHP cacti graph_image SQL injection attempt (more info ...) | web-application-attack | 2005-2148 | 14129 | ||
| 8714 | WEB-PHP cacti graph_image SQL injection attempt (more info ...) | web-application-attack | 2005-2148 | 14129 | ||
| 8715 | WEB-PHP cacti graph_image SQL injection attempt (more info ...) | web-application-attack | 2005-2148 | 14129 | ||
| 8716 | WEB-PHP cacti graph_image SQL injection attempt (more info ...) | web-application-attack | 2005-2148 | 14129 | ||
| 11664 | WEB-PHP sphpblog password.txt access attempt (more info ...) | attempted-user | 2005-2733 | 14667 | ||
| 11665 | WEB-PHP sphpblog install03_cgi access attempt (more info ...) | attempted-user | 2005-2733 | 14667 | ||
| 11666 | WEB-PHP sphpblog upload_img_cgi access attempt (more info ...) | attempted-user | 2005-2733 | 14667 | ||
| 11667 | WEB-PHP sphpblog arbitrary file delete attempt (more info ...) | attempted-user | 2005-2733 | 14667 | ||
| 11668 | WEB-PHP vbulletin php code injection (more info ...) | attempted-user | 2005-0511 | URL | ||
| 12221 | WEB-PHP file upload GLOBAL variable overwrite attempt (more info ...) | web-application-attack | 2005-3390 | 15250 | ||
| 12610 | WEB-PHP phpBB viewtopic double URL encoding attempt (more info ...) | web-application-attack | 2004-1315 | |||
| 16078 | SPECIFIC-THREATS PHP memory_limit vulnerability exploit attempt (more info ...) | attempted-user | 2004-0594 | 10725 | ||
| 16243 | BACKDOOR downloader-ash.gen.b runtime detection - 3264.php (more info ...) | trojan-activity | URL | |||
| 16613 | BACKDOOR c99shell.php command request - cmd (more info ...) | policy-violation | URL | |||
| 16614 | BACKDOOR c99shell.php command request - search (more info ...) | policy-violation | URL | |||
| 16615 | BACKDOOR c99shell.php command request - upload (more info ...) | policy-violation | URL | |||
| 16616 | BACKDOOR c99shell.php command request - about (more info ...) | policy-violation | URL | |||
| 16617 | BACKDOOR c99shell.php command request - encoder (more info ...) | policy-violation | URL | |||
| 16618 | BACKDOOR c99shell.php command request - bind (more info ...) | policy-violation | URL | |||
| 16619 | BACKDOOR c99shell.php command request - ps_aux (more info ...) | policy-violation | URL | |||
| 16620 | BACKDOOR c99shell.php command request - ftpquickbrute (more info ...) | policy-violation | URL | |||
| 16621 | BACKDOOR c99shell.php command request - security (more info ...) | policy-violation | URL | |||
| 16622 | BACKDOOR c99shell.php command request - sql (more info ...) | policy-violation | URL | |||
| 16623 | BACKDOOR c99shell.php command request - eval (more info ...) | policy-violation | URL | |||
| 16624 | BACKDOOR c99shell.php command request - feedback (more info ...) | policy-violation | URL | |||
| 16625 | BACKDOOR c99shell.php command request - selfremove (more info ...) | policy-violation | URL | |||
| 16626 | BACKDOOR c99shell.php command request - fsbuff (more info ...) | policy-violation | URL | |||
| 16627 | BACKDOOR c99shell.php command request - ls (more info ...) | policy-violation | URL | |||
| 16628 | BACKDOOR c99shell.php command request - phpinfo (more info ...) | policy-violation | URL | |||
| 16913 | BLACKLIST URI request for known malicious URI - count_log/log/boot.php?p= (more info ...) | trojan-activity | URL | |||
| 16923 | BLACKLIST URI request for known malicious URI - /search.php?username=coolweb07&keywords= (more info ...) | trojan-activity | URL | |||
| 16925 | BLACKLIST URI request for known malicious URI - /message.php?subid= (more info ...) | trojan-activity | URL | |||
| 16927 | BLACKLIST URI request for known malicious URI - MGWEB.php?c=TestUrl (more info ...) | trojan-activity | URL | |||
| 16929 | BLACKLIST URI request for known malicious URI - gate.php?guid= (more info ...) | trojan-activity | URL | |||
| 16931 | BLACKLIST URI request for known malicious URI - feedbigfoot.php?m= (more info ...) | trojan-activity | URL | |||
| 17898 | BLACKLIST URI request for known malicious URI - /get2.php?c=VTOXUGUI&d=26606B6739343F216560 (more info ...) | trojan-activity | URL | |||
| 17905 | BLACKLIST URI request for known malicious URI - 1de49069b6044785e9dfcd4c035cfd0c.php (more info ...) | trojan-activity | URL | |||
| 17906 | BLACKLIST URI request for known malicious URI - 2x/.*php (more info ...) | trojan-activity | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 5764 | SPYWARE-PUT Hijacker begin2search runtime detection - fcgi query (more info ...) | misc-activity | URL | |||
| 5945 | SPYWARE-PUT Adware weirdontheweb runtime detection - track.cgi request (more info ...) | misc-activity | URL | |||
| 6019 | BACKDOOR dsk lite 1.0 runtime detection - cgi notification (more info ...) | trojan-activity | URL | |||
| 6043 | BACKDOOR fear 0.2 runtime detection - cgi notification (more info ...) | trojan-activity | URL | |||
| 6059 | BACKDOOR neurotickat1.3 runtime detection - cgi notification (more info ...) | trojan-activity | URL | |||
| 7076 | BACKDOOR minimo v0.6 runtime detection - cgi notification (more info ...) | trojan-activity | ||||
| 7148 | SPYWARE-PUT Hacker-Tool sars notifier runtime detection - cgi notification (more info ...) | misc-activity | URL | |||
| 7524 | SPYWARE-PUT Hijacker moneybar runtime detection - cgispy counter (more info ...) | misc-activity | URL | |||
| 7540 | SPYWARE-PUT Hacker-Tool unify runtime detection - cgi notification (more info ...) | misc-activity | URL | |||
| 7722 | BACKDOOR prorat 1.9 cgi notification detection (more info ...) | trojan-activity | URL | |||
| 7742 | BACKDOOR nova 1.0 runtime detection - cgi notification client-to-server (more info ...) | trojan-activity | URL | |||
| 7743 | BACKDOOR nova 1.0 runtime detection - cgi notification server-to-client (more info ...) | trojan-activity | URL | |||
| 13161 | EXPLOIT HP OpenView CGI parameter buffer overflow attempt (more info ...) | attempted-user | 2008-0067 | 26741 | ||
| 13591 | WEB-CGI Trend Micro OfficeScan CGI password decryption buffer overflow attempt (more info ...) | web-application-attack | 2008-1365 | 28020 | URL | |
| 13656 | WEB-MISC Cisco Secure Access Control Server UCP Application CSuserCGI.exe buffer overflow attempt (more info ...) | attempted-admin | 2008-0532 | 28222 | URL | |
| 15264 | WEB-CGI Oracle TimesTen In-Memory Database evtdump CGI module format string exploit attempt (more info ...) | attempted-admin | 2008-5440 | 33177 | ||
| 15510 | WEB-CLIENT Trend Micro OfficeScan Server cgiRecvFile overflow attempt (more info ...) | attempted-admin | 2008-2437 | 31139 | ||
| 16079 | WEB-CGI uselang code injection (more info ...) | web-application-attack | 2005-4031 | 15703 | ||
| 16674 | WEB-MISC HP OpenView CGI parameter buffer overflow attempt (more info ...) | attempted-user | 2010-1555 | |||
| 17386 | SPECIFIC-THREATS Lighttpd mod_fastcgi Extension CGI Variable Overwriting Vulnerability attempt (more info ...) | attempted-user | 2007-4727 | 25622 | ||
| 17605 | WEB-CGI Trend Micro OfficeScan CGI password decryption buffer overflow attempt (more info ...) | web-application-attack | 2008-1365 | 28020 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 803 | WEB-CGI HyperSeek hsx.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0253 | 2314 | 10602 | |
| 804 | WEB-CGI SWSoft ASPSeek Overflow attempt (more info ...) | web-application-attack | 2001-0476 | 2492 | ||
| 805 | WEB-CGI webspeed access (more info ...) | attempted-user | 2000-0127 | 969 | 10304 | |
| 806 | WEB-CGI yabb directory traversal attempt (more info ...) | attempted-recon | 2000-0853 | 1668 | 10512 | |
| 807 | WEB-CGI /wwwboard/passwd.txt access (more info ...) | attempted-recon | 1999-0954 | 649 | 10321 | |
| 808 | WEB-CGI webdriver access (more info ...) | attempted-recon | 2166 | 10592 | ||
| 809 | WEB-CGI whois_raw.cgi arbitrary command execution attempt (more info ...) | web-application-attack | 1999-1063 | 304 | 10306 | |
| 810 | WEB-CGI whois_raw.cgi access (more info ...) | attempted-recon | 1999-1063 | 304 | 10306 | |
| 811 | WEB-CGI websitepro path access (more info ...) | attempted-recon | 2000-0066 | 932 | 10303 | |
| 812 | WEB-CGI webplus version access (more info ...) | attempted-recon | 2000-0282 | 1102 | ||
| 813 | WEB-CGI webplus directory traversal (more info ...) | web-application-attack | 2000-0282 | 1102 | 10367 | |
| 815 | WEB-CGI websendmail access (more info ...) | attempted-recon | 1999-0196 | 2077 | 10301 | |
| 817 | WEB-CGI dcboard.cgi invalid user addition attempt (more info ...) | web-application-attack | 2001-0527 | 2728 | 10583 | |
| 818 | WEB-CGI dcforum.cgi access (more info ...) | attempted-recon | 2001-0527 | 2728 | 10583 | |
| 819 | WEB-CGI mmstdod.cgi access (more info ...) | attempted-recon | 2001-0021 | 2063 | 10566 | |
| 820 | WEB-CGI anaconda directory transversal attempt (more info ...) | web-application-attack | 2001-0308 | 2388 | 10536 | |
| 821 | WEB-CGI imagemap.exe overflow attempt (more info ...) | web-application-attack | 1999-0951 | 739 | 10122 | |
| 823 | WEB-CGI cvsweb.cgi access (more info ...) | attempted-recon | 2000-0670 | 1469 | 10465 | |
| 825 | WEB-CGI glimpse access (more info ...) | attempted-recon | 1999-0147 | 2026 | 10095 | |
| 826 | WEB-CGI htmlscript access (more info ...) | attempted-recon | 1999-0264 | 2001 | 10106 | |
| 827 | WEB-CGI info2www access (more info ...) | attempted-recon | 1999-0266 | 1995 | 10127 | |
| 828 | WEB-CGI maillist.pl access (more info ...) | attempted-recon | ||||
| 829 | WEB-CGI nph-test-cgi access (more info ...) | attempted-recon | 1999-0045 | 686 | 10165 | |
| 832 | WEB-CGI perl.exe access (more info ...) | attempted-recon | 1999-0509 | 10173 | URL | |
| 833 | WEB-CGI rguest.exe access (more info ...) | attempted-recon | 1999-0287 | 2024 | ||
| 834 | WEB-CGI rwwwshell.pl access (more info ...) | attempted-recon | URL | |||
| 835 | WEB-CGI test-cgi access (more info ...) | attempted-recon | 1999-0070 | 2003 | 10282 | |
| 836 | WEB-CGI textcounter.pl access (more info ...) | attempted-recon | 1999-1479 | 2265 | 11451 | |
| 837 | WEB-CGI uploader.exe access (more info ...) | attempted-recon | 2000-0769 | 1611 | 10291 | |
| 838 | WEB-CGI webgais access (more info ...) | attempted-recon | 1999-0176 | 2058 | 10300 | |
| 839 | WEB-CGI finger access (more info ...) | attempted-recon | 1999-0612 | 10071 | ||
| 840 | WEB-CGI perlshop.cgi access (more info ...) | attempted-recon | 1999-1374 | |||
| 842 | WEB-CGI aglimpse access (more info ...) | attempted-recon | 1999-0147 | 2026 | 10095 | |
| 843 | WEB-CGI anform2 access (more info ...) | attempted-recon | 1999-0066 | 719 | ||
| 844 | WEB-CGI args.bat access (more info ...) | attempted-recon | 1999-1180 | 11465 | ||
| 845 | WEB-CGI AT-admin.cgi access (more info ...) | attempted-recon | 1999-1072 | |||
| 846 | WEB-CGI bnbform.cgi access (more info ...) | attempted-recon | 1999-0937 | 2147 | ||
| 847 | WEB-CGI campas access (more info ...) | attempted-recon | 1999-0146 | 1975 | 10035 | |
| 848 | WEB-CGI view-source directory traversal (more info ...) | web-application-attack | 1999-0174 | 8883 | ||
| 849 | WEB-CGI view-source access (more info ...) | attempted-recon | 1999-0174 | 8883 | ||
| 850 | WEB-CGI wais.pl access (more info ...) | attempted-recon | ||||
| 851 | WEB-CGI files.pl access (more info ...) | attempted-recon | 1999-1081 | |||
| 852 | WEB-CGI wguest.exe access (more info ...) | attempted-recon | 1999-0467 | 2024 | ||
| 854 | WEB-CGI classifieds.cgi access (more info ...) | attempted-recon | 1999-0934 | 2020 | ||
| 856 | WEB-CGI environ.cgi access (more info ...) | attempted-recon | ||||
| 857 | WEB-CGI faxsurvey access (more info ...) | web-application-activity | 1999-0262 | 2056 | 10067 | |
| 858 | WEB-CGI filemail access (more info ...) | attempted-recon | 1999-1154 | |||
| 859 | WEB-CGI man.sh access (more info ...) | attempted-recon | 1999-1179 | 2276 | ||
| 860 | WEB-CGI snork.bat access (more info ...) | attempted-recon | 1999-0233 | 2023 | ||
| 861 | WEB-CGI w3-msql access (more info ...) | attempted-recon | 2000-0012 | 898 | 10296 | |
| 863 | WEB-CGI day5datacopier.cgi access (more info ...) | attempted-recon | 1999-1232 | |||
| 864 | WEB-CGI day5datanotifier.cgi access (more info ...) | attempted-recon | 1999-1232 | |||
| 865 | WEB-CGI ksh access (more info ...) | attempted-recon | 1999-0509 | URL | ||
| 866 | WEB-CGI post-query access (more info ...) | attempted-recon | 2001-0291 | 6752 | ||
| 867 | WEB-CGI visadmin.exe access (more info ...) | attempted-recon | 1999-0970 | 1808 | 10295 | |
| 868 | WEB-CGI rsh access (more info ...) | attempted-recon | 1999-0509 | URL | ||
| 869 | WEB-CGI dumpenv.pl access (more info ...) | attempted-recon | 1999-1178 | 10060 | ||
| 870 | WEB-CGI snorkerz.cmd access (more info ...) | attempted-recon | ||||
| 871 | WEB-CGI survey.cgi access (more info ...) | attempted-recon | 1999-0936 | 1817 | ||
| 872 | WEB-CGI tcsh access (more info ...) | attempted-recon | 1999-0509 | URL | ||
| 875 | WEB-CGI win-c-sample.exe access (more info ...) | attempted-recon | 1999-0178 | 2078 | 10008 | |
| 877 | WEB-CGI rksh access (more info ...) | attempted-recon | 1999-0509 | URL | ||
| 878 | WEB-CGI w3tvars.pm access (more info ...) | attempted-recon | ||||
| 879 | WEB-CGI admin.pl access (more info ...) | attempted-recon | 2002-1748 | 3839 | URL | |
| 880 | WEB-CGI LWGate access (more info ...) | attempted-recon | URL | |||
| 881 | WEB-CGI archie access (more info ...) | attempted-recon | ||||
| 883 | WEB-CGI flexform access (more info ...) | attempted-recon | URL | |||
| 887 | WEB-CGI www-sql access (more info ...) | attempted-recon | URL | |||
| 888 | WEB-CGI wwwadmin.pl access (more info ...) | attempted-recon | ||||
| 889 | WEB-CGI ppdscgi.exe access (more info ...) | attempted-recon | 491 | 10187 | URL | |
| 890 | WEB-CGI sendform.cgi access (more info ...) | attempted-recon | 2002-0710 | 5286 | URL | |
| 892 | WEB-CGI AnyForm2 access (more info ...) | attempted-recon | 1999-0066 | 719 | 10277 | |
| 894 | WEB-CGI bb-hist.sh access (more info ...) | attempted-recon | 1999-1462 | 142 | 10025 | |
| 896 | WEB-CGI way-board access (more info ...) | web-application-activity | 2001-0214 | 2370 | 10610 | |
| 897 | WEB-CGI pals-cgi access (more info ...) | attempted-recon | 2001-0217 | 2372 | 10611 | |
| 898 | WEB-CGI commerce.cgi access (more info ...) | attempted-recon | 2001-0210 | 2361 | 10612 | |
| 899 | WEB-CGI Amaya templates sendtemp.pl directory traversal attempt (more info ...) | web-application-attack | 2001-0272 | 2504 | 10614 | |
| 900 | WEB-CGI webspirs.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0211 | 2362 | 10616 | |
| 901 | WEB-CGI webspirs.cgi access (more info ...) | attempted-recon | 2001-0211 | 2362 | 10616 | |
| 902 | WEB-CGI tstisapi.dll access (more info ...) | attempted-recon | 2001-0302 | 2381 | ||
| 1051 | WEB-CGI technote main.cgi file directory traversal attempt (more info ...) | web-application-attack | 2001-0075 | 2156 | 10584 | |
| 1052 | WEB-CGI technote print.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0075 | 2156 | 10584 | |
| 1053 | WEB-CGI ads.cgi command execution attempt (more info ...) | web-application-attack | 2001-0025 | 2103 | 11464 | |
| 1088 | WEB-CGI eXtropia webstore directory traversal (more info ...) | web-application-attack | 2000-1005 | 1774 | 10532 | |
| 1089 | WEB-CGI shopping cart directory traversal (more info ...) | web-application-attack | 2000-0921 | 1777 | ||
| 1090 | WEB-CGI Allaire Pro Web Shell attempt (more info ...) | web-application-attack | ||||
| 1092 | WEB-CGI Armada Style Master Index directory traversal (more info ...) | web-application-attack | 2000-0924 | 1772 | 10562 | URL |
| 1093 | WEB-CGI cached_feed.cgi moreover shopping cart directory traversal (more info ...) | web-application-attack | 2000-0906 | 1762 | ||
| 1097 | WEB-CGI Talentsoft Web+ exploit attempt (more info ...) | web-application-attack | 1725 | |||
| 1106 | WEB-CGI Poll-it access (more info ...) | web-application-activity | 2000-0590 | 1431 | 10459 | |
| 1149 | WEB-CGI count.cgi access (more info ...) | web-application-activity | 1999-0021 | 128 | 10049 | |
| 1163 | WEB-CGI webdist.cgi access (more info ...) | web-application-activity | 1999-0039 | 374 | 10299 | |
| 1172 | WEB-CGI bigconf.cgi access (more info ...) | web-application-activity | 1999-1550 | 778 | 10027 | |
| 1174 | WEB-CGI /cgi-bin/jj access (more info ...) | web-application-activity | 1999-0260 | 2002 | 10131 | |
| 1185 | WEB-CGI bizdbsearch attempt (more info ...) | web-application-attack | 2000-0287 | 1104 | 10383 | |
| 1194 | WEB-CGI sojourn.cgi File attempt (more info ...) | web-application-attack | 2000-0180 | 1052 | 10349 | |
| 1195 | WEB-CGI sojourn.cgi access (more info ...) | web-application-activity | 2000-0180 | 1052 | 10349 | |
| 1196 | WEB-CGI SGI InfoSearch fname attempt (more info ...) | web-application-attack | 2000-0207 | 1031 | 10128 | |
| 1204 | WEB-CGI ax-admin.cgi access (more info ...) | web-application-activity | ||||
| 1205 | WEB-CGI axs.cgi access (more info ...) | web-application-activity | ||||
| 1206 | WEB-CGI cachemgr.cgi access (more info ...) | web-application-activity | 1999-0710 | 2059 | 10034 | |
| 1208 | WEB-CGI responder.cgi access (more info ...) | web-application-activity | 3155 | |||
| 1211 | WEB-CGI web-map.cgi access (more info ...) | web-application-activity | ||||
| 1215 | WEB-CGI ministats admin access (more info ...) | web-application-activity | ||||
| 1219 | WEB-CGI dfire.cgi access (more info ...) | web-application-activity | 1999-0913 | 564 | ||
| 1221 | WEB-MISC Muscat Empower cgi access (more info ...) | web-application-activity | 2001-0224 | 2374 | 10609 | |
| 1222 | WEB-CGI pals-cgi arbitrary file access attempt (more info ...) | web-application-attack | 2001-0217 | 2372 | 10611 | |
| 1304 | WEB-CGI txt2html.cgi access (more info ...) | web-application-activity | ||||
| 1305 | WEB-CGI txt2html.cgi directory traversal attempt (more info ...) | web-application-attack | ||||
| 1306 | WEB-CGI store.cgi product directory traversal attempt (more info ...) | web-application-attack | 2001-0305 | 2385 | ||
| 1307 | WEB-CGI store.cgi access (more info ...) | web-application-activity | 2001-0305 | 2385 | 10639 | |
| 1308 | WEB-CGI sendmessage.cgi access (more info ...) | attempted-recon | 2001-1100 | 3673 | ||
| 1309 | WEB-CGI zsh access (more info ...) | attempted-recon | 1999-0509 | URL | ||
| 1392 | WEB-CGI lastlines.cgi access (more info ...) | attempted-recon | 2001-1206 | 3755 | ||
| 1395 | WEB-CGI zml.cgi attempt (more info ...) | web-application-activity | 2001-1209 | 3759 | 10830 | |
| 1396 | WEB-CGI zml.cgi access (more info ...) | web-application-activity | 2001-1209 | 3759 | 10830 | |
| 1397 | WEB-CGI wayboard attempt (more info ...) | web-application-attack | 2001-0214 | 2370 | 10610 | |
| 1405 | WEB-CGI AHG search.cgi access (more info ...) | web-application-activity | 3985 | |||
| 1406 | WEB-CGI agora.cgi access (more info ...) | web-application-activity | 2002-0215 | 3976 | 10836 | |
| 1410 | WEB-CGI dcboard.cgi access (more info ...) | attempted-recon | 2001-0527 | 2728 | 10583 | |
| 1451 | WEB-CGI NPH-maillist access (more info ...) | attempted-recon | 2001-0400 | 2563 | 10164 | |
| 1452 | WEB-CGI args.cmd access (more info ...) | attempted-recon | 1999-1180 | 11465 | ||
| 1453 | WEB-CGI AT-generated.cgi access (more info ...) | attempted-recon | 1999-1072 | |||
| 1454 | WEB-CGI wwwwais access (more info ...) | attempted-recon | 2001-0223 | 10597 | ||
| 1455 | WEB-CGI calendar.pl access (more info ...) | attempted-recon | 2000-0432 | 1215 | ||
| 1456 | WEB-CGI calender_admin.pl access (more info ...) | attempted-recon | 2000-0432 | 10506 | ||
| 1457 | WEB-CGI user_update_admin.pl access (more info ...) | attempted-recon | 2000-0627 | 1486 | ||
| 1458 | WEB-CGI user_update_passwd.pl access (more info ...) | attempted-recon | 2000-0627 | 1486 | ||
| 1459 | WEB-CGI bb-histlog.sh access (more info ...) | attempted-recon | 1999-1462 | 142 | 10025 | |
| 1460 | WEB-CGI bb-histsvc.sh access (more info ...) | attempted-recon | 1999-1462 | 142 | ||
| 1461 | WEB-CGI bb-rep.sh access (more info ...) | attempted-recon | 1999-1462 | 142 | ||
| 1462 | WEB-CGI bb-replog.sh access (more info ...) | attempted-recon | 1999-1462 | 142 | ||
| 1465 | WEB-CGI auktion.cgi access (more info ...) | web-application-activity | 2001-0212 | 2367 | 10638 | |
| 1466 | WEB-CGI cgiforum.pl access (more info ...) | web-application-activity | 2000-1171 | 1963 | 10552 | |
| 1467 | WEB-CGI directorypro.cgi access (more info ...) | web-application-activity | 2001-0780 | 2793 | 10679 | |
| 1468 | WEB-CGI Web Shopper shopper.cgi attempt (more info ...) | web-application-attack | 2000-0922 | 1776 | 10533 | |
| 1469 | WEB-CGI Web Shopper shopper.cgi access (more info ...) | attempted-recon | 2000-0922 | 1776 | ||
| 1470 | WEB-CGI listrec.pl access (more info ...) | attempted-recon | 2001-0997 | 3328 | 10769 | |
| 1471 | WEB-CGI mailnews.cgi access (more info ...) | attempted-recon | 2001-0271 | 2391 | 10641 | |
| 1472 | WEB-CGI book.cgi access (more info ...) | web-application-activity | 2001-1114 | 3178 | 10721 | |
| 1473 | WEB-CGI newsdesk.cgi access (more info ...) | attempted-recon | 2001-0232 | 2172 | 10586 | |
| 1474 | WEB-CGI cal_make.pl access (more info ...) | web-application-activity | 2001-0463 | 2663 | 10664 | |
| 1475 | WEB-CGI mailit.pl access (more info ...) | attempted-recon | 10417 | |||
| 1476 | WEB-CGI sdbsearch.cgi access (more info ...) | attempted-recon | 2001-1130 | 1658 | 10720 | |
| 1478 | WEB-CGI swc access (more info ...) | attempted-recon | 10493 | |||
| 1479 | WEB-CGI ttawebtop.cgi arbitrary file attempt (more info ...) | web-application-attack | 2001-0805 | 2890 | 10696 | |
| 1480 | WEB-CGI ttawebtop.cgi access (more info ...) | attempted-recon | 2001-0805 | 2890 | 10696 | |
| 1481 | WEB-CGI upload.cgi access (more info ...) | attempted-recon | 10290 | |||
| 1482 | WEB-CGI view_source access (more info ...) | attempted-recon | 1999-0174 | 2251 | 10294 | |
| 1483 | WEB-CGI ustorekeeper.pl access (more info ...) | web-application-activity | 2001-0466 | 10645 | ||
| 1488 | WEB-CGI store.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0305 | 2385 | 10639 | |
| 1494 | WEB-CGI SIX webboard generate.cgi attempt (more info ...) | web-application-attack | 2001-1115 | 3175 | 10725 | |
| 1495 | WEB-CGI SIX webboard generate.cgi access (more info ...) | web-application-activity | 2001-1115 | 3175 | 10725 | |
| 1496 | WEB-CGI spin_client.cgi access (more info ...) | web-application-activity | 10393 | |||
| 1501 | WEB-CGI a1stats a1disp3.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0561 | 2705 | 10669 | |
| 1502 | WEB-CGI a1stats a1disp3.cgi access (more info ...) | web-application-activity | 2001-0561 | 2705 | 10669 | |
| 1503 | WEB-CGI admentor admin.asp access (more info ...) | web-application-activity | 2002-0308 | 4152 | 10880 | URL |
| 1505 | WEB-CGI alchemy http server PRN arbitrary command execution attempt (more info ...) | web-application-activity | 2001-0871 | 3599 | 10818 | |
| 1506 | WEB-CGI alchemy http server NUL arbitrary command execution attempt (more info ...) | web-application-activity | 2001-0871 | 3599 | 10818 | |
| 1507 | WEB-CGI alibaba.pl arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0885 | 770 | 10013 | |
| 1508 | WEB-CGI alibaba.pl access (more info ...) | web-application-activity | 1999-0885 | 770 | 10013 | |
| 1509 | WEB-CGI AltaVista Intranet Search directory traversal attempt (more info ...) | web-application-attack | 2000-0039 | 896 | 10015 | |
| 1510 | WEB-CGI test.bat arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0947 | 762 | 10016 | |
| 1511 | WEB-CGI test.bat access (more info ...) | web-application-activity | 1999-0947 | 762 | 10016 | |
| 1512 | WEB-CGI input.bat arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0947 | 762 | 10016 | |
| 1513 | WEB-CGI input.bat access (more info ...) | web-application-activity | 1999-0947 | 762 | 10016 | |
| 1514 | WEB-CGI input2.bat arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0947 | 762 | 10016 | |
| 1515 | WEB-CGI input2.bat access (more info ...) | web-application-activity | 1999-0947 | 762 | 10016 | |
| 1516 | WEB-CGI envout.bat arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0947 | 762 | 10016 | |
| 1517 | WEB-CGI envout.bat access (more info ...) | web-application-activity | 1999-0947 | 762 | 10016 | |
| 1531 | WEB-CGI bb-hist.sh attempt (more info ...) | web-application-attack | 1999-1462 | 142 | 10025 | |
| 1532 | WEB-CGI bb-hostscv.sh attempt (more info ...) | web-application-attack | 2000-0638 | 1455 | 10460 | |
| 1533 | WEB-CGI bb-hostscv.sh access (more info ...) | web-application-activity | 2000-0638 | 1455 | 10460 | |
| 1534 | WEB-CGI agora.cgi attempt (more info ...) | web-application-attack | 2002-0215 | 3976 | 10836 | |
| 1535 | WEB-CGI bizdbsearch access (more info ...) | web-application-activity | 2000-0287 | 1104 | 10383 | |
| 1536 | WEB-CGI calendar_admin.pl arbitrary command execution attempt (more info ...) | web-application-attack | 2000-0432 | 1215 | 10506 | |
| 1537 | WEB-CGI calendar_admin.pl access (more info ...) | web-application-activity | 2000-0432 | 1215 | 10506 | |
| 1539 | WEB-CGI /cgi-bin/ls access (more info ...) | web-application-activity | 2000-0079 | 936 | 10037 | |
| 1542 | WEB-CGI cgimail access (more info ...) | web-application-activity | 2000-0726 | 1623 | 11721 | |
| 1543 | WEB-CGI cgiwrap access (more info ...) | web-application-activity | 2001-0987 | 777 | 10041 | |
| 1547 | WEB-CGI csSearch.cgi arbitrary command execution attempt (more info ...) | web-application-attack | 2002-0495 | 4368 | 10924 | |
| 1548 | WEB-CGI csSearch.cgi access (more info ...) | web-application-activity | 2002-0495 | 4368 | 10924 | |
| 1554 | WEB-CGI dbman db.cgi access (more info ...) | web-application-activity | 2000-0381 | 1178 | 10403 | |
| 1555 | WEB-CGI DCShop access (more info ...) | web-application-activity | 2001-0821 | 2889 | ||
| 1556 | WEB-CGI DCShop orders.txt access (more info ...) | web-application-activity | 2001-0821 | 2889 | ||
| 1557 | WEB-CGI DCShop auth_user_file.txt access (more info ...) | web-application-activity | 2001-0821 | 2889 | ||
| 1565 | WEB-CGI eshop.pl arbitrary command execution attempt (more info ...) | web-application-attack | 2001-1014 | 3340 | ||
| 1566 | WEB-CGI eshop.pl access (more info ...) | web-application-activity | 2001-1014 | 3340 | ||
| 1569 | WEB-CGI loadpage.cgi directory traversal attempt (more info ...) | web-application-attack | 2000-1092 | 2109 | 10065 | |
| 1570 | WEB-CGI loadpage.cgi access (more info ...) | web-application-activity | 2000-1092 | 2109 | 10065 | |
| 1571 | WEB-CGI dcforum.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0437 | 2611 | 10583 | |
| 1572 | WEB-CGI commerce.cgi arbitrary file access attempt (more info ...) | attempted-recon | 2001-0210 | 2361 | 10612 | |
| 1573 | WEB-CGI cgiforum.pl attempt (more info ...) | web-application-attack | 2000-1171 | 1963 | 10552 | |
| 1574 | WEB-CGI directorypro.cgi attempt (more info ...) | web-application-attack | 2001-0780 | 2793 | 10679 | |
| 1587 | WEB-MISC cgitest.exe access (more info ...) | web-application-activity | 2002-0128 | 3885 | 11131 | |
| 1590 | WEB-CGI faqmanager.cgi arbitrary file access attempt (more info ...) | web-application-attack | 3810 | 10837 | ||
| 1591 | WEB-CGI faqmanager.cgi access (more info ...) | web-application-activity | 3810 | 10837 | ||
| 1592 | WEB-CGI /fcgi-bin/echo.exe access (more info ...) | web-application-activity | 10838 | |||
| 1593 | WEB-CGI FormHandler.cgi external site redirection attempt (more info ...) | web-application-attack | 1999-1050 | 799 | 10075 | |
| 1594 | WEB-CGI FormHandler.cgi access (more info ...) | web-application-activity | 1999-1050 | 799 | 10075 | |
| 1597 | WEB-CGI guestbook.cgi access (more info ...) | web-application-activity | 1999-0237 | 10098 | ||
| 1598 | WEB-CGI Home Free search.cgi directory traversal attempt (more info ...) | web-application-attack | 2000-0054 | 921 | 10101 | |
| 1599 | WEB-CGI search.cgi access (more info ...) | web-application-activity | 2000-0054 | 921 | ||
| 1600 | WEB-CGI htsearch arbitrary configuration file attempt (more info ...) | web-application-attack | 2001-0834 | 3410 | ||
| 1601 | WEB-CGI htsearch arbitrary file read attempt (more info ...) | web-application-attack | 2000-0208 | 1026 | 10105 | |
| 1602 | WEB-CGI htsearch access (more info ...) | web-application-activity | 2000-0208 | 1026 | 10105 | |
| 1606 | WEB-CGI icat access (more info ...) | web-application-activity | 1999-1069 | |||
| 1607 | WEB-CGI HyperSeek hsx.cgi access (more info ...) | web-application-activity | 2001-0253 | 2314 | 10602 | |
| 1608 | WEB-CGI htmlscript attempt (more info ...) | web-application-attack | 1999-0264 | 2001 | 10106 | |
| 1611 | WEB-CGI eXtropia webstore access (more info ...) | web-application-activity | 2000-1005 | 1774 | 10532 | |
| 1617 | WEB-CGI Bugzilla doeditvotes.cgi access (more info ...) | web-application-activity | 2002-0011 | 3800 | ||
| 1628 | WEB-CGI FormHandler.cgi directory traversal attempt attempt (more info ...) | web-application-attack | 1999-1050 | 799 | 10075 | |
| 1637 | WEB-CGI yabb access (more info ...) | attempted-recon | 2000-0853 | 1668 | 10512 | |
| 1642 | WEB-CGI document.d2w access (more info ...) | web-application-activity | 2000-1110 | 2017 | ||
| 1643 | WEB-CGI db2www access (more info ...) | web-application-activity | 2000-0677 | |||
| 1644 | WEB-CGI test-cgi attempt (more info ...) | web-application-attack | 1999-0070 | 2003 | 10282 | |
| 1645 | WEB-CGI testcgi access (more info ...) | web-application-activity | 7214 | 11610 | ||
| 1646 | WEB-CGI test.cgi access (more info ...) | web-application-activity | ||||
| 1648 | WEB-CGI perl.exe command attempt (more info ...) | attempted-recon | 1999-0509 | 10173 | URL | |
| 1649 | WEB-CGI perl command attempt (more info ...) | attempted-recon | 1999-0509 | 10173 | URL | |
| 1650 | WEB-CGI tst.bat access (more info ...) | web-application-activity | 1999-0885 | 770 | 10014 | |
| 1651 | WEB-CGI environ.pl access (more info ...) | web-application-activity | ||||
| 1652 | WEB-CGI campas attempt (more info ...) | web-application-attack | 1999-0146 | 1975 | 10035 | |
| 1654 | WEB-CGI cart32.exe access (more info ...) | web-application-activity | 1153 | 10389 | ||
| 1655 | WEB-CGI pfdispaly.cgi arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0270 | 10174 | ||
| 1656 | WEB-CGI pfdispaly.cgi access (more info ...) | web-application-activity | 1999-0270 | 64 | 10174 | |
| 1657 | WEB-CGI pagelog.cgi directory traversal attempt (more info ...) | web-application-activity | 2000-0940 | 1864 | 10591 | |
| 1658 | WEB-CGI pagelog.cgi access (more info ...) | web-application-activity | 2000-0940 | 1864 | 10591 | |
| 1666 | ATTACK-RESPONSES index of /cgi-bin/ response (more info ...) | bad-unknown | 10039 | |||
| 1668 | WEB-CGI /cgi-bin/ access (more info ...) | web-application-attack | ||||
| 1669 | WEB-CGI /cgi-dos/ access (more info ...) | web-application-attack | ||||
| 1700 | WEB-CGI imagemap.exe access (more info ...) | web-application-activity | 1999-0951 | 739 | 10122 | |
| 1701 | WEB-CGI calendar-admin.pl access (more info ...) | web-application-activity | 2000-0432 | 1215 | 10506 | |
| 1702 | WEB-CGI Amaya templates sendtemp.pl access (more info ...) | web-application-activity | 2001-0272 | 2504 | ||
| 1703 | WEB-CGI auktion.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0212 | 2367 | 10638 | |
| 1704 | WEB-CGI cal_make.pl directory traversal attempt (more info ...) | web-application-attack | 2001-0463 | 2663 | 10664 | |
| 1705 | WEB-CGI echo.bat arbitrary command execution attempt (more info ...) | web-application-attack | 2000-0213 | 1002 | 10246 | |
| 1706 | WEB-CGI echo.bat access (more info ...) | web-application-activity | 2000-0213 | 1002 | 10246 | |
| 1707 | WEB-CGI hello.bat arbitrary command execution attempt (more info ...) | web-application-attack | 2000-0213 | 1002 | 10246 | |
| 1708 | WEB-CGI hello.bat access (more info ...) | web-application-activity | 2000-0213 | 1002 | 10246 | |
| 1709 | WEB-CGI ad.cgi access (more info ...) | web-application-activity | 2001-0025 | 2103 | 11464 | |
| 1710 | WEB-CGI bbs_forum.cgi access (more info ...) | web-application-activity | 2001-0123 | 2177 | URL | |
| 1711 | WEB-CGI bsguest.cgi access (more info ...) | web-application-activity | 2001-0099 | 2159 | ||
| 1712 | WEB-CGI bslist.cgi access (more info ...) | web-application-activity | 2001-0100 | 2160 | ||
| 1713 | WEB-CGI cgforum.cgi access (more info ...) | web-application-activity | 2000-1132 | 1951 | ||
| 1714 | WEB-CGI newdesk access (more info ...) | web-application-activity | ||||
| 1715 | WEB-CGI register.cgi access (more info ...) | web-application-activity | 2001-0076 | 2157 | ||
| 1716 | WEB-CGI gbook.cgi access (more info ...) | web-application-activity | 2000-1131 | 1940 | ||
| 1717 | WEB-CGI simplestguest.cgi access (more info ...) | web-application-activity | 2001-0022 | 2106 | ||
| 1718 | WEB-CGI statsconfig.pl access (more info ...) | web-application-activity | 2001-0113 | 2211 | ||
| 1719 | WEB-CGI talkback.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0420 | 2547 | ||
| 1720 | WEB-CGI talkback.cgi access (more info ...) | web-application-activity | 2001-0420 | 2547 | ||
| 1722 | WEB-CGI MachineInfo access (more info ...) | web-application-activity | 1999-1067 | |||
| 1723 | WEB-CGI emumail.cgi NULL attempt (more info ...) | web-application-activity | 2002-1526 | 5824 | ||
| 1724 | WEB-CGI emumail.cgi access (more info ...) | web-application-activity | 2002-1526 | 5824 | ||
| 1727 | WEB-CGI SGI InfoSearch fname access (more info ...) | web-application-activity | 2000-0207 | 1031 | ||
| 1730 | WEB-CGI ustorekeeper.pl directory traversal attempt (more info ...) | web-application-attack | 2001-0466 | 2536 | 10645 | |
| 1731 | WEB-CGI a1stats access (more info ...) | web-application-activity | 2001-0561 | 2705 | 10669 | |
| 1762 | WEB-CGI phf arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0067 | 629 | ||
| 1763 | WEB-CGI Nortel Contivity cgiproc DOS attempt (more info ...) | web-application-attack | 2000-0064 | 938 | 10160 | |
| 1764 | WEB-CGI Nortel Contivity cgiproc DOS attempt (more info ...) | web-application-attack | 2000-0064 | 938 | 10160 | |
| 1765 | WEB-CGI Nortel Contivity cgiproc access (more info ...) | web-application-activity | 2000-0064 | 938 | 10160 | |
| 1787 | WEB-CGI csPassword.cgi access (more info ...) | web-application-activity | 2002-0918 | 4889 | ||
| 1788 | WEB-CGI csPassword password.cgi.tmp access (more info ...) | web-application-activity | 2002-0920 | 4889 | ||
| 1805 | WEB-CGI Oracle reports CGI access (more info ...) | web-application-activity | 2002-0947 | 4848 | ||
| 1822 | WEB-CGI alienform.cgi directory traversal attempt (more info ...) | web-application-attack | 2002-0934 | 4983 | 11027 | |
| 1823 | WEB-CGI AlienForm af.cgi directory traversal attempt (more info ...) | web-application-attack | 2002-0934 | 4983 | 11027 | |
| 1824 | WEB-CGI alienform.cgi access (more info ...) | web-application-activity | 2002-0934 | 4983 | 11027 | |
| 1825 | WEB-CGI AlienForm af.cgi access (more info ...) | web-application-activity | 2002-0934 | 4983 | 11027 | |
| 1850 | WEB-CGI way-board.cgi access (more info ...) | web-application-activity | 10610 | |||
| 1862 | WEB-CGI mrtg.cgi directory traversal attempt (more info ...) | web-application-attack | 2002-0232 | 4017 | 11001 | |
| 1865 | WEB-CGI webdist.cgi arbitrary command attempt (more info ...) | web-application-attack | 1999-0039 | 374 | 10299 | |
| 1868 | WEB-CGI story.pl arbitrary file read attempt (more info ...) | default-login-attempt | 2001-0804 | 3028 | 10817 | |
| 1869 | WEB-CGI story.pl access (more info ...) | default-login-attempt | 2001-0804 | 3028 | 10817 | |
| 1870 | WEB-CGI siteUserMod.cgi access (more info ...) | web-application-activity | 2000-0117 | 951 | 10253 | |
| 1875 | WEB-CGI cgicso access (more info ...) | web-application-activity | 2002-1652 | 6141 | 10780 | |
| 1876 | WEB-CGI nph-publish.cgi access (more info ...) | web-application-activity | 1999-1177 | 10164 | ||
| 1877 | WEB-CGI printenv access (more info ...) | web-application-activity | 2000-0868 | 1658 | 10503 | |
| 1878 | WEB-CGI sdbsearch.cgi access (more info ...) | web-application-activity | 2000-0868 | 1658 | 10503 | |
| 1879 | WEB-CGI book.cgi arbitrary command execution attempt (more info ...) | web-application-attack | 2001-1114 | 3178 | 10721 | |
| 1931 | WEB-CGI rpc-nlog.pl access (more info ...) | web-application-activity | 1999-1278 | URL | ||
| 1932 | WEB-CGI rpc-smb.pl access (more info ...) | web-application-activity | 1999-1278 | |||
| 1933 | WEB-CGI cart.cgi access (more info ...) | web-application-activity | 2000-0252 | 1115 | 10368 | |
| 1994 | WEB-CGI vpasswd.cgi access (more info ...) | web-application-activity | 6038 | 11165 | ||
| 1995 | WEB-CGI alya.cgi access (more info ...) | web-application-activity | 11118 | |||
| 1996 | WEB-CGI viralator.cgi access (more info ...) | web-application-activity | 2001-0849 | 3495 | 11107 | |
| 2001 | WEB-CGI smartsearch.cgi access (more info ...) | web-application-activity | 7133 | |||
| 2051 | WEB-CGI cached_feed.cgi moreover shopping cart access (more info ...) | web-application-activity | 2000-0906 | 1762 | ||
| 2052 | WEB-CGI overflow.cgi access (more info ...) | web-application-activity | 2002-1361 | 6326 | 11190 | URL |
| 2053 | WEB-CGI process_bug.cgi access (more info ...) | web-application-activity | 2002-0008 | 3272 | ||
| 2054 | WEB-CGI enter_bug.cgi arbitrary command attempt (more info ...) | web-application-attack | 2002-0008 | 3272 | ||
| 2055 | WEB-CGI enter_bug.cgi access (more info ...) | web-application-activity | 2002-0008 | 3272 | ||
| 2085 | WEB-CGI parse_xml.cgi access (more info ...) | web-application-activity | 2003-0054 | 6960 | ||
| 2086 | WEB-CGI streaming server parse_xml.cgi access (more info ...) | web-application-activity | 2003-0054 | 6960 | 11278 | |
| 2115 | WEB-CGI album.pl access (more info ...) | web-application-activity | 7444 | 11581 | ||
| 2116 | WEB-CGI chipcfg.cgi access (more info ...) | web-application-activity | 2001-1341 | 2767 | URL | |
| 2127 | WEB-CGI ikonboard.cgi access (more info ...) | web-application-activity | 7361 | 11605 | ||
| 2128 | WEB-CGI swsrv.cgi access (more info ...) | web-application-activity | 2003-0217 | 7510 | 11608 | |
| 2194 | WEB-CGI CSMailto.cgi access (more info ...) | web-application-activity | 2002-0749 | 6265 | 11748 | |
| 2195 | WEB-CGI alert.cgi access (more info ...) | web-application-activity | 2002-0346 | 4579 | 11748 | |
| 2196 | WEB-CGI catgy.cgi access (more info ...) | web-application-activity | 2001-1212 | 4579 | 11748 | |
| 2197 | WEB-CGI cvsview2.cgi access (more info ...) | web-application-activity | 2003-0153 | 5517 | 11748 | |
| 2198 | WEB-CGI cvslog.cgi access (more info ...) | web-application-activity | 2003-0153 | 5517 | 11748 | |
| 2199 | WEB-CGI multidiff.cgi access (more info ...) | web-application-activity | 2003-0153 | 5517 | 11748 | |
| 2200 | WEB-CGI dnewsweb.cgi access (more info ...) | web-application-activity | 2000-0423 | 4579 | 11748 | |
| 2202 | WEB-CGI edit_action.cgi access (more info ...) | web-application-activity | 2001-1196 | 4579 | 11748 | |
| 2203 | WEB-CGI everythingform.cgi access (more info ...) | web-application-activity | 2001-0023 | 4579 | 11748 | |
| 2204 | WEB-CGI ezadmin.cgi access (more info ...) | web-application-activity | 2002-0263 | 4579 | 11748 | |
| 2205 | WEB-CGI ezboard.cgi access (more info ...) | web-application-activity | 2002-0263 | 4579 | 11748 | |
| 2206 | WEB-CGI ezman.cgi access (more info ...) | web-application-activity | 2002-0263 | 4579 | 11748 | |
| 2207 | WEB-CGI fileseek.cgi access (more info ...) | web-application-activity | 2002-0611 | 6784 | 11748 | |
| 2208 | WEB-CGI fom.cgi access (more info ...) | web-application-activity | 2002-0230 | 4579 | 11748 | |
| 2209 | WEB-CGI getdoc.cgi access (more info ...) | web-application-activity | 2000-0288 | 4579 | 11748 | |
| 2210 | WEB-CGI global.cgi access (more info ...) | web-application-activity | 2000-0952 | 4579 | 11748 | |
| 2211 | WEB-CGI guestserver.cgi access (more info ...) | web-application-activity | 2001-0180 | 4579 | 11748 | |
| 2212 | WEB-CGI imageFolio.cgi access (more info ...) | web-application-activity | 2002-1334 | 6265 | 11748 | |
| 2213 | WEB-CGI mailfile.cgi access (more info ...) | web-application-activity | 2000-0977 | 4579 | 11748 | |
| 2214 | WEB-CGI mailview.cgi access (more info ...) | web-application-activity | 2000-0526 | 4579 | 11748 | |
| 2215 | WEB-CGI nsManager.cgi access (more info ...) | web-application-activity | 2000-1023 | 4579 | 11748 | |
| 2216 | WEB-CGI readmail.cgi access (more info ...) | web-application-activity | 2001-1283 | 4579 | 11748 | |
| 2217 | WEB-CGI printmail.cgi access (more info ...) | web-application-activity | 2001-1283 | 4579 | 11748 | |
| 2218 | WEB-CGI service.cgi access (more info ...) | web-application-activity | 2002-0346 | 4579 | 11748 | |
| 2219 | WEB-CGI setpasswd.cgi access (more info ...) | web-application-activity | 2001-0133 | 4579 | 11748 | |
| 2220 | WEB-CGI simplestmail.cgi access (more info ...) | web-application-activity | 2001-0022 | 4579 | 11748 | |
| 2221 | WEB-CGI ws_mail.cgi access (more info ...) | web-application-activity | 2001-1343 | 4579 | 11748 | |
| 2222 | WEB-CGI nph-exploitscanget.cgi access (more info ...) | web-application-activity | 2003-0434 | 7913 | 11740 | |
| 2223 | WEB-CGI csNews.cgi access (more info ...) | web-application-activity | 2002-0923 | 4994 | 11726 | |
| 2224 | WEB-CGI psunami.cgi access (more info ...) | web-application-activity | 6607 | 11750 | ||
| 2225 | WEB-CGI gozila.cgi access (more info ...) | web-application-activity | 2002-1236 | 6086 | 11773 | |
| 2237 | WEB-MISC cgiWebupdate.exe access (more info ...) | web-application-activity | 2001-1150 | 3216 | 11722 | |
| 2242 | WEB-MISC ddicgi.exe access (more info ...) | web-application-activity | 2000-0826 | 1657 | 11728 | |
| 2243 | WEB-MISC ndcgi.exe access (more info ...) | web-application-activity | 2001-0922 | 3583 | 11730 | |
| 2277 | WEB-MISC PeopleSoft PeopleBooks psdoccgi access (more info ...) | web-application-activity | 2003-0627 | 9038 | ||
| 2323 | WEB-CGI quickstore.cgi access (more info ...) | web-application-activity | 9282 | 11975 | ||
| 2387 | WEB-CGI view_broadcast.cgi access (more info ...) | web-application-activity | 2003-0422 | 8257 | ||
| 2388 | WEB-CGI streaming server view_broadcast.cgi access (more info ...) | web-application-activity | 2003-0422 | 8257 | ||
| 2396 | WEB-CGI CCBill whereami.cgi arbitrary command execution attempt (more info ...) | web-application-attack | 8095 | URL | ||
| 2397 | WEB-CGI CCBill whereami.cgi access (more info ...) | web-application-activity | 8095 | URL | ||
| 2433 | WEB-CGI MDaemon form2raw.cgi overflow attempt (more info ...) | web-application-attack | 2003-1200 | 9317 | URL | |
| 2434 | WEB-CGI MDaemon form2raw.cgi access (more info ...) | web-application-activity | 2003-1200 | 9317 | URL | |
| 2567 | WEB-CGI Emumail init.emu access (more info ...) | web-application-activity | 9861 | 12095 | ||
| 2568 | WEB-CGI Emumail emumail.fcgi access (more info ...) | web-application-activity | 9861 | 12095 | ||
| 2663 | WEB-CGI WhatsUpGold instancename overflow attempt (more info ...) | web-application-attack | 2004-0798 | 11043 | ||
| 2668 | WEB-CGI processit access (more info ...) | web-application-activity | 10649 | |||
| 2669 | WEB-CGI ibillpm.pl access (more info ...) | web-application-activity | 2001-0839 | 3476 | 11083 | |
| 2670 | WEB-CGI pgpmail.pl access (more info ...) | web-application-activity | 2001-0937 | 3605 | 11070 | |
| 3062 | WEB-CGI NetScreen SA 5000 delhomepage.cgi access (more info ...) | web-application-activity | 2004-0347 | 9791 | ||
| 3131 | WEB-CGI mailman directory traversal attempt (more info ...) | web-application-attack | 2005-0202 | |||
| 3463 | WEB-CGI awstats access (more info ...) | web-application-activity | 12572 | 16456 | ||
| 3464 | WEB-CGI awstats.pl command execution attempt (more info ...) | web-application-attack | 12572 | 16456 | ||
| 3465 | WEB-CGI RiSearch show.pl proxy attempt (more info ...) | web-application-activity | 10812 | |||
| 3468 | WEB-CGI math_sum.mscgi access (more info ...) | web-application-activity | 10831 | 14182 | ||
| 3469 | WEB-CGI Ipswitch WhatsUp Gold dos attempt (more info ...) | attempted-dos | 2004-0799 | 11110 | URL | |
| 3638 | WEB-CGI SoftCart.exe CGI buffer overflow attempt (more info ...) | web-application-attack | 2004-2221 | 10926 | ||
| 3674 | WEB-CGI db4web_c directory traversal attempt (more info ...) | web-application-attack | 2002-1483 | 5723 | 11182 | |
| 3813 | WEB-CGI awstats.pl configdir command execution attempt (more info ...) | attempted-user | 2005-0116 | 12298 | 16189 | |
| 4128 | WEB-CGI 4DWebstar ShellExample.cgi information disclosure (more info ...) | attempted-recon | 10721 | URL | ||
| 8084 | WEB-CGI CVSTrac filediff function access (more info ...) | web-application-activity | 2004-1456 | 10878 | 14238 | URL |
| 10999 | WEB-CGI chetcpasswd access (more info ...) | web-application-activity | 2006-6679 | 6472 | ||
| 11817 | WEB-CGI WhatsUpGold configuration access (more info ...) | web-application-activity | 2004-0798 | 11043 | ||
| 12056 | WEB-CGI WhatsUpGold instancename overflow attempt (more info ...) | web-application-attack | 2004-0798 | 11043 | ||
| 12057 | WEB-CGI WhatsUpGold configuration access (more info ...) | web-application-activity | 2004-0798 | 11043 | ||
| 12255 | WEB-CGI CSGuestbook setup attempt (more info ...) | web-application-activity | 2002-1750 | 4448 | ||
| 15908 | WEB-MISC Trend Micro OfficeScan multiple CGI modules HTTP form processing buffer overflow attempt (more info ...) | attempted-admin | 2008-3862 | |||
| 16922 | BLACKLIST URI request for known malicious URI - /cgi-bin/rd.cgi?f=/vercfg.dat?AgentID= (more info ...) | trojan-activity | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 7165 | SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 1 (more info ...) | successful-recon-limited | URL | |||
| 7166 | SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 2 (more info ...) | successful-recon-limited | URL | |||
| 7167 | SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 3 (more info ...) | successful-recon-limited | URL | |||
| 7168 | SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 4 (more info ...) | successful-recon-limited | URL | |||
| 7169 | SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange (more info ...) | successful-recon-limited | URL | |||
| 11222 | SMTP Exchange MODPROPS denial of service attempt (more info ...) | attempted-dos | 2007-0039 | 23808 | URL | |
| 12619 | EXPLOIT Microsoft Exchange ical/vcal malformed property (more info ...) | attempted-admin | 2006-0027 | 17908 | URL | |
| 15301 | SMTP Exchange compressed RTF remote code execution attempt (more info ...) | attempted-admin | 2009-0098 | URL | ||
| 15302 | DOS Microsoft Exchange System Attendant denial of service attempt (more info ...) | attempted-dos | 2009-0099 | URL | ||
| 15329 | SMTP Microsoft Exchange MODPROPS memory corruption attempt (more info ...) | attempted-admin | 2006-0027 | 17908 | URL | |
| 15964 | SPECIFIC-THREATS Microsoft Exchange OWA XSS and spoofing attempt (more info ...) | misc-attack | 2004-0203 | 10902 | ||
| 17481 | SPECIFIC-THREATS Microsoft Exchange and Outlook TNEF Decoding Integer Overflow attempt (more info ...) | attempted-admin | 2006-0002 | 16197 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 658 | SMTP exchange mime DOS (more info ...) | attempted-dos | 2000-1006 | 1869 | 10558 | URL |
| 3815 | SMTP eXchange POP3 mail server overflow attempt (more info ...) | misc-attack | 2004-1945 | 10180 | ||
| 10010 | EXPLOIT Putty Server key exchange buffer overflow attempt (more info ...) | attempted-user | 2002-1359 | 6407 | URL | |
| 14742 | SPECIFIC-THREATS Exchange MODPROPS denial of service PoC attempt (more info ...) | attempted-dos | 2007-0039 | 23808 | URL | |
| 16108 | BACKDOOR trojan downloader exchanger.gen2 runtime detection (more info ...) | trojan-activity | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 655 | SMTP sendmail 8.6.9 exploit (more info ...) | attempted-admin | 1999-0204 | 2311 | ||
| 662 | SMTP sendmail 5.5.5 exploit (more info ...) | attempted-admin | 1999-0203 | 10258 | ||
| 665 | SMTP sendmail 5.6.5 exploit (more info ...) | attempted-user | 1999-0203 | 2308 | ||
| 667 | SMTP sendmail 8.6.10 exploit (more info ...) | attempted-user | 1999-0204 | 2311 | ||
| 668 | SMTP sendmail 8.6.10 exploit (more info ...) | attempted-user | 1999-0204 | 2311 | ||
| 669 | SMTP sendmail 8.6.9 exploit (more info ...) | attempted-user | 1999-0204 | 2311 | ||
| 670 | SMTP sendmail 8.6.9 exploit (more info ...) | attempted-user | 1999-0204 | 2311 | ||
| 671 | SMTP sendmail 8.6.9c exploit (more info ...) | attempted-user | 1999-0204 | 2311 | ||
| 1526 | WEB-MISC basilix sendmail.inc access (more info ...) | web-application-activity | 2001-1044 | 2198 | 10601 | |
| 2261 | SMTP SEND FROM sendmail prescan too many addresses overflow (more info ...) | attempted-admin | 2002-1337 | 6991 | 11316 | |
| 2262 | SMTP SEND FROM sendmail prescan too long addresses overflow (more info ...) | misc-attack | 2003-0161 | 7230 | 11499 | |
| 2263 | SMTP SAML FROM sendmail prescan too many addresses overflow (more info ...) | attempted-admin | 2002-1337 | 6991 | ||
| 2264 | SMTP SAML FROM sendmail prescan too long addresses overflow (more info ...) | misc-attack | 2003-0161 | 7230 | 11499 | |
| 2265 | SMTP SOML FROM sendmail prescan too many addresses overflow (more info ...) | attempted-admin | 2002-1337 | 6991 | ||
| 2266 | SMTP SOML FROM sendmail prescan too long addresses overflow (more info ...) | misc-attack | 2003-0161 | 7230 | 11499 | |
| 2267 | SMTP MAIL FROM sendmail prescan too many addresses overflow (more info ...) | attempted-admin | 2002-1337 | 6991 | ||
| 2268 | SMTP MAIL FROM sendmail prescan too long addresses overflow (more info ...) | attempted-admin | 2003-0161 | 7230 | 11499 | |
| 2269 | SMTP RCPT TO sendmail prescan too many addresses overflow (more info ...) | attempted-admin | 2002-1337 | 6991 | ||
| 2270 | SMTP RCPT TO sendmail prescan too long addresses overflow (more info ...) | attempted-admin | 2003-0694 | 7230 | 11499 | |
| 15936 | SPECIFIC-THREATS Sendmail identd command parsing vulnerability (more info ...) | attempted-admin | 1999-0204 | 2311 | ||
| 16057 | SPECIFIC-THREATS sendmail smtp timeout buffer overflow attempt (more info ...) | attempted-admin | 2006-0058 | 17192 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 2535 | POP3 SSLv3 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 2536 | POP3 SSLv3 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 3499 | POP3 SSLv2 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 3500 | POP3 SSLv2 Client_Hello with pad request (more info ...) | protocol-command-decode | ||||
| 3501 | POP3 TLSv1 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 3502 | POP3 TLSv1 Client_Hello via SSLv2 handshake request (more info ...) | protocol-command-decode | ||||
| 3503 | POP3 SSLv2 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 3504 | POP3 TLSv1 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 16594 | POP3 STAT command (more info ...) | protocol-command-decode | ||||
| 16799 | POP3 Eureka Mail 2.2q server error response overflow attempt (more info ...) | misc-attack | 2009-3837 | URL | ||
| 17331 | POP3 Lotus Notes HTML Speed Reader Long URL buffer overflow attempt (more info ...) | attempted-user | 2005-2618 | 16576 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 286 | POP3 EXPLOIT x86 BSD overflow (more info ...) | attempted-admin | 1999-0006 | 133 | 10196 | |
| 287 | POP3 EXPLOIT x86 BSD overflow (more info ...) | attempted-admin | ||||
| 288 | POP3 EXPLOIT x86 Linux overflow (more info ...) | attempted-admin | ||||
| 289 | POP3 EXPLOIT x86 SCO overflow (more info ...) | attempted-admin | 1999-0006 | 156 | ||
| 290 | POP3 EXPLOIT qpopper overflow (more info ...) | attempted-admin | 1999-0822 | 830 | 10184 | |
| 1634 | POP3 PASS overflow attempt (more info ...) | attempted-admin | 2006-6605 | 791 | 10325 | |
| 1635 | POP3 APOP overflow attempt (more info ...) | attempted-admin | 2000-0841 | 1652 | 10559 | |
| 1866 | POP3 USER overflow attempt (more info ...) | attempted-admin | 2006-4364 | 789 | 10311 | |
| 1936 | POP3 AUTH overflow attempt (more info ...) | attempted-admin | 1999-0822 | 830 | 10184 | |
| 1937 | POP3 LIST overflow attempt (more info ...) | attempted-admin | 2000-0096 | 948 | 10197 | |
| 1938 | POP3 XTND overflow attempt (more info ...) | attempted-admin | ||||
| 2108 | POP3 CAPA overflow attempt (more info ...) | attempted-admin | ||||
| 2109 | POP3 TOP overflow attempt (more info ...) | attempted-admin | ||||
| 2110 | POP3 STAT overflow attempt (more info ...) | attempted-admin | ||||
| 2111 | POP3 DELE overflow attempt (more info ...) | attempted-admin | ||||
| 2112 | POP3 RSET overflow attempt (more info ...) | attempted-admin | ||||
| 2121 | POP3 DELE negative argument attempt (more info ...) | misc-attack | 2002-1539 | 7445 | 11570 | |
| 2122 | POP3 UIDL negative argument attempt (more info ...) | misc-attack | 2002-1539 | 6053 | 11570 | |
| 2250 | POP3 USER format string attempt (more info ...) | attempted-admin | 2003-0391 | 7667 | 11742 | |
| 2274 | POP3 login brute force attempt (more info ...) | suspicious-login | ||||
| 2409 | POP3 APOP USER overflow attempt (more info ...) | attempted-admin | 9794 | |||
| 2502 | POP3 SSLv3 invalid data version attempt (more info ...) | attempted-dos | 2004-0120 | 10115 | 12204 | URL |
| 2518 | POP3 PCT Client_Hello overflow attempt (more info ...) | attempted-admin | 2003-0719 | 10116 | 12205 | URL |
| 2537 | POP3 SSLv3 invalid Client_Hello attempt (more info ...) | attempted-dos | 2004-0120 | 12204 | URL | |
| 2666 | POP3 PASS format string attempt (more info ...) | attempted-admin | 10976 | |||
| 8429 | POP3 SSLv2 openssl get shared ciphers overflow attempt (more info ...) | attempted-admin | 2007-5135 | 22083 | URL | |
| 8430 | POP3 SSLv3 openssl get shared ciphers overflow attempt (more info ...) | attempted-admin | 2007-5135 | 25831 | URL | |
| 8431 | POP3 SSLv2 openssl get shared ciphers overflow attempt (more info ...) | attempted-admin | 2007-5135 | 22083 | URL | |
| 16595 | POP3 Windows Mail remote code execution attempt (more info ...) | attempted-user | 2010-0816 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1844 | IMAP authenticate overflow attempt (more info ...) | misc-attack | 1999-0042 | 130 | 10292 | |
| 1930 | IMAP auth literal overflow attempt (more info ...) | misc-attack | 2006-6424 | 21724 | ||
| 2330 | IMAP auth overflow attempt (more info ...) | misc-attack | 2003-1177 | 8861 | 11910 | |
| 2529 | IMAP SSLv3 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 2530 | IMAP SSLv3 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 2665 | IMAP login literal format string attempt (more info ...) | attempted-admin | 2007-0221 | 10976 | URL | |
| 3067 | IMAP examine literal overflow attempt (more info ...) | misc-attack | 2004-1211 | 11775 | 15867 | |
| 3068 | IMAP examine overflow attempt (more info ...) | misc-attack | 2005-3155 | 15006 | 15867 | |
| 3069 | IMAP fetch literal overflow attempt (more info ...) | misc-attack | 2004-1211 | 11775 | 15867 | |
| 3073 | IMAP SUBSCRIBE literal overflow attempt (more info ...) | attempted-admin | 2007-3510 | 26219 | 15867 | |
| 3074 | IMAP SUBSCRIBE overflow attempt (more info ...) | attempted-admin | 2007-3510 | 26219 | 15867 | |
| 3487 | IMAP SSLv2 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 3488 | IMAP SSLv2 Client_Hello with pad request (more info ...) | protocol-command-decode | ||||
| 3489 | IMAP TLSv1 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 3490 | IMAP TLSv1 Client_Hello via SSLv2 handshake request (more info ...) | protocol-command-decode | ||||
| 3491 | IMAP SSLv2 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 3492 | IMAP TLSv1 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 10011 | IMAP Novell NetMail APPEND command buffer overflow attempt (more info ...) | misc-attack | 2006-6425 | 21723 | ||
| 11004 | IMAP CRAM-MD5 authentication method buffer overflow (more info ...) | attempted-admin | 2007-1675 | 23172 | ||
| 12114 | IMAP Ipswitch IMail search command buffer overflow attempt (more info ...) | attempted-admin | 2007-3925 | 24962 | URL | |
| 12115 | IMAP Ipswitch IMail search command buffer overflow attempt (more info ...) | attempted-admin | 2007-3925 | 24962 | URL | |
| 12212 | IMAP Ipswitch IMail literal search date command buffer overflow attempt (more info ...) | attempted-admin | 2007-3925 | 24962 | URL | |
| 12213 | IMAP Ipswitch IMail search date command buffer overflow attempt (more info ...) | attempted-admin | 2007-3925 | 24962 | URL | |
| 13663 | IMAP Alt-N MDaemon IMAP Server FETCH command buffer overflow attempt (more info ...) | attempted-admin | 2008-1358 | 28245 | URL | |
| 15484 | IMAP CRAM-MD5 authentication method buffer overflow (more info ...) | attempted-admin | 2007-1675 | 23172 | ||
| 16779 | WEB-ACTIVEX EasyMail IMAP4 ActiveX clsid access (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 16780 | WEB-ACTIVEX EasyMail IMAP4 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 16781 | WEB-ACTIVEX EasyMail IMAP4 ActiveX function call access (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 16782 | WEB-ACTIVEX EasyMail IMAP4 ActiveX function call unicode access (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 17239 | IMAP Alt-N MDaemon IMAP server CREATE command buffer overflow attempt (more info ...) | attempted-dos | 14315 | |||
| 17240 | IMAP Alt-N MDaemon IMAP server literal CREATE command buffer overflow attempt (more info ...) | attempted-dos | 14315 | |||
| 17327 | IMAP Qualcomm WorldMail Server Response (more info ...) | protocol-command-decode | ||||
| 17328 | IMAP Qualcomm WorldMail IMAP Literal Token Parsing Buffer Overflow (more info ...) | attempted-admin | 2005-4267 | 15980 | ||
| 17503 | IMAP MailEnable IMAP Service Invalid Command Buffer Overlow LOGIN (more info ...) | attempted-admin | 21252 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1755 | IMAP partial body buffer overflow attempt (more info ...) | misc-attack | 2002-0379 | 4713 | 10966 | |
| 1842 | IMAP login buffer overflow attempt (more info ...) | attempted-user | 2007-2795 | 502 | 10125 | |
| 1845 | IMAP list literal overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 1902 | IMAP lsub literal overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 1903 | IMAP rename overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 1904 | IMAP find overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 1993 | IMAP login literal buffer overflow attempt (more info ...) | misc-attack | 2006-6424 | 6298 | 12532 | |
| 2046 | IMAP partial body.peek buffer overflow attempt (more info ...) | misc-attack | 2002-0379 | 4713 | 10966 | |
| 2105 | IMAP authenticate literal overflow attempt (more info ...) | misc-attack | 2006-6424 | 21724 | 10292 | |
| 2106 | IMAP lsub overflow attempt (more info ...) | misc-attack | 2005-3155 | 15006 | 10374 | |
| 2107 | IMAP create buffer overflow attempt (more info ...) | misc-attack | 7446 | |||
| 2118 | IMAP list overflow attempt (more info ...) | misc-attack | 2005-3155 | 15006 | 10374 | |
| 2119 | IMAP rename literal overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 2120 | IMAP create literal buffer overflow attempt (more info ...) | misc-attack | 7446 | |||
| 2273 | IMAP login brute force attempt (more info ...) | suspicious-login | ||||
| 2497 | IMAP SSLv3 invalid data version attempt (more info ...) | attempted-dos | 2004-0120 | 10115 | 12204 | URL |
| 2531 | IMAP SSLv3 invalid Client_Hello attempt (more info ...) | attempted-dos | 2004-0120 | 12204 | URL | |
| 2664 | IMAP login format string attempt (more info ...) | attempted-admin | 10976 | |||
| 3007 | IMAP delete overflow attempt (more info ...) | misc-attack | 2005-3155 | 15006 | 15771 | |
| 3008 | IMAP delete literal overflow attempt (more info ...) | misc-attack | 2004-1520 | 11675 | 15771 | |
| 3058 | IMAP copy literal overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 3066 | IMAP append overflow attempt (more info ...) | misc-attack | 2006-6425 | 21729 | 15867 | |
| 3070 | IMAP fetch overflow attempt (more info ...) | misc-attack | 2004-1211 | 11775 | 15867 | |
| 3071 | IMAP status literal overflow attempt (more info ...) | misc-attack | 2004-1211 | 15491 | 15867 | |
| 3072 | IMAP status overflow attempt (more info ...) | misc-attack | 2005-3314 | 15491 | 15867 | |
| 3075 | IMAP unsubscribe literal overflow attempt (more info ...) | misc-attack | 2004-1211 | 11775 | 15867 | |
| 3076 | IMAP UNSUBSCRIBE overflow attempt (more info ...) | attempted-admin | 2005-3189 | 15488 | 15867 | |
| 4645 | IMAP search format string attempt (more info ...) | attempted-admin | 10976 | |||
| 4646 | IMAP search literal format string attempt (more info ...) | attempted-admin | 10976 | |||
| 5696 | IMAP delete directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5697 | IMAP examine directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5698 | IMAP list directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5699 | IMAP lsub directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5700 | IMAP rename directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5701 | IMAP status directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5702 | IMAP SUBSCRIBE directory traversal attempt (more info ...) | attempted-admin | 2007-3510 | 26219 | 15867 | |
| 5703 | IMAP unsubscribe directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5704 | IMAP SELECT overflow attempt (more info ...) | misc-attack | 2006-1255 | 15006 | ||
| 5705 | IMAP CAPABILITY overflow attempt (more info ...) | misc-attack | 2005-3155 | 15006 | ||
| 8438 | IMAP SSLv2 openssl get shared ciphers overflow attempt (more info ...) | attempted-admin | 2007-5135 | 22083 | URL | |
| 8439 | IMAP SSLv3 openssl get shared ciphers overflow attempt (more info ...) | attempted-admin | 2007-5135 | 25831 | URL | |
| 12392 | IMAP GNU Mailutils request tag format string vulnerability (more info ...) | attempted-admin | 2005-1523 | 13764 | ||
| 13921 | IMAP Altrium Software MERCUR IMAPD NTLMSSP command handling memory corruption attempt (more info ...) | attempted-admin | 2007-1578 | 23058 | URL | |
| 17369 | IMAP MailEnable Service APPEND Command Handling Buffer Overflow (more info ...) | attempted-admin | 2007-0494 | 22792 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 654 | SMTP RCPT TO overflow (more info ...) | attempted-admin | 2009-0410 | 9696 | ||
| 1549 | SMTP HELO overflow attempt (more info ...) | attempted-admin | 2000-0042 | 895 | 11674 | |
| 2183 | SMTP Content-Transfer-Encoding overflow attempt (more info ...) | attempted-admin | 2003-0161 | URL | ||
| 2253 | SMTP XEXCH50 overflow attempt (more info ...) | attempted-admin | 2003-0714 | 8838 | 11889 | URL |
| 2259 | SMTP EXPN overflow attempt (more info ...) | attempted-admin | 2003-0161 | 7230 | ||
| 2260 | SMTP VRFY overflow attempt (more info ...) | attempted-admin | 2003-0161 | 7230 | ||
| 2527 | SMTP STARTTLS attempt (more info ...) | protocol-command-decode | ||||
| 2542 | SMTP SSLv3 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 2543 | SMTP SSLv3 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 3461 | SMTP Content-Type overflow attempt (more info ...) | attempted-admin | 2003-0113 | 7419 | URL | |
| 3462 | SMTP Content-Encoding overflow attempt (more info ...) | attempted-admin | 2003-0113 | 7419 | URL | |
| 3493 | SMTP SSLv2 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 3494 | SMTP SSLv2 Client_Hello with pad request (more info ...) | protocol-command-decode | ||||
| 3495 | SMTP TLSv1 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 3496 | SMTP TLSv1 Client_Hello via SSLv2 handshake request (more info ...) | protocol-command-decode | ||||
| 3497 | SMTP SSLv2 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 3498 | SMTP TLSv1 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 5685 | SMTP TLSv1 Client_Hello via SSLv2 handshake request (more info ...) | protocol-command-decode | ||||
| 5686 | SMTP TLSv1 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 5687 | SMTP SSLv2 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 5688 | SMTP SSLv2 Client_Hello with pad request (more info ...) | protocol-command-decode | ||||
| 5689 | SMTP TLSv1 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 5690 | SMTP SSLv3 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 5691 | SMTP SSLv2 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 5790 | SPYWARE-PUT Keylogger pc actmon pro runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 5880 | SPYWARE-PUT Keylogger spyagent runtime detect - smtp delivery (more info ...) | successful-recon-limited | URL | |||
| 6125 | BACKDOOR dkangel runtime detection - smtp (more info ...) | trojan-activity | URL | |||
| 6126 | BACKDOOR dkangel runtime detection - smtp (more info ...) | trojan-activity | URL | |||
| 6207 | SPYWARE-PUT Keylogger winsession runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 6301 | BACKDOOR cia 1.3 runtime detection - smtp notification (more info ...) | trojan-activity | URL | |||
| 6397 | BACKDOOR http rat runtime detection - smtp (more info ...) | trojan-activity | URL | |||
| 6477 | SPYWARE-PUT Hacker-Tool beee runtime detection - smtp (more info ...) | misc-activity | URL | |||
| 7184 | SPYWARE-PUT Keylogger 007 spy software runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 7505 | SPYWARE-PUT Keylogger actualspy runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 7551 | SPYWARE-PUT Keylogger ardamax keylogger runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 8544 | SPYWARE-PUT Keylogger nicespy runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 8704 | SMTP YPOPS Banner (more info ...) | not-suspicious | ||||
| 9326 | SPECIFIC-THREATS netsky.p smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9327 | SPECIFIC-THREATS netsky.af smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9328 | SPECIFIC-THREATS zhangpo smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9329 | SPECIFIC-THREATS yarner.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9330 | SPECIFIC-THREATS mydoom.e smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9331 | SPECIFIC-THREATS mydoom.m smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9332 | SPECIFIC-THREATS mimail.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9333 | SPECIFIC-THREATS mimail.e smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9334 | SPECIFIC-THREATS lovgate.c smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9335 | SPECIFIC-THREATS netsky.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9336 | SPECIFIC-THREATS netsky.t smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9337 | SPECIFIC-THREATS netsky.x smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9338 | SPECIFIC-THREATS mydoom.i smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9342 | SPECIFIC-THREATS paroc.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9343 | SPECIFIC-THREATS kadra smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9344 | SPECIFIC-THREATS kindal smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9345 | SPECIFIC-THREATS kipis.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9348 | SPECIFIC-THREATS morbex smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9349 | SPECIFIC-THREATS plemood smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9350 | SPECIFIC-THREATS mimail.k smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9352 | SPECIFIC-THREATS lovgate.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9358 | SPECIFIC-THREATS fizzer smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9359 | SPECIFIC-THREATS zafi.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9360 | SPECIFIC-THREATS cult.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9361 | SPECIFIC-THREATS mimail.l smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9362 | SPECIFIC-THREATS mimail.m smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9365 | SPECIFIC-THREATS cult.c smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9366 | SPECIFIC-THREATS mimail.s smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9367 | SPECIFIC-THREATS anset.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9368 | SPECIFIC-THREATS agist.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9369 | SPECIFIC-THREATS atak.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9370 | SPECIFIC-THREATS bagle.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9371 | SPECIFIC-THREATS bagle.e smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9372 | SPECIFIC-THREATS blebla.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9373 | SPECIFIC-THREATS clepa smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9374 | SPECIFIC-THREATS creepy.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9375 | SPECIFIC-THREATS duksten.c smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9376 | SPECIFIC-THREATS fishlet.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9377 | SPECIFIC-THREATS mydoom.g smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9378 | SPECIFIC-THREATS netsky.q smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9379 | SPECIFIC-THREATS netsky.s smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9381 | SPECIFIC-THREATS lara smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9382 | SPECIFIC-THREATS fearso.c smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9383 | SPECIFIC-THREATS netsky.y smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9384 | SPECIFIC-THREATS beglur.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9385 | SPECIFIC-THREATS collo.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9386 | SPECIFIC-THREATS bagle.f smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9388 | SPECIFIC-THREATS mimail.g smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9389 | SPECIFIC-THREATS bagle.i smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9391 | SPECIFIC-THREATS mimail.i smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9392 | SPECIFIC-THREATS bagle.j smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9393 | SPECIFIC-THREATS bagle.k smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9394 | SPECIFIC-THREATS bagle.n smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9397 | SPECIFIC-THREATS neysid smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9398 | SPECIFIC-THREATS totilix.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9399 | SPECIFIC-THREATS hanged smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9400 | SPECIFIC-THREATS abotus smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9403 | SPECIFIC-THREATS netsky.aa smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9404 | SPECIFIC-THREATS netsky.ac smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9405 | SPECIFIC-THREATS netsky.af smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9406 | SPECIFIC-THREATS lovgate.e smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9408 | SPECIFIC-THREATS lacrow smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9409 | SPECIFIC-THREATS atak.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9410 | SPECIFIC-THREATS netsky.z smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9411 | SPECIFIC-THREATS mimail.f smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9413 | SPECIFIC-THREATS ganda smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9414 | SPECIFIC-THREATS lovelorn.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9415 | SPECIFIC-THREATS plexus.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9416 | SPECIFIC-THREATS bagle.at smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9417 | SPECIFIC-THREATS bagle.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9827 | SPYWARE-PUT Keylogger paq keylog runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 9841 | SMTP Microsoft Outlook VEVENT overflow attempt (more info ...) | attempted-user | 2007-0033 | 21931 | URL | |
| 10012 | SMTP Microsoft Outlook VEVENT non-TZID overflow attempt (more info ...) | attempted-user | 2007-0033 | 21931 | URL | |
| 10065 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10066 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10067 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10068 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10069 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10070 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10071 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10072 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10073 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10074 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10075 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10076 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10077 | SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10078 | SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10079 | SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10080 | SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10081 | SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10082 | SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10083 | SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10088 | SPYWARE-PUT Keylogger beyond Keylogger runtime detection - log sent by smtp (more info ...) | successful-recon-limited | URL | |||
| 10453 | BACKDOOR zalivator 1.4.2 pro runtime detection - smtp notification (more info ...) | trojan-activity | URL | |||
| 11305 | SPYWARE-PUT Snoopware childwebguardian runtime detection - send log through smtp (more info ...) | successful-recon-limited | URL | |||
| 12807 | SMTP Lotus 123 file attachment (more info ...) | suspicious-filename-detect | 2007-6593 | 27835 | URL | |
| 13718 | SMTP BDAT buffer overflow attempt (more info ...) | attempted-admin | 2002-0055 | 4204 | URL | |
| 13894 | SMTP Microsoft Outlook Web Access From field cross-site scripting attempt (more info ...) | misc-attack | 2008-2247 | URL | ||
| 13895 | SMTP Microsoft Outlook Web Access invalid CSS escape sequence script execution attempt (more info ...) | misc-attack | 2008-2248 | URL | ||
| 13923 | SMTP MailEnable SMTP HELO command denial of service attempt (more info ...) | attempted-dos | 2006-3277 | 18630 | ||
| 15358 | SMTP Adobe PDF JBIG2 remote code execution attempt (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 15359 | SMTP Suspicious JBIG2 pdf file sent via email (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 15360 | SMTP Suspicious JBIG2 pdf file sent in email (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 15367 | SMTP outlook web access script injection attempt (more info ...) | attempted-user | 2006-1193 | 18381 | ||
| 15494 | SMTP Suspicious JBIG2 pdf file sent from email (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 15495 | SMTP Suspicious JBIG2 pdf file sent by email (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 15496 | SMTP Suspicious JBIG2 pdf file sent through email (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 15497 | SMTP Suspicious JBIG2 pdf file sent with email (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 15574 | SMTP MAIL FROM command overflow attempt (more info ...) | attempted-admin | 2004-0399 | 7506 | URL | |
| 16025 | SPECIFIC-THREATS MailEnable SMTP service SPF lookup buffer overflow attempt (more info ...) | attempted-admin | 2006-4616 | 20091 | ||
| 16193 | SMTP Novell GroupWise Internet Agent SMTP AUTH LOGIN command buffer overflow attempt (more info ...) | attempted-admin | 2009-1636 | 35065 | ||
| 16201 | SPECIFIC-THREATS Ipswitch Collaboration Suite SMTP format string exploit attempt (more info ...) | attempted-admin | 2005-2931 | 15752 | ||
| 16515 | SMTP Novell Groupwise Internet Agent RCPT command overflow attempt (more info ...) | attempted-user | 2009-0410 | 33560 | ||
| 16534 | DOS Windows Server2000/2003/2008 SMTP service DNS MX lookup denial of service attempt (more info ...) | attempted-dos | 2010-0024 | URL | ||
| 16597 | SMTP Novell GroupWise Internet Agent Email address processing buffer overflow attempt (more info ...) | attempted-admin | 2009-1636 | 35064 | ||
| 17034 | SMTP Outlook AttachMethods local file execution attempt (more info ...) | attempted-user | 2010-0266 | URL | ||
| 17035 | SMTP Outlook AttachMethods local file execution attempt (more info ...) | attempted-user | 2010-0266 | URL | ||
| 17036 | SMTP Outlook AttachMethods local file execution attempt (more info ...) | attempted-user | 2010-0266 | URL | ||
| 17099 | WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 17100 | WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX clsid unicode access (more info ...) | attempted-user | URL | |||
| 17101 | WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call access (more info ...) | attempted-user | URL | |||
| 17102 | WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call unicode access (more info ...) | attempted-user | URL | |||
| 17251 | SMTP Outlook RTF remote code execution attempt (more info ...) | attempted-admin | 2010-2728 | URL | ||
| 17332 | SMTP Content-Disposition attachment (more info ...) | protocol-command-decode | ||||
| 17333 | SMTP Lotus Notes Attachment Viewer UUE file buffer overflow attempt (more info ...) | attempted-user | 2005-2618 | 16576 | ||
| 17693 | SMTP MailEnable NTLM Authentication buffer overflow attempt (more info ...) | attempted-admin | 2006-5176 | 20290 | URL | |
| 17697 | SMTP GnuPG Message Packet Length overflow attempt (more info ...) | attempted-user | 2006-3746 | URL | ||
| 17717 | SMTP IBM Lotus Notes HTML input tag buffer overflow attempt (more info ...) | attempted-user | 2007-4222 | 26200 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 631 | SMTP ehlo cybercop attempt (more info ...) | protocol-command-decode | 1999-0531 | |||
| 632 | SMTP expn cybercop attempt (more info ...) | protocol-command-decode | 1999-0531 | |||
| 657 | SMTP chameleon overflow (more info ...) | attempted-admin | 1999-0261 | 2387 | ||
| 659 | SMTP expn decode (more info ...) | attempted-recon | 1999-0096 | 10248 | ||
| 660 | SMTP expn root (more info ...) | attempted-recon | 1999-0531 | 10249 | ||
| 661 | SMTP majordomo ifs (more info ...) | attempted-admin | 1999-0207 | 2310 | ||
| 663 | SMTP rcpt to command attempt (more info ...) | attempted-admin | 1999-0095 | 1 | ||
| 664 | SMTP RCPT TO decode attempt (more info ...) | attempted-admin | 1999-0203 | 2308 | ||
| 672 | SMTP vrfy decode (more info ...) | attempted-recon | 1999-0096 | |||
| 1446 | SMTP vrfy root (more info ...) | attempted-recon | 1999-0531 | |||
| 1450 | SMTP expn *@ (more info ...) | misc-attack | 1999-1200 | |||
| 1550 | SMTP ETRN overflow attempt (more info ...) | attempted-admin | 2000-0490 | 7515 | 10438 | |
| 2087 | SMTP From comment overflow attempt (more info ...) | attempted-admin | 2002-1337 | 6991 | URL | |
| 2275 | SMTP AUTH LOGON brute force attempt (more info ...) | suspicious-login | ||||
| 2487 | SMTP WinZip MIME content-type buffer overflow (more info ...) | attempted-user | 2004-0333 | 9758 | 12621 | |
| 2488 | SMTP WinZip MIME content-disposition buffer overflow (more info ...) | attempted-user | 2004-0333 | 9758 | 12621 | |
| 2504 | SMTP SSLv3 invalid data version attempt (more info ...) | attempted-dos | 2004-0120 | 10115 | 12204 | URL |
| 2528 | SMTP PCT Client_Hello overflow attempt (more info ...) | attempted-admin | 2003-0719 | 10116 | 12205 | URL |
| 2541 | SMTP TLS SSLv3 invalid data version attempt (more info ...) | attempted-dos | 2004-0120 | 10115 | 12204 | URL |
| 2544 | SMTP SSLv3 invalid Client_Hello attempt (more info ...) | attempted-dos | 2004-0120 | 12204 | URL | |
| 3511 | SMTP PCT Client_Hello overflow attempt (more info ...) | attempted-admin | 2003-0719 | 10116 | URL | |
| 3653 | SMTP SAML overflow attempt (more info ...) | attempted-user | 2004-1546 | 11238 | ||
| 3654 | SMTP SOML overflow attempt (more info ...) | attempted-user | 2004-1546 | 11238 | ||
| 3655 | SMTP SEND overflow attempt (more info ...) | attempted-user | 2004-1546 | 11238 | ||
| 3656 | SMTP MDaemon 6.5.1 and prior versions MAIL overflow attempt (more info ...) | attempted-user | 2004-1546 | 11238 | ||
| 3682 | SMTP spoofed MIME-Type auto-execution attempt (more info ...) | attempted-admin | 2001-0154 | 2524 | URL | |
| 3824 | SMTP AUTH user overflow attempt (more info ...) | attempted-admin | 2007-4440 | 13772 | ||
| 5739 | SMTP headers too long server response (more info ...) | bad-unknown | 2006-0058 | 17192 | ||
| 6412 | SMTP Windows Address Book attachment detected (more info ...) | misc-activity | 2006-2386 | 17459 | URL | |
| 6413 | SMTP Base64 encoded Windows Address Book attachment detected (more info ...) | misc-activity | 2006-2386 | 17459 | URL | |
| 8432 | SMTP SSLv2 openssl get shared ciphers overflow attempt (more info ...) | attempted-admin | 2007-5135 | 22083 | URL | |
| 8433 | SMTP SSLv2 openssl get shared ciphers overflow attempt (more info ...) | attempted-admin | 2007-5135 | 22083 | URL | |
| 8434 | SMTP SSLv3 openssl get shared ciphers overflow attempt (more info ...) | attempted-admin | 2007-5135 | 25831 | URL | |
| 8435 | SMTP SSLv3 openssl get shared ciphers overflow attempt (more info ...) | attempted-admin | 2007-5135 | 25831 | URL | |
| 8436 | SMTP SSLv2 openssl get shared ciphers overflow attempt (more info ...) | attempted-admin | 2007-5135 | 22083 | URL | |
| 8705 | SMTP YPOPS buffer overflow attempt (more info ...) | attempted-admin | 2004-1558 | 11256 | ||
| 10186 | SMTP ClamAV mime parsing directory traversal (more info ...) | attempted-user | 2007-0898 | 22581 | URL | |
| 12423 | SMTP Microsoft CDO long header name (more info ...) | attempted-admin | 2005-1987 | 15067 | URL | |
| 12692 | SMTP RCPT TO IPSwitch proxy overflow attempt (more info ...) | attempted-admin | 2006-4379 | URL | ||
| 12704 | SMTP Lotus Notes MIF viewer MIFFILE comment overflow (more info ...) | attempted-user | 2007-5910 | 26175 | ||
| 12705 | SMTP Lotus Notes MIF viewer statement overflow (more info ...) | attempted-user | 2007-5910 | 26175 | ||
| 12706 | SMTP Lotus Notes MIF viewer statement data overflow (more info ...) | attempted-user | 2007-5910 | 26175 | ||
| 13651 | SPYWARE-PUT Keylogger family cyber alert runtime detection - smtp traffic for recorded activities (more info ...) | successful-recon-limited | URL | |||
| 17224 | SMTP McAfee WebShield SMTP bounce message format string attempt (more info ...) | attempted-admin | 2006-0559 | 16742 | ||
| 17283 | SMTP Mercury Mail Transport System Buffer Overflow attempt (more info ...) | attempted-user | 2005-4411 | 16396 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 13888 | SQL Microsoft SQL Server Backup Database File integer overflow attempt (more info ...) | attempted-admin | 2008-0107 | URL | ||
| 13889 | SQL Microsoft SQL Server Backup Database File integer overflow attempt (more info ...) | attempted-admin | 2008-0107 | URL | ||
| 13890 | SQL Microsoft SQL Server Backup Database File integer overflow attempt (more info ...) | attempted-admin | 2008-0107 | URL | ||
| 14756 | WEB-ACTIVEX Microsoft SQL Server 2000 Client Components ActiveX clsid access (more info ...) | attempted-user | 2008-4110 | 31129 | ||
| 14757 | WEB-ACTIVEX Microsoft SQL Server 2000 Client Components ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4110 | 31129 | ||
| 14758 | WEB-ACTIVEX Microsoft SQL Server 2000 Client Components ActiveX function call access (more info ...) | attempted-user | 2008-4110 | 31129 | ||
| 14759 | WEB-ACTIVEX Microsoft SQL Server 2000 Client Components ActiveX function call unicode access (more info ...) | attempted-user | 2008-4110 | 31129 | ||
| 16073 | SPECIFIC-THREATS MS-SQL convert function unicode overflow (more info ...) | attempted-admin | 2008-0086 | URL | ||
| 16074 | MS-SQL Suspicious SQL ansi_padding option (more info ...) | policy-violation | 2008-0106 | URL | ||
| 16208 | WEB-CLIENT Microsoft SQL Server Distributed Management Objects overflow attempt (more info ...) | attempted-user | 2007-4814 | 25594 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 11264 | SQL Microsoft SQL Server 2000 Server hello buffer overflow attempt (more info ...) | attempted-admin | 2002-1123 | 5411 | URL | |
| 11683 | SPECIFIC-THREATS CA BrightStor Agent for Microsoft SQL overflow attempt (more info ...) | attempted-admin | 2005-1272 | 14453 | ||
| 12444 | WEB-ACTIVEX Microsoft SQL Server Distributed Management Objects ActiveX clsid access (more info ...) | attempted-user | 2007-4814 | 25594 | ||
| 12445 | WEB-ACTIVEX Microsoft SQL Server Distributed Management Objects ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4814 | 25594 | ||
| 12446 | WEB-ACTIVEX Microsoft SQL Server Distributed Management Objects ActiveX function call access (more info ...) | attempted-user | 2007-4814 | 25594 | ||
| 12447 | WEB-ACTIVEX Microsoft SQL Server Distributed Management Objects ActiveX function call unicode access (more info ...) | attempted-user | 2007-4814 | 25594 | ||
| 13896 | SQL Microsoft SQL server MTF file download (more info ...) | misc-activity | 2008-0085 | URL | ||
| 17307 | SPECIFIC-THREATS MS SQL Server INSERT Statement Buffer Overflow attempt (more info ...) | policy-violation | 2008-0106 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3665 | MYSQL server greeting (more info ...) | attempted-user | 2004-0627 | 10655 | 12639 | URL |
| 13593 | SQL MySQL yaSSL SSL Hello Message Buffer Overflow attempt (more info ...) | attempted-admin | 2008-0226 | 27140 | URL | |
| 13709 | MYSQL yaSSL SSLv2 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 13710 | MYSQL yaSSL TLSv1 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 13711 | MYSQL yaSSL SSLv2 Client Hello Message Cipher Length Buffer Overflow attempt (more info ...) | attempted-user | 2008-0226 | 27140 | URL | |
| 13712 | MYSQL yaSSL SSLv2 Client Hello Message Session ID Buffer Overflow attempt (more info ...) | attempted-user | 2008-0226 | 27140 | URL | |
| 13713 | MYSQL yaSSL SSLv2 Client Hello Message Challenge Buffer Overflow attempt (more info ...) | attempted-user | 2008-0226 | 27140 | URL | |
| 13714 | MYSQL yaSSL SSLv3 Client Hello Message Cipher Specs Buffer Overflow attempt (more info ...) | attempted-user | 2008-0226 | 27140 | URL | |
| 15442 | MYSQL XML Functions ExtractValue Scalar XPath denial of service attempt (more info ...) | attempted-dos | 2009-0819 | 33972 | URL | |
| 15443 | MYSQL XML Functions UpdateXML Scalar XPath denial of service attempt (more info ...) | attempted-dos | 2009-0819 | 33972 | URL | |
| 15952 | MYSQL create function libc arbitrary code execution attempt (more info ...) | attempted-user | 2005-0709 | 12781 | ||
| 16020 | SPECIFIC-THREATS MySQL login handshake information disclosure attempt (more info ...) | misc-activity | 2006-1516 | 17780 | ||
| 16348 | SPECIFIC-THREATS Sun MySQL database PROCEDURE ANALYSE denial of service attempt - 1 (more info ...) | attempted-dos | 2009-4019 | URL | ||
| 16349 | SPECIFIC-THREATS Sun MySQL database Procedure Analyse denial of service attempt - 2 (more info ...) | attempted-dos | 2009-4019 | URL | ||
| 16385 | MYSQL yaSSL library cert parsing stack overflow attempt (more info ...) | attempted-user | 2009-4484 | 37640 | ||
| 17412 | MYSQL CREATE FUNCTION mysql.func Arbitrary Library Injection attempt (more info ...) | attempted-user | 2005-0710 | 12781 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 509 | WEB-MISC PCCS mysql database admin tool access (more info ...) | web-application-attack | 2000-0707 | 1557 | 10783 | |
| 1527 | WEB-MISC basilix mysql.class access (more info ...) | web-application-activity | 2001-1044 | 2198 | 10601 | |
| 1775 | MYSQL root login attempt (more info ...) | protocol-command-decode | ||||
| 1776 | MYSQL show databases attempt (more info ...) | protocol-command-decode | ||||
| 3456 | MYSQL 4.0 root login attempt (more info ...) | protocol-command-decode | ||||
| 3518 | WEB-MISC MySQL MaxDB WebSQL wppassword buffer overflow (more info ...) | web-application-attack | 2005-0111 | 12265 | URL | |
| 3519 | WEB-MISC MySQL MaxDB WebSQL wppassword buffer overflow default port (more info ...) | web-application-attack | 2005-0111 | 12265 | URL | |
| 3528 | MYSQL create function access attempt (more info ...) | misc-activity | 2005-0709 | 12781 | ||
| 3666 | MYSQL server greeting finished (more info ...) | attempted-user | 2004-0627 | 10655 | 12639 | URL |
| 3667 | MYSQL protocol 41 client authentication bypass attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 3668 | MYSQL client authentication bypass attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 3669 | MYSQL protocol 41 secure client overflow attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 3670 | MYSQL secure client overflow attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 3671 | MYSQL protocol 41 client overflow attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 3672 | MYSQL client overflow attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 4649 | MYSQL create function buffer overflow attempt (more info ...) | misc-activity | 2005-2558 | 14509 | ||
| 8057 | MYSQL Date_Format denial of service attempt (more info ...) | attempted-dos | 2006-3469 | 19032 | URL | |
| 11619 | MISC MySQL COM_TABLE_DUMP Function Stack Overflow attempt (more info ...) | attempted-admin | 2006-1517 | 17780 | URL | |
| 15951 | SPECIFIC-THREATS MySQL MaxDB Webtool GET command overflow attempt (more info ...) | attempted-user | 2005-0684 | 13368 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 688 | SQL sa login failed (more info ...) | unsuccessful-user | 2000-1209 | 4797 | 10673 | |
| 11204 | ORACLE Oracle Database DBMS_AQADM_SYS package GRANT_TYPE_ACCESS procedure SQL injection attempt (more info ...) | attempted-admin | 2009-0977 | 34461 | URL | |
| 12027 | SQL Ingres Database uuid_from_char buffer overflow attempt (more info ...) | attempted-admin | 2007-3338 | 24585 | URL | |
| 13356 | SQL SAP MaxDB shell command injection attempt (more info ...) | attempted-admin | 2008-0244 | 27206 | ||
| 13366 | ORACLE Oracle database SYS.LT.FINDRICSET SQL injection attempt (more info ...) | attempted-admin | 2007-5511 | 26098 | URL | |
| 13512 | SQL generic sql exec injection attempt - GET parameter (more info ...) | web-application-attack | URL | |||
| 13513 | SQL generic sql insert injection atttempt - GET parameter (more info ...) | web-application-attack | URL | |||
| 13551 | ORACLE Oracle XDB.XDB_PITRIG_PKG sql injection attempt (more info ...) | attempted-admin | 2008-0339 | 27229 | URL | |
| 13791 | SQL oversized cast statement - possible sql injection obfuscation (more info ...) | web-application-attack | URL | |||
| 13928 | SPECIFIC-THREATS Adobe RoboHelp r0 SQL injection attempt (more info ...) | web-application-attack | 2008-2991 | |||
| 13929 | WEB-MISC Adobe RoboHelp rx SQL injection attempt (more info ...) | web-application-attack | 2008-2991 | |||
| 13987 | SQL oversized convert statement - possible sql injection obfuscation (more info ...) | web-application-attack | URL | |||
| 13988 | SQL large number of calls to ascii function - possible sql injection obfuscation (more info ...) | web-application-attack | URL | |||
| 13990 | SQL union select - possible sql injection attempt - GET parameter (more info ...) | misc-attack | ||||
| 14008 | SQL large number of calls to concat function - possible sql injection obfuscation (more info ...) | web-application-attack | URL | |||
| 14991 | SQL IBM DB2 Universal Database xmlquery buffer overflow attempt (more info ...) | attempted-user | 2008-3854 | 29601 | ||
| 15143 | SQL sp_replwritetovarbin unicode vulnerable function attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15144 | SQL sp_replwritetovarbin vulnerable function attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15319 | NETBIOS-DG SMB /sql/query create tree attempt (more info ...) | protocol-command-decode | ||||
| 15320 | NETBIOS-DG SMB /sql/query unicode create tree attempt (more info ...) | protocol-command-decode | ||||
| 15321 | NETBIOS SMB /sql/query create tree attempt (more info ...) | protocol-command-decode | ||||
| 15322 | NETBIOS SMB /sql/query unicode create tree attempt (more info ...) | protocol-command-decode | ||||
| 15323 | NETBIOS-DG SMB /sql/query andx create tree attempt (more info ...) | protocol-command-decode | ||||
| 15324 | NETBIOS-DG SMB /sql/query unicode andx create tree attempt (more info ...) | protocol-command-decode | ||||
| 15325 | NETBIOS SMB /sql/query andx create tree attempt (more info ...) | protocol-command-decode | ||||
| 15326 | NETBIOS SMB /sql/query unicode andx create tree attempt (more info ...) | protocol-command-decode | ||||
| 15515 | ORACLE Oracle Database Server RollbackWorkspace SQL injection attempt (more info ...) | attempted-admin | 2009-0978 | 34461 | URL | |
| 15584 | SQL char and sysobjects - possible sql injection recon attempt (more info ...) | web-application-attack | URL | |||
| 15722 | SPECIFIC-THREATS Oracle database server Workspace Manager multiple SQL injection attempt (more info ...) | attempted-admin | 2008-3982 | 31683 | URL | |
| 15723 | ORACLE Oracle database server CompressWorkspaceTree SQL injection attempt (more info ...) | attempted-admin | 2008-3982 | 31683 | URL | |
| 15724 | ORACLE Oracle database server MergeWorkspace SQL injection attempt (more info ...) | attempted-admin | 2008-3982 | 31683 | URL | |
| 15725 | ORACLE Oracle database server RemoveWorkspace SQL injection attempt (more info ...) | attempted-admin | 2008-3982 | 31683 | URL | |
| 15868 | SQL Borland InterBase username buffer overflow (more info ...) | attempted-user | 2008-2559 | 29302 | ||
| 15874 | SQL union select - possible sql injection attempt - POST parameter (more info ...) | misc-attack | ||||
| 15875 | SQL generic sql insert injection atttempt - POST parameter (more info ...) | web-application-attack | URL | |||
| 15876 | SQL generic sql update injection attempt - POST parameter (more info ...) | web-application-attack | URL | |||
| 15877 | SQL generic sql exec injection attempt - POST parameter (more info ...) | web-application-attack | URL | |||
| 15896 | DOS Firebird SQL op_connect_request denial of service attempt (more info ...) | attempted-dos | 2009-2620 | 35842 | ||
| 16049 | SPECIFIC-THREATS GNU Radius SQL accounting format string exploit attempt (more info ...) | attempted-admin | 2006-4181 | 21303 | ||
| 16159 | WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 1 ActiveX clsid access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16160 | WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 1 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16161 | WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 2 ActiveX clsid access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16162 | WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 2 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16163 | WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 3 ActiveX clsid access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16164 | WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 3 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16165 | WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 4 ActiveX clsid access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16166 | WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 4 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16189 | ORACLE Oracle Database REPCAT_RPC.VALIDATE_REMOTE_RC SQL injection attempt (more info ...) | attempted-admin | 2009-1021 | 35685 | URL | |
| 16290 | ORACLE Oracle database server CREATE_TABLES SQL injection attempt (more info ...) | attempted-admin | 2009-1991 | 36748 | URL | |
| 16364 | DOS IBM DB2 database server SQLSTT denial of service attempt (more info ...) | denial-of-service | 2009-0173 | |||
| 16513 | SQL Jive Software Openfire Jabber Server SQL injection attempt (more info ...) | attempted-user | 2008-6510 | 32189 | ||
| 16524 | FTP ProFTPD username sql injection attempt (more info ...) | attempted-admin | 2009-0542 | 33722 | ||
| 16722 | ORACLE Oracle Database Server DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE procedure SQL injection attempt (more info ...) | attempted-user | 2010-0870 | 39422 | ||
| 16723 | ORACLE Oracle Database Server DBMS_CDC_PUBLISH.ALTER_CHANGE_SOURCE procedure SQL injection attempt (more info ...) | attempted-user | 2010-0870 | 39422 | ||
| 17044 | SQL WinCC DB default password security bypass attempt (more info ...) | attempted-user | 2010-2772 | URL | ||
| 17209 | SQL IBM DB2 DATABASE SERVER SQL REPEAT Buffer Overflow (more info ...) | attempted-admin | 2010-0462 | 37976 | ||
| 17270 | ORACLE DBMS_METADATA Package SQL Injection attempt (more info ...) | attempted-user | 2005-1197 | |||
| 17419 | ORACLE Oracle database SQL compiler read-only join auth bypass attempt (more info ...) | attempted-user | 2007-3855 | |||
| 17449 | WEB-MISC Novell ZENworks patch management SQL injection attempt (more info ...) | web-application-attack | 2005-3315 | 15220 | ||
| 17590 | ORACLE DBMS_ASSERT.simple_sql_name double quote SQL injection attempt (more info ...) | misc-attack | 19203 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 673 | SQL sp_start_job - program execution (more info ...) | attempted-user | ||||
| 676 | SQL sp_start_job - program execution (more info ...) | attempted-user | ||||
| 677 | SQL sp_password password change (more info ...) | attempted-user | ||||
| 678 | SQL sp_delete_alert log file deletion (more info ...) | attempted-user | ||||
| 679 | SQL sp_adduser database user creation (more info ...) | attempted-user | ||||
| 681 | SQL xp_cmdshell program execution (more info ...) | attempted-user | 5309 | |||
| 683 | SQL sp_password - password change (more info ...) | attempted-user | ||||
| 684 | SQL sp_delete_alert log file deletion (more info ...) | attempted-user | ||||
| 685 | SQL sp_adduser - database user creation (more info ...) | attempted-user | ||||
| 686 | SQL xp_reg* - registry access (more info ...) | attempted-user | 2002-0642 | 5205 | 10642 | URL |
| 687 | SQL xp_cmdshell - program execution (more info ...) | attempted-user | 5309 | |||
| 689 | SQL xp_reg* registry access (more info ...) | attempted-user | 2002-0642 | 5205 | 10642 | URL |
| 691 | SQL shellcode attempt (more info ...) | shellcode-detect | ||||
| 692 | SQL shellcode attempt (more info ...) | shellcode-detect | ||||
| 693 | SQL shellcode attempt (more info ...) | shellcode-detect | ||||
| 694 | SQL shellcode attempt (more info ...) | attempted-user | ||||
| 695 | SQL xp_sprintf possible buffer overflow (more info ...) | attempted-user | 1204 | URL | ||
| 704 | SQL xp_sprintf possible buffer overflow (more info ...) | attempted-user | 2001-0542 | 3733 | URL | |
| 1057 | SQL ftp attempt (more info ...) | web-application-activity | ||||
| 1058 | SQL xp_enumdsn attempt (more info ...) | web-application-attack | ||||
| 1059 | SQL xp_filelist attempt (more info ...) | web-application-attack | ||||
| 1060 | SQL xp_availablemedia attempt (more info ...) | web-application-attack | ||||
| 1061 | SQL xp_cmdshell attempt (more info ...) | web-application-attack | 5309 | |||
| 1069 | SQL xp_regread attempt (more info ...) | web-application-activity | ||||
| 1077 | SQL queryhit.htm access (more info ...) | web-application-activity | 10370 | |||
| 1078 | SQL counter.exe access (more info ...) | web-application-activity | 1999-1030 | 267 | ||
| 1385 | WEB-MISC mod-plsql administration access (more info ...) | web-application-activity | 2001-1217 | 3727 | 10849 | |
| 1386 | SQL raiserror possible buffer overflow (more info ...) | attempted-user | 2001-0542 | 3733 | URL | |
| 1387 | SQL raiserror possible buffer overflow (more info ...) | attempted-user | 2001-0542 | 3733 | 11217 | |
| 1759 | SQL xp_cmdshell program execution 445 (more info ...) | attempted-user | 5309 | |||
| 1871 | WEB-MISC Oracle XSQLConfig.xml access (more info ...) | web-application-activity | 2002-0568 | 4290 | 10855 | |
| 2049 | SQL ping attempt (more info ...) | misc-activity | 10674 | |||
| 2063 | WEB-MISC Demarc SQL injection attempt (more info ...) | web-application-activity | 2002-0539 | 4520 | ||
| 2701 | WEB-MISC Oracle iSQLPlus sid overflow attempt (more info ...) | web-application-attack | 10871 | URL | ||
| 2702 | WEB-MISC Oracle iSQLPlus username overflow attempt (more info ...) | web-application-attack | 10871 | URL | ||
| 2703 | WEB-MISC Oracle iSQLPlus login.uix username overflow attempt (more info ...) | web-application-attack | 10871 | URL | ||
| 2704 | WEB-MISC Oracle 10g iSQLPlus login.unix connectID overflow attempt (more info ...) | web-application-attack | 10871 | URL | ||
| 3152 | SQL sa brute force failed login attempt (more info ...) | unsuccessful-user | 2000-1209 | 4797 | 10673 | |
| 3273 | SQL sa brute force failed login unicode attempt (more info ...) | unsuccessful-user | 2000-1209 | 4797 | 10673 | |
| 3542 | SQL SA brute force login attempt (more info ...) | suspicious-login | 2000-1209 | 4797 | 10673 | |
| 4984 | SQL sa brute force failed login unicode attempt (more info ...) | unsuccessful-user | 2000-1209 | 4797 | 10673 | |
| 4989 | SQL heap-based overflow attempt (more info ...) | attempted-admin | 2002-0649 | 5310 | 11214 | URL |
| 7207 | ORACLE DBMS_EXPORT_EXTENSION SQL injection attempt (more info ...) | attempted-user | 2006-3702 | 19054 | ||
| 8059 | ORACLE SYS.KUPW-WORKER sql injection attempt (more info ...) | attempted-admin | 2006-3698 | 19054 | URL | |
| 8494 | SQL formatmessage possible buffer overflow (more info ...) | attempted-admin | 2001-0542 | 3733 | ||
| 8495 | SQL formatmessage possible buffer overflow (more info ...) | attempted-admin | 2001-0542 | 3733 | ||
| 8496 | SQL sp_oacreate unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8497 | SQL sp_oacreate vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8498 | SQL sp_oacreate unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8499 | SQL xp_displayparamstmt unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1081 | 2030 | URL | |
| 8500 | SQL xp_displayparamstmt unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1081 | 2030 | URL | |
| 8501 | SQL xp_displayparamstmt vulnerable function attempt (more info ...) | attempted-admin | 2000-1081 | 2030 | URL | |
| 8502 | SQL xp_enumresultset unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1082 | 2031 | URL | |
| 8503 | SQL xp_enumresultset unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1082 | 2031 | URL | |
| 8504 | SQL xp_enumresultset vulnerable function attempt (more info ...) | attempted-admin | 2000-1082 | 2031 | URL | |
| 8505 | SQL xp_oadestroy unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8506 | SQL xp_oadestroy unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8507 | SQL xp_oadestroy vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8508 | SQL xp_oagetproperty unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8509 | SQL xp_oagetproperty unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8510 | SQL xp_oagetproperty vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8511 | SQL xp_oamethod unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8512 | SQL xp_oamethod vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8513 | SQL xp_oamethod unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8514 | SQL xp_oasetproperty unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8515 | SQL xp_oasetproperty unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8516 | SQL xp_oasetproperty vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8517 | SQL xp_peekqueue unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1085 | 2041 | URL | |
| 8518 | SQL xp_peekqueue unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1085 | 2041 | URL | |
| 8519 | SQL xp_peekqueue vulnerable function attempt (more info ...) | attempted-admin | 2000-1085 | 2041 | URL | |
| 8520 | SQL xp_printstatements unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2041 | URL | |
| 8521 | SQL xp_printstatements unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2041 | URL | |
| 8522 | SQL xp_printstatements vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2041 | URL | |
| 8523 | SQL xp_proxiedmetadata unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1087 | 2024 | URL | |
| 8524 | SQL xp_proxiedmetadata unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1087 | 2024 | URL | |
| 8525 | SQL xp_proxiedmetadata vulnerable function attempt (more info ...) | attempted-admin | 2000-1087 | 2024 | URL | |
| 8526 | SQL xp_SetSQLSecurity unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2043 | URL | |
| 8527 | SQL xp_SetSQLSecurity unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2043 | URL | |
| 8528 | SQL xp_SetSQLSecurity vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2043 | URL | |
| 8529 | SQL xp_showcolv unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1083 | 2038 | URL | |
| 8530 | SQL xp_showcolv unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1083 | 2038 | URL | |
| 8531 | SQL xp_showcolv vulnerable function attempt (more info ...) | attempted-admin | 2000-1083 | 2038 | URL | |
| 8532 | SQL xp_sqlagent_monitor unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8533 | SQL xp_sqlagent_monitor vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8534 | SQL xp_sqlagent_monitor unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8535 | SQL xp_sqlinventory unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8536 | SQL xp_sqlinventory vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8537 | SQL xp_sqlinventory unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8538 | SQL xp_updatecolvbm unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1084 | 2039 | URL | |
| 8539 | SQL xp_updatecolvbm unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1084 | 2039 | URL | |
| 8540 | SQL xp_updatecolvbm vulnerable function attempt (more info ...) | attempted-admin | 2000-1084 | 2039 | URL | |
| 11193 | WEB-MISC Oracle iSQL Plus cross site scripting attempt (more info ...) | web-application-attack | 2004-2115 | 9484 | ||
| 11194 | WEB-MISC Oracle iSQL Plus cross site scripting attempt (more info ...) | web-application-attack | 2004-2115 | 9484 | ||
| 11616 | WEB-MISC Symantec Sygate Policy Manager SQL injection (more info ...) | attempted-admin | 2006-0522 | 16452 | ||
| 11685 | WEB-MISC Oracle iSQL Plus cross site scripting attempt (more info ...) | web-application-attack | 2004-2115 | 9484 | ||
| 12009 | SQL Firebird SQL Fbserver buffer overflow attempt (more info ...) | attempted-user | 2007-3181 | |||
| 12059 | WEB-MISC Oracle iSQL Plus cross site scripting attempt (more info ...) | web-application-attack | 2004-2115 | 9484 | ||
| 12060 | WEB-MISC Oracle iSQL Plus cross site scripting attempt (more info ...) | web-application-attack | 2004-2115 | 9484 | ||
| 13553 | EXPLOIT Sybase SQL Anywhere Mobilink username string buffer overflow (more info ...) | attempted-admin | 2008-0912 | 27914 | URL | |
| 13554 | EXPLOIT Sybase SQL Anywhere Mobilink version string buffer overflow (more info ...) | attempted-admin | 2008-0912 | 27914 | URL | |
| 13555 | EXPLOIT Sybase SQL Anywhere Mobilink remoteID string buffer overflow (more info ...) | attempted-admin | 2008-0912 | 27914 | URL | |
| 13891 | SQL Memory page overwrite attempt (more info ...) | attempted-admin | 2008-0106 | URL | ||
| 13892 | SQL Convert function style overwrite (more info ...) | attempted-admin | 2008-0086 | URL | ||
| 13991 | SQL xp_regaddmultistring attempt (more info ...) | web-application-activity | ||||
| 13992 | SQL xp_regdeletevalue attempt (more info ...) | web-application-activity | ||||
| 13993 | SQL xp_regenumkeys attempt (more info ...) | web-application-activity | ||||
| 13994 | SQL xp_regenumvalues attempt (more info ...) | web-application-activity | ||||
| 13995 | SQL xp_regremovemultistring attempt (more info ...) | web-application-activity | ||||
| 13996 | SQL xp_servicecontrol attempt (more info ...) | web-application-activity | ||||
| 13997 | SQL xp_loginconfig attempt (more info ...) | web-application-activity | ||||
| 13998 | SQL xp_terminate_process attempt (more info ...) | web-application-activity | ||||
| 16393 | EXPLOIT Postgresql bit substring buffer overflow (more info ...) | attempted-admin | 2010-0442 | 37973 | ||
| 16431 | SQL generic sql with comments injection attempt - GET parameter (more info ...) | web-application-attack | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 253 | DNS SPOOF query response PTR with TTL of 1 min. and no authority (more info ...) | bad-unknown | ||||
| 1948 | DNS zone transfer UDP (more info ...) | attempted-recon | 1999-0532 | 10595 | ||
| 2921 | DNS UDP inverse query (more info ...) | attempted-recon | 2001-0010 | 2302 | 10605 | |
| 8709 | DNS Windows NAT helper components tcp denial of service attempt (more info ...) | misc-attack | 2006-5614 | |||
| 8710 | DNS Windows NAT helper components udp denial of service attempt (more info ...) | misc-attack | 2006-5614 | |||
| 15327 | BAD-TRAFFIC libspf2 DNS TXT record parsing buffer overflow attempt (more info ...) | attempted-user | 2008-2469 | 31881 | ||
| 15991 | DOS Multiple vendor DNS message decompression denial of service attempt (more info ...) | attempted-dos | 2005-0036 | 13729 | ||
| 16029 | SPECIFIC-THREATS Microsoft Windows DNS client ATMA buffer overrun attempt (more info ...) | attempted-admin | 2006-3441 | 19404 | ||
| 16030 | SPECIFIC-THREATS Microsoft Windows DNS client TXT buffer overrun attempt (more info ...) | attempted-admin | 2006-3441 | 19404 | ||
| 16206 | SPECIFIC-THREATS Microsoft Windows DNS server spoofing attempt (more info ...) | misc-attack | 2007-3898 | 25919 | URL | |
| 16297 | BOTNET-CNC Palevo bot DNS request for C&C attempt (more info ...) | trojan-activity | URL | |||
| 16298 | BOTNET-CNC Palevo bot DNS request attempt (more info ...) | misc-activity | URL | |||
| 16299 | BOTNET-CNC Palevo bot DNS request attempt (more info ...) | misc-activity | URL | |||
| 16302 | BOTNET-CNC Virut DNS request for C&C attempt (more info ...) | trojan-activity | URL | |||
| 16303 | BOTNET-CNC Virut DNS request attempt (more info ...) | trojan-activity | URL | |||
| 16304 | BOTNET-CNC Virut DNS request attempt (more info ...) | trojan-activity | URL | |||
| 16693 | SPYWARE-PUT Torpig bot sinkhole server DNS lookup attempt (more info ...) | trojan-activity | URL | |||
| 17294 | DOS Microsoft Windows NAT Helper DNS query denial of service attempt (more info ...) | attempted-dos | 2006-5614 | 20804 | ||
| 17483 | DNS squid proxy dns A record response denial of service attempt (more info ...) | attempted-dos | 2005-0446 | 12551 | ||
| 17484 | DNS squid proxy dns PTR record response denial of service attempt (more info ...) | attempted-dos | 2005-0446 | 12551 | ||
| 17485 | DNS Symantec Gateway products DNS cache poisoning attempt (more info ...) | misc-attack | 2005-0817 | |||
| 17495 | SPECIFIC-THREATS Squid proxy DNS response spoofing attempt (more info ...) | attempted-dos | 2005-1519 | 13592 | ||
| 17680 | SPECIFIC-THREATS ISC BIND DNSSEC Validation Multiple RRsets DoS (more info ...) | attempted-dos | 2007-0494 | 22231 | ||
| 17696 | EXPLOIT Microsoft DNS Server ANY query cache weakness (more info ...) | misc-activity | 2009-0234 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 256 | DNS named authors attempt (more info ...) | attempted-recon | 10728 | |||
| 257 | DNS named version attempt (more info ...) | attempted-recon | 10028 | |||
| 258 | DNS EXPLOIT named 8.2->8.2.1 (more info ...) | attempted-admin | 1999-0833 | 788 | ||
| 259 | DNS EXPLOIT named overflow ADM (more info ...) | attempted-admin | 1999-0833 | 788 | ||
| 260 | DNS EXPLOIT named overflow ADMROCKS (more info ...) | attempted-admin | 1999-0833 | 788 | URL | |
| 261 | DNS EXPLOIT named overflow attempt (more info ...) | attempted-admin | URL | |||
| 262 | DNS EXPLOIT x86 Linux overflow attempt (more info ...) | attempted-admin | ||||
| 264 | DNS EXPLOIT x86 Linux overflow attempt (more info ...) | attempted-admin | ||||
| 265 | DNS EXPLOIT x86 Linux overflow attempt ADMv2 (more info ...) | attempted-admin | ||||
| 266 | DNS EXPLOIT x86 FreeBSD overflow attempt (more info ...) | attempted-admin | ||||
| 267 | DNS EXPLOIT sparc overflow attempt (more info ...) | attempted-admin | ||||
| 303 | DNS EXPLOIT named tsig overflow attempt (more info ...) | attempted-admin | 2001-0010 | 2302 | 10605 | |
| 314 | DNS EXPLOIT named tsig overflow attempt (more info ...) | attempted-admin | 2001-0010 | 2302 | ||
| 1261 | EXPLOIT AIX pdnsd overflow (more info ...) | attempted-user | 1999-0745 | 590 | ||
| 1435 | DNS named authors attempt (more info ...) | attempted-recon | 10728 | |||
| 1616 | DNS named version attempt (more info ...) | attempted-recon | 10028 | |||
| 3154 | DNS UDP inverse query overflow (more info ...) | attempted-admin | 1999-0009 | 134 | ||
| 10603 | NETBIOS DCERPC NCACN-IP-TCP dns R_DnssrvUpdateRecord2 overflow attempt (more info ...) | attempted-admin | 2007-1748 | 23470 | URL | |
| 10900 | NETBIOS DCERPC NCACN-IP-TCP dns R_DnssrvEnumRecords overflow attempt (more info ...) | attempted-admin | 2007-1748 | 23470 | URL | |
| 12357 | EXPLOIT Apple mDNSresponder excessive HTTP headers (more info ...) | attempted-admin | 2007-3744 | 25159 | ||
| 15963 | SPECIFIC-THREATS Red Hat Enterprise Linux DNS resolver buffer overflow attempt (more info ...) | attempted-admin | 2002-0029 | 6186 | ||
| 15988 | SPECIFIC-THREATS Microsoft ISA Server DNS spoofing attempt (more info ...) | misc-attack | 2004-0892 | 11605 | ||
| 16499 | NETBIOS DCERPC NCACN-IP-TCP dns R_DnssrvUpdateRecord2 overflow attempt (more info ...) | attempted-admin | 2007-1748 | 23470 | URL | |
| 16500 | NETBIOS DCERPC NCACN-IP-TCP dns R_DnssrvEnumRecords overflow attempt (more info ...) | attempted-admin | 2007-1748 | 23470 | URL | |
| 16612 | WEB-CLIENT Firefox oversized SOCKS5 DNS reply memory corruption attempt (more info ...) | attempted-user | 2009-2470 | 35925 | ||
| 16834 | BLACKLIST DNS request for known malware domain qd.netkill.com.cn - Trojan-Downloader.Win32.Adload.rzx (more info ...) | trojan-activity | URL | |||
| 16835 | BLACKLIST DNS request for known malware domain exe.146843.com - Trojan.Win32.Opeg.a (more info ...) | trojan-activity | URL | |||
| 16836 | BLACKLIST DNS request for known malware domain ra03.e5732.com - Trojan-Clicker.Win32.Small.afg (more info ...) | trojan-activity | URL | |||
| 16837 | BLACKLIST DNS request for known malware domain dangercheats.com.br - Trojan.Win32.Refroso.arnq (more info ...) | trojan-activity | URL | |||
| 16838 | BLACKLIST DNS request for known malware domain xlm.ppvsr.com - Trojan-GameThief.Win32.OnLineGames.wwcf (more info ...) | trojan-activity | URL | |||
| 16839 | BLACKLIST DNS request for known malware domain sh16.e8753.com - Trojan.Win32.Scar.ccqb (more info ...) | trojan-activity | URL | |||
| 16840 | BLACKLIST DNS request for known malware domain rx11.e6532.com - Trojan.Win32.Opeg.a (more info ...) | trojan-activity | URL | |||
| 16841 | BLACKLIST DNS request for known malware domain podgorz.org - Trojan-Spy.Win32.Zbot.gen (more info ...) | trojan-activity | URL | |||
| 16842 | BLACKLIST DNS request for known malware domain sp19.e4578.com - Trojan-Downloader.Win32.Genome.njz (more info ...) | trojan-activity | URL | |||
| 16843 | BLACKLIST DNS request for known malware domain 1.7zsm.com - Trojan-Downloader.Win32.Agent.dtuo (more info ...) | trojan-activity | URL | |||
| 16844 | BLACKLIST DNS request for known malware domain rm08.e4562.com - Trojan-Downloader.Win32.Agent.dngx (more info ...) | trojan-activity | URL | |||
| 16845 | BLACKLIST DNS request for known malware domain rc04.e6532.com - Trojan-Downloader.Win32.Genome.awld (more info ...) | trojan-activity | URL | |||
| 16846 | BLACKLIST DNS request for known malware domain bedayton.com - Trojan-Downloader.Win32.Agent.dlhe (more info ...) | trojan-activity | URL | |||
| 16847 | BLACKLIST DNS request for known malware domain rz12.e6805.com - Trojan-Downloader.Win32.Genome.awld (more info ...) | trojan-activity | URL | |||
| 16848 | BLACKLIST DNS request for known malware domain in.chinaitlm.cn - Trojan.VBS.HideIcon.d (more info ...) | trojan-activity | URL | |||
| 16849 | BLACKLIST DNS request for known malware domain re05.e6532.com - Trojan-Downloader.Win32.Genome.awld (more info ...) | trojan-activity | URL | |||
| 16850 | BLACKLIST DNS request for known malware domain kldmten.net - Trojan-Spy.Win32.Zbot.akra (more info ...) | trojan-activity | URL | |||
| 16851 | BLACKLIST DNS request for known malware domain forelc.cc - Trojan-Ransom.Win32.XBlocker.ahe (more info ...) | trojan-activity | URL | |||
| 16852 | BLACKLIST DNS request for known malware domain v.yao63.com - Trojan-Downloader.Win32.Agent.dqns (more info ...) | trojan-activity | URL | |||
| 16853 | BLACKLIST DNS request for known malware domain vh26.e4578.com - Trojan.Win32.Opeg.a (more info ...) | trojan-activity | URL | |||
| 16854 | BLACKLIST DNS request for known malware domain up1.give2sms.com - Trojan-Downloader.Win32.Genome.est (more info ...) | trojan-activity | URL | |||
| 16855 | BLACKLIST DNS request for known malware domain d.123kuaihuo.com - Trojan.Win32.Scar.clbx (more info ...) | trojan-activity | URL | |||
| 16856 | BLACKLIST DNS request for known malware domain andy.cd - Backdoor.Win32.Agent.auto (more info ...) | trojan-activity | URL | |||
| 16857 | BLACKLIST DNS request for known malware domain site.mynet.com - Trojan.Win32.Buzus.dxsr (more info ...) | trojan-activity | URL | |||
| 16858 | BLACKLIST DNS request for known malware domain charter-x.biz - Packed.Win32.Krap.ae (more info ...) | trojan-activity | URL | |||
| 16859 | BLACKLIST DNS request for known malware domain gerherber.com - Trojan-Spy.Win32.Zbot.akdw (more info ...) | trojan-activity | URL | |||
| 16860 | BLACKLIST DNS request for known malware domain urodinam.net - Trojan.Win32.TDSS.azsj (more info ...) | trojan-activity | URL | |||
| 16861 | BLACKLIST DNS request for known malware domain gite-eguisheim.com - Trojan-Downloader.Win32.Piker.clp (more info ...) | trojan-activity | URL | |||
| 16862 | BLACKLIST DNS request for known malware domain phaizeipeu.ru - Packed.Win32.Krap.gx (more info ...) | trojan-activity | URL | |||
| 16863 | BLACKLIST DNS request for known malware domain teendx.com - Trojan-Spy.Win32.Zbot.gen (more info ...) | trojan-activity | URL | |||
| 16864 | BLACKLIST DNS request for known malware domain taiping2033.2288.org - Trojan-Downloader.Win32.Selvice.afy (more info ...) | trojan-activity | URL | |||
| 16865 | BLACKLIST DNS request for known malware domain cnfg.maxsitesrevenues.net - Trojan.Win32.BHO.afke (more info ...) | trojan-activity | URL | |||
| 16866 | BLACKLIST DNS request for known malware domain members.multimania.co.uk - Trojan.Win32.Inject.ahqv (more info ...) | trojan-activity | URL | |||
| 16867 | BLACKLIST DNS request for known malware domain down.toopc.com - Trojan-Dropper.Win32.Clons.hai (more info ...) | trojan-activity | URL | |||
| 16868 | BLACKLIST DNS request for known malware domain hostshack.net - Trojan.Win32.Buzus.empl (more info ...) | trojan-activity | URL | |||
| 16869 | BLACKLIST DNS request for known malware domain tt.vv49.com - Trojan-GameThief.Win32.OnLineGames.bnkb (more info ...) | trojan-activity | URL | |||
| 16870 | BLACKLIST DNS request for known malware domain search.sidegreen.com - Backdoor.Win32.Agent.arqi (more info ...) | trojan-activity | URL | |||
| 16871 | BLACKLIST DNS request for known malware domain parfaitpournous.com - Trojan-Spy.Win32.Zbot.gen (more info ...) | trojan-activity | URL | |||
| 16872 | BLACKLIST DNS request for known malware domain postmetoday.ru - Packed.Win32.Katusha.j (more info ...) | trojan-activity | URL | |||
| 16873 | BLACKLIST DNS request for known malware domain youword.cn - Trojan.Win32.Scar.bvgu (more info ...) | trojan-activity | URL | |||
| 16874 | BLACKLIST DNS request for known malware domain ophaeghaev.ru - Trojan-Spy.Win32.Zbot.akmi (more info ...) | trojan-activity | URL | |||
| 16875 | BLACKLIST DNS request for known malware domain up1.free-sms.co.kr - Trojan.Win32.Vilsel.akp (more info ...) | trojan-activity | URL | |||
| 16876 | BLACKLIST DNS request for known malware domain c.softdowns.info - Trojan.BAT.Agent.yn (more info ...) | trojan-activity | URL | |||
| 16877 | BLACKLIST DNS request for known malware domain ddkom.biz - Trojan.Win32.Scar.ckhr (more info ...) | trojan-activity | URL | |||
| 16878 | BLACKLIST DNS request for known malware domain vopret.ru - Trojan.Win32.FraudPack.axwn (more info ...) | trojan-activity | URL | |||
| 16879 | BLACKLIST DNS request for known malware domain dnfpomo.dnfranran.com - Trojan-GameThief.Win32.OnLineGames.bnkx (more info ...) | trojan-activity | URL | |||
| 16880 | BLACKLIST DNS request for known malware domain dnfuu.3322.org - Trojan-Downloader.Win32.Genome.asrx (more info ...) | trojan-activity | URL | |||
| 16881 | BLACKLIST DNS request for known malware domain sex-gifts.ru - Trojan-Spy.Win32.Zbot.gen (more info ...) | trojan-activity | URL | |||
| 16882 | BLACKLIST DNS request for known malware domain 111.168lala.com - Backdoor.Win32.Popwin.cyn (more info ...) | trojan-activity | URL | |||
| 16883 | BLACKLIST DNS request for known malware domain mcafee-registry.ru - Trojan-Spy.Win32.Zbot.akgb (more info ...) | trojan-activity | URL | |||
| 16884 | BLACKLIST DNS request for known malware domain bits4ever.ru - Trojan-Spy.Win32.Zbot.aknt (more info ...) | trojan-activity | URL | |||
| 16885 | BLACKLIST DNS request for known malware domain monicaecarlos.com - Trojan-Downloader.Win32.Genome.awxv (more info ...) | trojan-activity | URL | |||
| 16886 | BLACKLIST DNS request for known malware domain d.trymedia.com - Trojan-Dropper.Win32.Delf.fkk (more info ...) | trojan-activity | URL | |||
| 16888 | BLACKLIST DNS request for known malware domain dbtte.com - Trojan-Banker.Win32.Banz.crk (more info ...) | trojan-activity | URL | |||
| 16889 | BLACKLIST DNS request for known malware domain h1.ripway.com - Trojan.Win32.Refroso.bcdq (more info ...) | trojan-activity | URL | |||
| 16890 | BLACKLIST DNS request for known malware domain in6cs.com - Trojan.Win32.Tdss.beea (more info ...) | trojan-activity | URL | |||
| 16891 | BLACKLIST DNS request for known malware domain solo1928.ru - Trojan-Spy.Win32.Zbot.gen (more info ...) | trojan-activity | URL | |||
| 16892 | BLACKLIST DNS request for known malware domain fg545633.host.zgridc.com - Trojan.Win32.Pincav.abub (more info ...) | trojan-activity | URL | |||
| 16893 | BLACKLIST DNS request for known malware domain primusdns.ru - Backdoor.Win32.Havar.eh (more info ...) | trojan-activity | URL | |||
| 16894 | BLACKLIST DNS request for known malware domain eq.pccppc.com - Trojan-Downloader.Win32.Pher.fkl (more info ...) | trojan-activity | URL | |||
| 16895 | BLACKLIST DNS request for known malware domain alodh.in - Backdoor.Win32.Delf.vde (more info ...) | trojan-activity | URL | |||
| 16896 | BLACKLIST DNS request for known malware domain reward.pnshop.co.kr - Backdoor.Win32.Agent.ahra (more info ...) | trojan-activity | URL | |||
| 16897 | BLACKLIST DNS request for known malware domain sympathy.hdnews.net - Trojan-Spy.Win32.Zbot.gen (more info ...) | trojan-activity | URL | |||
| 16898 | BLACKLIST DNS request for known malware domain sx21.e4578.com - Trojan.Win32.Scar.ccqb (more info ...) | trojan-activity | URL | |||
| 16899 | BLACKLIST DNS request for known malware domain downloadering.9966.org - Trojan.Win32.Vilsel.adxv (more info ...) | trojan-activity | URL | |||
| 16900 | BLACKLIST DNS request for known malware domain reportes201.com - Trojan-Downloader.Win32.Genome.ashe (more info ...) | trojan-activity | URL | |||
| 16901 | BLACKLIST DNS request for known malware domain local.1140.co.kr - Trojan-Downloader.Win32.Genome.aobm (more info ...) | trojan-activity | URL | |||
| 16902 | BLACKLIST DNS request for known malware domain promojoy.net - Packed.Win32.Krap.gx (more info ...) | trojan-activity | URL | |||
| 16903 | BLACKLIST DNS request for known malware domain gpwg.ws - Worm.Win32.AutoRun.bjca (more info ...) | trojan-activity | URL | |||
| 16904 | BLACKLIST DNS request for known malware domain xoomer.alice.it - Trojan-Downloader.Win32.Banload.kdu (more info ...) | trojan-activity | URL | |||
| 16905 | BLACKLIST DNS request for known malware domain xoomer.virgilio.it - Backdoor.Win32.Clar.d (more info ...) | trojan-activity | URL | |||
| 16906 | BLACKLIST DNS request for known malware domain down.p2pplay.com - Trojan-GameThief.Win32.OnLineGames.wgkv (more info ...) | trojan-activity | URL | |||
| 16907 | BLACKLIST DNS request for known malware domain livetrust.info - Trojan-Spy.Win32.Zbot.akku (more info ...) | trojan-activity | URL | |||
| 16908 | BLACKLIST DNS request for known malware domain ootaivilei.ru - Trojan-Spy.Win32.Zbot.akme (more info ...) | trojan-activity | URL | |||
| 16909 | BLACKLIST DNS request for known malware domain babah20122012.com - Trojan-Spy.Win32.Zbot.akbb (more info ...) | trojan-activity | URL | |||
| 16910 | BLACKLIST DNS request for known malware domain pattern - 0-0-0-0-0-0-0.info (more info ...) | trojan-activity | URL | |||
| 17047 | NETBIOS Microsoft Windows DNS Server RPC management interface buffer overflow attempt (more info ...) | attempted-admin | 2007-1748 | 23470 | URL | |
| 17818 | BLACKLIST DNS request for known malware domain ktr.t134.net (more info ...) | trojan-activity | URL | |||
| 17819 | BLACKLIST DNS request for known malware domain motuh.com (more info ...) | trojan-activity | URL | |||
| 17820 | BLACKLIST DNS request for known malware domain myanimalclips.com (more info ...) | trojan-activity | URL | |||
| 17821 | BLACKLIST DNS request for known malware domain ketsymbol.com (more info ...) | trojan-activity | URL | |||
| 17822 | BLACKLIST DNS request for known malware domain ics.hotbar.com (more info ...) | trojan-activity | URL | |||
| 17823 | BLACKLIST DNS request for known malware domain www.myroitracking.com (more info ...) | trojan-activity | URL | |||
| 17824 | BLACKLIST DNS request for known malware domain teenxmovs.net (more info ...) | trojan-activity | URL | |||
| 17825 | BLACKLIST DNS request for known malware domain px.smowtion.com (more info ...) | trojan-activity | URL | |||
| 17826 | BLACKLIST DNS request for known malware domain cheaps1.info (more info ...) | trojan-activity | URL | |||
| 17827 | BLACKLIST DNS request for known malware domain sexmoviesland.net (more info ...) | trojan-activity | URL | |||
| 17828 | BLACKLIST DNS request for known malware domain 67.201.36.16 (more info ...) | trojan-activity | URL | |||
| 17829 | BLACKLIST DNS request for known malware domain c7.zxxds.net (more info ...) | trojan-activity | URL | |||
| 17830 | BLACKLIST DNS request for known malware domain dickvsclit.net (more info ...) | trojan-activity | URL | |||
| 17831 | BLACKLIST DNS request for known malware domain edrichfinearts.com (more info ...) | trojan-activity | URL | |||
| 17832 | BLACKLIST DNS request for known malware domain img100.xvideos.com (more info ...) | trojan-activity | URL | |||
| 17833 | BLACKLIST DNS request for known malware domain www.dsnextgen.com (more info ...) | trojan-activity | URL | |||
| 17834 | BLACKLIST DNS request for known malware domain 343.boolans.com (more info ...) | trojan-activity | URL | |||
| 17835 | BLACKLIST DNS request for known malware domain xpresdnet.com (more info ...) | trojan-activity | URL | |||
| 17836 | BLACKLIST DNS request for known malware domain gbsup.com (more info ...) | trojan-activity | URL | |||
| 17837 | BLACKLIST DNS request for known malware domain xxsmovies.com (more info ...) | trojan-activity | URL | |||
| 17838 | BLACKLIST DNS request for known malware domain vc.iwriteweb.com (more info ...) | trojan-activity | URL | |||
| 17839 | BLACKLIST DNS request for known malware domain js.222233.com (more info ...) | trojan-activity | URL | |||
| 17840 | BLACKLIST DNS request for known malware domain www.grannyplanet.com (more info ...) | trojan-activity | URL | |||
| 17841 | BLACKLIST DNS request for known malware domain coop.crwdcntrl.net (more info ...) | trojan-activity | URL | |||
| 17842 | BLACKLIST DNS request for known malware domain extrahotx.net (more info ...) | trojan-activity | URL | |||
| 17843 | BLACKLIST DNS request for known malware domain extralargevideos.com (more info ...) | trojan-activity | URL | |||
| 17844 | BLACKLIST DNS request for known malware domain www.derquda.com (more info ...) | trojan-activity | URL | |||
| 17845 | BLACKLIST DNS request for known malware domain aahydrogen.com (more info ...) | trojan-activity | URL | |||
| 17846 | BLACKLIST DNS request for known malware domain trumpetlicks.com (more info ...) | trojan-activity | URL | |||
| 17847 | BLACKLIST DNS request for known malware domain mskla.com (more info ...) | trojan-activity | URL | |||
| 17848 | BLACKLIST DNS request for known malware domain play.unionsky.cn (more info ...) | trojan-activity | URL | |||
| 17849 | BLACKLIST DNS request for known malware domain fuckersucker.com (more info ...) | trojan-activity | URL | |||
| 17850 | BLACKLIST DNS request for known malware domain pornfucklist.com (more info ...) | trojan-activity | URL | |||
| 17851 | BLACKLIST DNS request for known malware domain game.685faiudeme.com (more info ...) | trojan-activity | URL | |||
| 17852 | BLACKLIST DNS request for known malware domain 447.cc (more info ...) | trojan-activity | URL | |||
| 17853 | BLACKLIST DNS request for known malware domain dommonview.com (more info ...) | trojan-activity | URL | |||
| 17854 | BLACKLIST DNS request for known malware domain www.lamiaexragazza.com (more info ...) | trojan-activity | URL | |||
| 17855 | BLACKLIST DNS request for known malware domain acofinder.com (more info ...) | trojan-activity | URL | |||
| 17856 | BLACKLIST DNS request for known malware domain fuckfuckvids.com (more info ...) | trojan-activity | URL | |||
| 17857 | BLACKLIST DNS request for known malware domain www.cnhack.cn (more info ...) | trojan-activity | URL | |||
| 17858 | BLACKLIST DNS request for known malware domain kingsizematures.com (more info ...) | trojan-activity | URL | |||
| 17859 | BLACKLIST DNS request for known malware domain promotds.com (more info ...) | trojan-activity | URL | |||
| 17860 | BLACKLIST DNS request for known malware domain mejac.com (more info ...) | trojan-activity | URL | |||
| 17861 | BLACKLIST DNS request for known malware domain zq2.9wee.com (more info ...) | trojan-activity | URL | |||
| 17862 | BLACKLIST DNS request for known malware domain 122.770304123.cn (more info ...) | trojan-activity | URL | |||
| 17863 | BLACKLIST DNS request for known malware domain rpt2.21civ.com (more info ...) | trojan-activity | URL | |||
| 17864 | BLACKLIST DNS request for known malware domain tubexxxmatures.com (more info ...) | trojan-activity | URL | |||
| 17865 | BLACKLIST DNS request for known malware domain 110.770304123.cn (more info ...) | trojan-activity | URL | |||
| 17866 | BLACKLIST DNS request for known malware domain aebankonline.com (more info ...) | trojan-activity | URL | |||
| 17867 | BLACKLIST DNS request for known malware domain utm.trk.myfuncards.com (more info ...) | trojan-activity | URL | |||
| 17868 | BLACKLIST DNS request for known malware domain a.qq2233.com (more info ...) | trojan-activity | URL | |||
| 17869 | BLACKLIST DNS request for known malware domain px.mgplatform.com (more info ...) | trojan-activity | URL | |||
| 17870 | BLACKLIST DNS request for known malware domain trojan8.com (more info ...) | trojan-activity | URL | |||
| 17871 | BLACKLIST DNS request for known malware domain brutalxvideos.com (more info ...) | trojan-activity | URL | |||
| 17872 | BLACKLIST DNS request for known malware domain www3.sexown.com (more info ...) | trojan-activity | URL | |||
| 17873 | BLACKLIST DNS request for known malware domain mummimpegs.com (more info ...) | trojan-activity | URL | |||
| 17874 | BLACKLIST DNS request for known malware domain f19dd4abb8b8bdf2.cn (more info ...) | trojan-activity | URL | |||
| 17875 | BLACKLIST DNS request for known malware domain www.very-young-boys.com (more info ...) | trojan-activity | URL | |||
| 17876 | BLACKLIST DNS request for known malware domain 91629.com (more info ...) | trojan-activity | URL | |||
| 17877 | BLACKLIST DNS request for known malware domain animal36.com (more info ...) | trojan-activity | URL | |||
| 17878 | BLACKLIST DNS request for known malware domain ayb.host127-0-0-1.com (more info ...) | trojan-activity | URL | |||
| 17879 | BLACKLIST DNS request for known malware domain cfg.353wanwan.com (more info ...) | trojan-activity | URL | |||
| 17880 | BLACKLIST DNS request for known malware domain www.027dj.com (more info ...) | trojan-activity | URL | |||
| 17881 | BLACKLIST DNS request for known malware domain fucktosky.com (more info ...) | trojan-activity | URL | |||
| 17882 | BLACKLIST DNS request for known malware domain procca.com (more info ...) | trojan-activity | URL | |||
| 17883 | BLACKLIST DNS request for known malware domain autouploaders.net (more info ...) | trojan-activity | URL | |||
| 17884 | BLACKLIST DNS request for known malware domain gimmemyporn.com (more info ...) | trojan-activity | URL | |||
| 17885 | BLACKLIST DNS request for known malware domain waytoall.com (more info ...) | trojan-activity | URL | |||
| 17886 | BLACKLIST DNS request for known malware domain www.spamature.com (more info ...) | trojan-activity | URL | |||
| 17887 | BLACKLIST DNS request for known malware domain info.collectionerrorreport.com (more info ...) | trojan-activity | URL | |||
| 17888 | BLACKLIST DNS request for known malware domain bn.xp1.ru4.com (more info ...) | trojan-activity | URL | |||
| 17889 | BLACKLIST DNS request for known malware domain www.ajie520.com (more info ...) | trojan-activity | URL | |||
| 17890 | BLACKLIST DNS request for known malware domain 114search1.118114.cn (more info ...) | trojan-activity | URL | |||
| 17891 | BLACKLIST DNS request for known malware domain bestkind.ru (more info ...) | trojan-activity | URL | |||
| 17892 | BLACKLIST DNS request for known malware domain clickpotato.tv (more info ...) | trojan-activity | URL | |||
| 17893 | BLACKLIST DNS request for known malware domain www.zxc0001.com (more info ...) | trojan-activity | URL | |||
| 17894 | BLACKLIST DNS request for known malware domain streq.cn (more info ...) | trojan-activity | URL | |||
| 17895 | BLACKLIST DNS request for known malware domain pyow.prixi-soft.ir (more info ...) | trojan-activity | URL | |||
| 17896 | BLACKLIST DNS request for known malware domain 113552url.cptgt.com (more info ...) | trojan-activity | URL | |||
| 17897 | BLACKLIST DNS request for known malware domain www.moneytw8.com (more info ...) | trojan-activity | URL | |||
| 18079 | BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com (more info ...) | trojan-activity | ||||
| 18080 | BLACKLIST DNS request for known malware domain netrand.house.sina.com.cn (more info ...) | trojan-activity | ||||
| 18081 | BLACKLIST DNS request for known malware domain wenyixuan.3322.org (more info ...) | trojan-activity | ||||
| 18082 | BLACKLIST DNS request for known malware domain 3q.sbwanwan.com (more info ...) | trojan-activity | ||||
| 18083 | BLACKLIST DNS request for known malware domain 863.dclsba.com (more info ...) | trojan-activity | ||||
| 18084 | BLACKLIST DNS request for known malware domain drs317a.gotoip4.com (more info ...) | trojan-activity | ||||
| 18085 | BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com (more info ...) | trojan-activity | ||||
| 18086 | BLACKLIST DNS request for known malware domain qq.sbwanwan.com (more info ...) | trojan-activity | ||||
| 18087 | BLACKLIST DNS request for known malware domain tiantianzaixian.gotoip1.com (more info ...) | trojan-activity | ||||
| 18088 | BLACKLIST DNS request for known malware domain wenyixuan.3322.org (more info ...) | trojan-activity | ||||
| 18089 | BLACKLIST DNS request for known malware domain www.auto328.com (more info ...) | trojan-activity | ||||
| 18090 | BLACKLIST DNS request for known malware domain www.comstelecom.com (more info ...) | trojan-activity | ||||
| 18091 | BLACKLIST DNS request for known malware domain www.goodfriends.or.kr (more info ...) | trojan-activity | ||||
| 18092 | BLACKLIST DNS request for known malware domain www.hao1345.com (more info ...) | trojan-activity | ||||
| 18093 | BLACKLIST DNS request for known malware domain www.opusgame.com (more info ...) | trojan-activity | ||||
| 18094 | BLACKLIST DNS request for known malware domain www.theoffstage.com (more info ...) | trojan-activity | ||||
| 18095 | BLACKLIST DNS request for known malware domain www.wwmei.com (more info ...) | trojan-activity | ||||
| 18103 | BLACKLIST DNS request for known malware domain 5yvod.net (more info ...) | trojan-activity | 2010-3962 | |||
| 18104 | BLACKLIST DNS request for known malware domain b.9s3.info (more info ...) | trojan-activity | 2010-3962 | |||
| 18105 | BLACKLIST DNS request for known malware domain baidutaobao.gotoip55.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18106 | BLACKLIST DNS request for known malware domain e.msssm.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18107 | BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18108 | BLACKLIST DNS request for known malware domain phoroshop.es (more info ...) | trojan-activity | 2010-3962 | |||
| 18109 | BLACKLIST DNS request for known malware domain talk.cetizen.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18110 | BLACKLIST DNS request for known malware domain tiantianzaixian.gotoip1.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18111 | BLACKLIST DNS request for known malware domain v.9y9c.co.cc (more info ...) | trojan-activity | 2010-3962 | |||
| 18112 | BLACKLIST DNS request for known malware domain wenyixuan.3322.org. (more info ...) | trojan-activity | 2010-3962 | |||
| 18113 | BLACKLIST DNS request for known malware domain wusheng03.3322.org (more info ...) | trojan-activity | 2010-3962 | |||
| 18114 | BLACKLIST DNS request for known malware domain www.5fqq.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18115 | BLACKLIST DNS request for known malware domain www.ajs2002.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18116 | BLACKLIST DNS request for known malware domain www.bnbsoft.co.kr (more info ...) | trojan-activity | 2010-3962 | |||
| 18117 | BLACKLIST DNS request for known malware domain www.cineseoul.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18118 | BLACKLIST DNS request for known malware domain www.hao1345.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18119 | BLACKLIST DNS request for known malware domain www.ilbondrama.net (more info ...) | trojan-activity | 2010-3962 | |||
| 18120 | BLACKLIST DNS request for known malware domain www.iwebdy.net (more info ...) | trojan-activity | 2010-3962 | |||
| 18121 | BLACKLIST DNS request for known malware domain www.linzhiling123.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18122 | BLACKLIST DNS request for known malware domain www.opusgame.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18123 | BLACKLIST DNS request for known malware domain www.phoroshop.es (more info ...) | trojan-activity | 2010-3962 | |||
| 18124 | BLACKLIST DNS request for known malware domain www.sijianfeng.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18125 | BLACKLIST DNS request for known malware domain www.tpydb.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18126 | BLACKLIST DNS request for known malware domain www.tpydb.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18127 | BLACKLIST DNS request for known malware domain www.univus.co.kr (more info ...) | trojan-activity | 2010-3962 | |||
| 18128 | BLACKLIST DNS request for known malware domain www.uwonderfull.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18129 | BLACKLIST DNS request for known malware domain www.w22rt.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18130 | BLACKLIST DNS request for known malware domain www.wwmei.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18131 | BLACKLIST DNS request for known malware domain www.ybtour.co.kr (more info ...) | trojan-activity | 2010-3962 | |||
| 18133 | BLACKLIST DNS request for known malware domain www.001zs.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18134 | BLACKLIST DNS request for known malware domain www.551sf.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18135 | BLACKLIST DNS request for known malware domain www.555hd.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18136 | BLACKLIST DNS request for known malware domain www.66xihu.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18137 | BLACKLIST DNS request for known malware domain www.9292cs.cn (more info ...) | trojan-activity | 2010-3962 | |||
| 18138 | BLACKLIST DNS request for known malware domain www.chateaulegend.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18139 | BLACKLIST DNS request for known malware domain www.china-aoben.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18140 | BLACKLIST DNS request for known malware domain www.cqtjg.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18141 | BLACKLIST DNS request for known malware domain www.dspenter.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18142 | BLACKLIST DNS request for known malware domain www.eastadmin.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18143 | BLACKLIST DNS request for known malware domain www.fp0755.cn (more info ...) | trojan-activity | 2010-3962 | |||
| 18144 | BLACKLIST DNS request for known malware domain www.fp0769.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18145 | BLACKLIST DNS request for known malware domain www.fp360.net (more info ...) | trojan-activity | 2010-3962 | |||
| 18146 | BLACKLIST DNS request for known malware domain www.gdfp365.cn (more info ...) | trojan-activity | 2010-3962 | |||
| 18147 | BLACKLIST DNS request for known malware domain www.gev.cn (more info ...) | trojan-activity | 2010-3962 | |||
| 18148 | BLACKLIST DNS request for known malware domain www.haoleyou.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18149 | BLACKLIST DNS request for known malware domain www.haosf08.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18150 | BLACKLIST DNS request for known malware domain www.jxbaike.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18151 | BLACKLIST DNS request for known malware domain www.kingsoftduba2009.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18152 | BLACKLIST DNS request for known malware domain www.mainhu.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18153 | BLACKLIST DNS request for known malware domain www.maoyiren.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18154 | BLACKLIST DNS request for known malware domain www.nc57.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18155 | BLACKLIST DNS request for known malware domain www.pplog.cn (more info ...) | trojan-activity | 2010-3962 | |||
| 18156 | BLACKLIST DNS request for known malware domain www.pxflm.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18157 | BLACKLIST DNS request for known malware domain www.quyou365.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18158 | BLACKLIST DNS request for known malware domain www.shzhaotian.cn (more info ...) | trojan-activity | 2010-3962 | |||
| 18159 | BLACKLIST DNS request for known malware domain www.soanala.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18160 | BLACKLIST DNS request for known malware domain www.stony-skunk.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18161 | BLACKLIST DNS request for known malware domain www.street08.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18162 | BLACKLIST DNS request for known malware domain www.weilingcy.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18163 | BLACKLIST DNS request for known malware domain www.yisaa.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18164 | BLACKLIST DNS request for known malware domain www.yx240.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18165 | BLACKLIST DNS request for known malware domain e.mssm.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18166 | BLACKLIST DNS request for known malware domain dfgdd.9y6c.co.cc (more info ...) | trojan-activity | 2010-3962 | |||
| 18183 | BLACKLIST DNS request for known malware domain mailzou.com (more info ...) | trojan-activity | 2010-3962 | |||
| 18184 | BLACKLIST DNS request for known malware domain dnf.gametime.co.kr (more info ...) | trojan-activity | 2010-3962 | |||
| 18185 | BLACKLIST DNS request for known malware domain www.dd0415.net (more info ...) | trojan-activity | 2010-3962 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1941 | TFTP GET filename overflow attempt (more info ...) | attempted-admin | 2009-2957 | 5328 | 18264 | |
| 2338 | FTP LIST buffer overflow attempt (more info ...) | misc-attack | 2009-0351 | 9675 | URL | |
| 2374 | FTP NLST overflow attempt (more info ...) | attempted-admin | 2009-3023 | 7909 | URL | |
| 5881 | SPYWARE-PUT Keylogger spyagent runtime detect - ftp delivery (more info ...) | successful-recon-limited | URL | |||
| 6142 | BACKDOOR hellzaddiction v1.0e runtime detection - ftp open (more info ...) | trojan-activity | URL | |||
| 6208 | SPYWARE-PUT Keylogger winsession runtime detection - ftp (more info ...) | successful-recon-limited | URL | |||
| 6288 | BACKDOOR fictional daemon 4.4 runtime detection - ftp (more info ...) | trojan-activity | URL | |||
| 6319 | BACKDOOR evilftp runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 7185 | SPYWARE-PUT Keylogger 007 spy software runtime detection - ftp (more info ...) | successful-recon-limited | URL | |||
| 7504 | SPYWARE-PUT Keylogger actualspy runtime detection - ftp-data (more info ...) | successful-recon-limited | URL | |||
| 7762 | BACKDOOR analftp 0.1 runtime detection - icq notification (more info ...) | trojan-activity | URL | |||
| 7934 | WEB-ACTIVEX ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7935 | WEB-ACTIVEX ftp Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 9341 | SPECIFIC-THREATS sasser open ftp command shell (more info ...) | trojan-activity | URL | |||
| 9402 | SPECIFIC-THREATS welchia tftp propagation detection (more info ...) | trojan-activity | URL | |||
| 9828 | SPYWARE-PUT Keylogger paq keylog runtime detection - ftp (more info ...) | successful-recon-limited | URL | |||
| 10089 | SPYWARE-PUT Keylogger beyond Keylogger runtime detection - log sent by ftp (more info ...) | successful-recon-limited | URL | |||
| 10135 | DOS Squid proxy FTP denial of service attempt (more info ...) | denial-of-service | 2007-0247 | 22079 | ||
| 10444 | BACKDOOR acidbattery 1.0 runtime detection - open ftp serice (more info ...) | trojan-activity | URL | |||
| 12237 | BACKDOOR theef 2.10 runtime detection - ftp (more info ...) | trojan-activity | ||||
| 13927 | TFTP Server log generation buffer overflow attempt (more info ...) | attempted-admin | 2008-2161 | |||
| 14778 | WEB-ACTIVEX Dart Communications PowerTCP FTP ActiveX clsid access (more info ...) | attempted-user | 31814 | |||
| 14779 | WEB-ACTIVEX Dart Communications PowerTCP FTP ActiveX clsid unicode access (more info ...) | attempted-user | 31814 | |||
| 14780 | WEB-ACTIVEX Dart Communications PowerTCP FTP ActiveX function call access (more info ...) | attempted-user | 31814 | |||
| 14781 | WEB-ACTIVEX Dart Communications PowerTCP FTP ActiveX function call unicode access (more info ...) | attempted-user | 31814 | |||
| 15159 | WEB-ACTIVEX Evans FTP ActiveX clsid access (more info ...) | attempted-user | 32814 | |||
| 15160 | WEB-ACTIVEX Evans FTP ActiveX clsid unicode access (more info ...) | attempted-user | 32814 | |||
| 15161 | WEB-ACTIVEX Evans FTP ActiveX function call access (more info ...) | attempted-user | 32814 | |||
| 15162 | WEB-ACTIVEX Evans FTP ActiveX function call unicode access (more info ...) | attempted-user | 32814 | |||
| 15368 | WEB-ACTIVEX FathFTP ActiveX clsid access (more info ...) | attempted-user | 33842 | |||
| 15369 | WEB-ACTIVEX FathFTP ActiveX clsid unicode access (more info ...) | attempted-user | 33842 | |||
| 15370 | WEB-ACTIVEX FathFTP ActiveX function call access (more info ...) | attempted-user | 33842 | |||
| 15371 | WEB-ACTIVEX FathFTP ActiveX function call unicode access (more info ...) | attempted-user | 33842 | |||
| 15932 | FTP LIST globbing denial of service attack (more info ...) | attempted-dos | 2009-2521 | URL | ||
| 16077 | SPECIFIC-THREATS Tripwire format string vulnerability ftp exploit attempt (more info ...) | attempted-admin | 2004-0536 | 10454 | ||
| 16357 | FTP multiple extension code execution attempt (more info ...) | web-application-attack | 2009-4444 | |||
| 17059 | FTP Vermillion 1.31 vftpd port command memory corruption (more info ...) | misc-attack | URL | |||
| 17446 | SPECIFIC-THREATS Microsoft Internet Explorer FTP client directory traversal attempt (more info ...) | misc-activity | 2004-1376 | |||
| 17521 | SPECIFIC-THREATS GoodTech SSH Server SFTP Processing Buffer Overflow (more info ...) | attempted-user | 2008-4726 | 31879 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 144 | FTP ADMw0rm ftp login attempt (more info ...) | suspicious-login | ||||
| 157 | BACKDOOR BackConstruction 2.1 Client FTP Open Request (more info ...) | misc-activity | ||||
| 158 | BACKDOOR BackConstruction 2.1 Server FTP Open Reply (more info ...) | misc-activity | ||||
| 308 | EXPLOIT NextFTP client overflow (more info ...) | attempted-user | 1999-0671 | 572 | ||
| 334 | FTP .forward (more info ...) | suspicious-filename-detect | ||||
| 335 | FTP .rhosts (more info ...) | suspicious-filename-detect | ||||
| 336 | FTP CWD ~root attempt (more info ...) | bad-unknown | 1999-0082 | |||
| 337 | FTP CEL overflow attempt (more info ...) | attempted-admin | 1999-0789 | 679 | 10009 | |
| 353 | FTP adm scan (more info ...) | suspicious-login | ||||
| 354 | FTP iss scan (more info ...) | suspicious-login | ||||
| 355 | FTP pass wh00t (more info ...) | suspicious-login | ||||
| 356 | FTP passwd retrieval attempt (more info ...) | suspicious-filename-detect | ||||
| 357 | FTP piss scan (more info ...) | suspicious-login | URL | |||
| 358 | FTP saint scan (more info ...) | suspicious-login | ||||
| 359 | FTP satan scan (more info ...) | suspicious-login | ||||
| 360 | FTP serv-u directory transversal (more info ...) | bad-unknown | 2001-0054 | 2052 | 10565 | |
| 361 | FTP SITE EXEC attempt (more info ...) | bad-unknown | 1999-0955 | 2241 | ||
| 362 | FTP tar parameters (more info ...) | bad-unknown | 1999-0997 | 2240 | ||
| 489 | FTP no password (more info ...) | unknown | ||||
| 491 | FTP Bad login (more info ...) | bad-unknown | ||||
| 518 | TFTP Put (more info ...) | bad-unknown | 1999-0183 | |||
| 519 | TFTP parent directory (more info ...) | bad-unknown | 2002-1209 | |||
| 520 | TFTP root directory (more info ...) | bad-unknown | 1999-0183 | |||
| 1068 | WEB-MISC tftp attempt (more info ...) | web-application-activity | ||||
| 1107 | WEB-MISC ftp.pl access (more info ...) | web-application-activity | 2000-0674 | 1471 | 10467 | |
| 1166 | WEB-MISC ws_ftp.ini access (more info ...) | attempted-recon | 1999-1078 | 547 | ||
| 1229 | FTP CWD ... (more info ...) | bad-unknown | 9237 | |||
| 1230 | WEB-MISC VirusWall FtpSave access (more info ...) | attempted-recon | 2001-0432 | 2808 | 10733 | |
| 1234 | WEB-MISC VirusWall FtpSaveCSP access (more info ...) | attempted-recon | 2001-0432 | 2808 | 10733 | |
| 1235 | WEB-MISC VirusWall FtpSaveCVP access (more info ...) | attempted-recon | 2001-0432 | 2808 | 10733 | |
| 1289 | TFTP GET Admin.dll (more info ...) | successful-admin | URL | |||
| 1377 | FTP wu-ftp bad file completion attempt [ (more info ...) | misc-attack | 2001-0886 | 3707 | 10821 | |
| 1379 | FTP STAT overflow attempt (more info ...) | attempted-admin | 2003-0772 | 8542 | URL | |
| 1441 | TFTP GET nc.exe (more info ...) | successful-admin | ||||
| 1442 | TFTP GET shadow (more info ...) | successful-admin | ||||
| 1443 | TFTP GET passwd (more info ...) | successful-admin | ||||
| 1444 | TFTP Get (more info ...) | bad-unknown | ||||
| 1529 | FTP SITE overflow attempt (more info ...) | attempted-admin | 2001-0770 | |||
| 1562 | FTP SITE CHOWN overflow attempt (more info ...) | attempted-admin | 2001-0065 | 2120 | 10579 | |
| 1612 | WEB-MISC ftp.pl attempt (more info ...) | web-application-attack | 2000-0674 | 1471 | 10467 | |
| 1621 | FTP CMD overflow attempt (more info ...) | attempted-admin | ||||
| 1622 | FTP RNFR ././ attempt (more info ...) | misc-attack | 1999-0081 | |||
| 1623 | FTP invalid MODE (more info ...) | protocol-command-decode | URL | |||
| 1624 | FTP PWD overflow attempt (more info ...) | protocol-command-decode | ||||
| 1625 | FTP SYST overflow attempt (more info ...) | protocol-command-decode | URL | |||
| 1662 | WEB-MISC /~ftp access (more info ...) | attempted-recon | ||||
| 1670 | WEB-MISC /home/ftp access (more info ...) | web-application-activity | 11032 | |||
| 1672 | FTP CWD ~ attempt (more info ...) | denial-of-service | 2001-0421 | 9215 | ||
| 1734 | FTP USER overflow attempt (more info ...) | attempted-admin | 2005-3683 | 8376 | ||
| 1777 | FTP EXPLOIT STAT * dos attempt (more info ...) | attempted-dos | 2002-0073 | 4482 | 10934 | URL |
| 1778 | FTP EXPLOIT STAT ? dos attempt (more info ...) | attempted-dos | 2002-0073 | 4482 | 10934 | URL |
| 1864 | FTP SITE NEWER attempt (more info ...) | attempted-dos | 1999-0880 | 10319 | ||
| 1888 | FTP SITE CPWD overflow attempt (more info ...) | misc-attack | 2002-0826 | 5427 | ||
| 1919 | FTP CWD overflow attempt (more info ...) | attempted-admin | 2002-0405 | 7950 | ||
| 1920 | FTP SITE NEWER overflow attempt (more info ...) | attempted-admin | 1999-0800 | 229 | ||
| 1921 | FTP SITE ZIPCHK overflow attempt (more info ...) | attempted-admin | 2000-0040 | |||
| 1927 | FTP authorized_keys (more info ...) | suspicious-filename-detect | ||||
| 1928 | FTP shadow retrieval attempt (more info ...) | suspicious-filename-detect | ||||
| 1942 | FTP RMDIR overflow attempt (more info ...) | attempted-admin | 819 | |||
| 1971 | FTP SITE EXEC format string attempt (more info ...) | bad-unknown | 1505 | |||
| 1972 | FTP PASS overflow attempt (more info ...) | attempted-admin | 2005-3683 | 9285 | ||
| 1973 | FTP MKD overflow attempt (more info ...) | attempted-admin | 2010-0625 | 9872 | 12108 | URL |
| 1974 | FTP REST overflow attempt (more info ...) | attempted-admin | 2001-0826 | 2972 | 11755 | |
| 1976 | FTP RMD overflow attempt (more info ...) | attempted-admin | 2010-0625 | 39041 | ||
| 1992 | FTP LIST directory traversal attempt (more info ...) | protocol-command-decode | 2002-1054 | 2618 | 11112 | |
| 2125 | FTP CWD Root directory transversal attempt (more info ...) | protocol-command-decode | 2003-0392 | 7674 | 11677 | |
| 2178 | FTP USER format string attempt (more info ...) | misc-attack | 2004-0277 | 9800 | 11687 | |
| 2179 | FTP PASS format string attempt (more info ...) | misc-attack | 2000-0699 | 9800 | 10490 | |
| 2272 | FTP LIST integer overflow attempt (more info ...) | misc-attack | 2003-0854 | 8875 | 11912 | |
| 2332 | FTP MKD format string attempt (more info ...) | misc-attack | 9262 | |||
| 2333 | FTP RENAME format string attempt (more info ...) | misc-attack | 9262 | |||
| 2334 | FTP Yak! FTP server default account login attempt (more info ...) | suspicious-login | 9072 | |||
| 2335 | FTP RMD / attempt (more info ...) | attempted-dos | 9159 | |||
| 2337 | TFTP PUT filename overflow attempt (more info ...) | attempted-admin | 2003-0380 | 8505 | 18264 | |
| 2339 | TFTP NULL command attempt (more info ...) | bad-unknown | 7575 | |||
| 2340 | FTP SITE CHMOD overflow attempt (more info ...) | attempted-admin | 1999-0838 | 9675 | 12037 | |
| 2343 | FTP STOR overflow attempt (more info ...) | attempted-admin | 2000-0133 | 8668 | ||
| 2344 | FTP XCWD overflow attempt (more info ...) | attempted-admin | 8704 | |||
| 2373 | FTP XMKD overflow attempt (more info ...) | attempted-admin | 2001-1021 | 7909 | ||
| 2389 | FTP RNTO overflow attempt (more info ...) | attempted-admin | 2005-3683 | 8315 | ||
| 2390 | FTP STOU overflow attempt (more info ...) | attempted-admin | 2003-0466 | 8315 | ||
| 2391 | FTP APPE overflow attempt (more info ...) | attempted-admin | 2003-0772 | 8542 | ||
| 2392 | FTP RETR overflow attempt (more info ...) | attempted-admin | 2005-3683 | 8315 | ||
| 2416 | FTP invalid MDTM command attempt (more info ...) | attempted-admin | 2004-0330 | 9751 | ||
| 2417 | FTP format string attempt (more info ...) | string-detect | 2005-2123 | 9800 | ||
| 2449 | FTP ALLO overflow attempt (more info ...) | attempted-admin | 2004-1883 | 9953 | 14598 | |
| 2546 | FTP MDTM overflow attempt (more info ...) | attempted-admin | 2004-0330 | 9751 | 12080 | |
| 2574 | FTP RETR format string attempt (more info ...) | attempted-admin | 2004-1883 | 9800 | ||
| 3077 | FTP RNFR overflow attempt (more info ...) | attempted-admin | 14339 | |||
| 3441 | FTP PORT bounce attempt (more info ...) | misc-attack | 1999-0017 | 126 | 10081 | |
| 3460 | FTP REST with numeric argument (more info ...) | attempted-recon | 7825 | |||
| 3523 | FTP SITE INDEX format string attempt (more info ...) | bad-unknown | 2000-0573 | 1387 | ||
| 3526 | ORACLE XDB FTP UNLOCK overflow attempt (more info ...) | attempted-admin | 2003-0727 | 8375 | ||
| 3532 | ORACLE ftp password buffer overflow attempt (more info ...) | attempted-user | 2003-0727 | 8375 | ||
| 3630 | ORACLE ftp TEST command buffer overflow attempt (more info ...) | misc-attack | 2003-0727 | 8375 | ||
| 3631 | ORACLE ftp user name buffer overflow attempt (more info ...) | attempted-user | 2003-0727 | 8375 | ||
| 3817 | TFTP GET transfer mode overflow attempt (more info ...) | attempted-admin | 2005-1812 | 13821 | ||
| 3818 | TFTP PUT transfer mode overflow attempt (more info ...) | attempted-admin | 2006-6183 | 21301 | ||
| 8415 | FTP SIZE overflow attempt (more info ...) | attempted-admin | 2006-4318 | 19617 | ||
| 8479 | FTP HELP overflow attempt (more info ...) | attempted-admin | 2001-0826 | 2972 | ||
| 8480 | FTP PORT overflow attempt (more info ...) | attempted-admin | 2006-2226 | 18711 | ||
| 8481 | FTP Microsoft NLST * dos attempt (more info ...) | attempted-dos | 2001-0334 | 2717 | URL | |
| 8707 | FTP WZD-FTPD SITE arbitrary command execution attempt (more info ...) | attempted-admin | 2005-3081 | 14935 | ||
| 9621 | TFTP 3COM server transport mode buffer overflow attempt (more info ...) | attempted-admin | 21301 | |||
| 9638 | TFTP PUT Microsoft RIS filename overwrite attempt (more info ...) | policy-violation | 2006-5584 | URL | ||
| 9792 | FTP PASV overflow attempt (more info ...) | attempted-admin | URL | |||
| 10188 | FTP Wsftp XMD5 overflow attempt (more info ...) | attempted-admin | 2006-5000 | 20076 | ||
| 12076 | DOS Ipswitch WS_FTP log server long unicode string (more info ...) | denial-of-service | 2007-3823 | URL | ||
| 12238 | BACKDOOR theef 2.10 runtime detection - ftp (more info ...) | trojan-activity | URL | |||
| 12379 | SPYWARE-PUT Keylogger PaqKeylogger 5.1 runtime detection - ftp (more info ...) | successful-recon-limited | URL | |||
| 13925 | FTP Computer Associates eTrust Secure Content Manager PASV stack overflow attempt (more info ...) | attempted-user | 2008-2541 | |||
| 14743 | FTP RNTO directory traversal attempt (more info ...) | suspicious-filename-detect | 2008-4501 | 31563 | ||
| 16697 | FTP httpdx USER null byte denial of service (more info ...) | attempted-dos | URL | |||
| 16698 | FTP httpdx PASS null byte denial of service (more info ...) | attempted-dos | URL | |||
| 16795 | DOS Google Chrome FTP handling out-of-bounds array index denial of service attempt (more info ...) | attempted-dos | 39183 | |||
| 16806 | BACKDOOR Backdoor.Win32.Qakbot.E - FTP upload seclog (more info ...) | trojan-activity | URL | |||
| 16807 | BACKDOOR Backdoor.Win32.Qakbot.E - FTP Upload ps_dump (more info ...) | trojan-activity | URL | |||
| 17329 | FTP EPRT overflow attempt (more info ...) | attempted-admin | 2005-4459 | 15998 | ||
| 17367 | FTP Microsoft Internet Explorer FTP Response Parsing Memory Corruption (more info ...) | web-application-attack | 2007-0217 | 22489 | ||
| 17518 | FTP FlashGet PWD command stack buffer overflow attempt (more info ...) | attempted-user | 2008-4321 | 30685 | ||
| 17712 | SPECIFIC-THREATS TFTP PUT Microsoft RIS filename overwrite attempt (more info ...) | policy-violation | 2006-5584 | URL | ||
| 18181 | SPECIFIC-THREATS ProFTPd 1.3.3c backdoor activity (more info ...) | trojan-activity | URL | |||
| 18182 | SPECIFIC-THREATS ProFTPd 1.3.3c backdoor help access attempt (more info ...) | trojan-activity | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1326 | EXPLOIT ssh CRC32 overflow NOOP (more info ...) | shellcode-detect | 2001-0572 | 2347 | ||
| 1638 | SCAN SSH Version map attempt (more info ...) | network-scan | ||||
| 1810 | SPECIFIC-THREATS successful gobbles ssh exploit GOBBLE (more info ...) | successful-admin | 2002-0640 | 5093 | ||
| 1811 | SPECIFIC-THREATS successful gobbles ssh exploit uname (more info ...) | misc-attack | 2002-0640 | 5093 | 11031 | |
| 1812 | EXPLOIT gobbles SSH exploit attempt (more info ...) | misc-attack | 2002-0639 | 5093 | 11031 | |
| 1838 | EXPLOIT SSH server banner overflow (more info ...) | misc-attack | 2002-1059 | 5287 | 15822 | |
| 13814 | BACKDOOR passhax runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 17317 | SPECIFIC-THREATS OpenSSH sshd Identical Blocks DOS attempt (more info ...) | attempted-admin | 2006-4924 | 20216 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 6010 | EXPLOIT VERITAS NetBackup vnetd connection attempt (more info ...) | protocol-command-decode | ||||
| 6404 | EXPLOIT Veritas NetBackup Volume Manager connection attempt (more info ...) | protocol-command-decode | ||||
| 12667 | EXPLOIT CA BrightStor ARCServer malicious fileupload attempt (more info ...) | attempted-admin | 2007-5005 | 24348 | ||
| 12784 | EXPLOIT CA ARCserve Backup for Laptops rsxGetBackupLog second argument overflow (more info ...) | attempted-admin | 2007-3216 | 24348 | ||
| 12785 | EXPLOIT CA ARCserve Backup for Laptops rsxGetBackupComplete overflow attemp (more info ...) | attempted-admin | 2007-3216 | 24348 | ||
| 12786 | EXPLOIT CA ARCserve Backup for Laptops rxsSetDataGrowthScheduleAndFilter overflow attempt (more info ...) | attempted-admin | 2007-3216 | 24348 | ||
| 12787 | EXPLOIT CA ARCserve Backup for Laptops rxsSetDefaultConfigName overflow attempt (more info ...) | attempted-admin | 2007-3216 | 24348 | ||
| 12788 | EXPLOIT CA ARCserve Backup for Laptops rxsSetDefaultConfigName overflow attempt (more info ...) | attempted-admin | 2007-3216 | 24348 | ||
| 12904 | EXPLOIT Veritas NetBackup vmd shared library buffer overflow attempt (more info ...) | attempted-admin | 2005-3116 | 15353 | ||
| 13552 | EXPLOIT Symantec VERITAS Storage Foundation Suite buffer overflow attempt (more info ...) | attempted-admin | 2008-0638 | 25778 | URL | |
| 13800 | EXPLOIT ARCServe LGServer service data overflow attempt (more info ...) | attempted-admin | 2008-1328 | 28616 | ||
| 13846 | SPECIFIC-THREATS Veritas Backup Agent password overflow attempt (more info ...) | attempted-admin | 2005-0773 | |||
| 14741 | EXPLOIT Symantec Veritas Foundation Service NULL service authentication attempt (more info ...) | attempted-admin | 2007-2279 | |||
| 14768 | MISC Symantec Veritas Storage Scheduler Service NULL Session auth bypass attempt (more info ...) | attempted-user | 2008-3703 | 30596 | ||
| 14773 | SPECIFIC-THREATS CA ARCserve LGServer handshake buffer overflow attempt (more info ...) | attempted-admin | 2008-3175 | 30472 | ||
| 15931 | MISC Veritas NetBackup java user interface service format string attack attempt (more info ...) | attempted-admin | 2005-2715 | |||
| 16071 | EXPLOIT CA ARCServe Backup Discovery Service denial of service attempt (more info ...) | attempted-dos | 2008-1979 | 28927 | URL | |
| 17520 | EXPLOIT CA ARCserve Backup DB Engine Denial of Service (more info ...) | protocol-command-decode | 2008-4399 | 31684 | ||
| 17706 | MISC Veritas NetBackup java user interface service format string attack attempt (more info ...) | attempted-admin | 2005-2715 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3084 | EXPLOIT Veritas backup overflow attempt (more info ...) | attempted-admin | 2004-1172 | 11974 | ||
| 3453 | MISC Arkeia client backup system info probe (more info ...) | attempted-recon | 2005-0491 | 12594 | ||
| 3454 | MISC Arkeia client backup generic info probe (more info ...) | attempted-recon | 2005-0491 | 12594 | ||
| 3457 | EXPLOIT Arkeia backup client type 77 overflow attempt (more info ...) | attempted-user | 2005-0491 | 12594 | 17158 | |
| 3458 | EXPLOIT Arkeia backup client type 84 overflow attempt (more info ...) | attempted-user | 2005-0491 | 12594 | ||
| 3472 | EXPLOIT ARCserve discovery service overflow (more info ...) | attempted-admin | 2005-0260 | 12491 | ||
| 3474 | EXPLOIT ARCserve backup TCP slot info msg client name overflow (more info ...) | attempted-admin | 12536 | |||
| 3475 | EXPLOIT ARCserve backup TCP slot info msg client domain overflow (more info ...) | attempted-admin | 12536 | |||
| 3476 | EXPLOIT ARCserve backup TCP product info msg 0x9b client domain overflow (more info ...) | attempted-admin | 12536 | |||
| 3477 | EXPLOIT ARCserve backup TCP product info msg 0x9b client name overflow (more info ...) | attempted-admin | 12536 | |||
| 3478 | EXPLOIT ARCserve backup TCP product info msg 0x9c client domain overflow (more info ...) | attempted-admin | 12536 | |||
| 3479 | EXPLOIT ARCserve backup TCP product info msg 0x9c client name overflow (more info ...) | attempted-admin | 12536 | |||
| 3480 | EXPLOIT ARCserve backup UDP slot info msg client name overflow (more info ...) | attempted-admin | 12536 | |||
| 3481 | EXPLOIT ARCserve backup UDP slot info msg client domain overflow (more info ...) | attempted-admin | 12536 | |||
| 3482 | EXPLOIT ARCserve backup UDP product info msg 0x9b client name overflow (more info ...) | attempted-admin | 12536 | |||
| 3483 | EXPLOIT ARCserve backup UDP product info msg 0x9b client domain overflow (more info ...) | attempted-admin | 12536 | |||
| 3484 | EXPLOIT ARCserve backup UDP product info msg 0x9c client name overflow (more info ...) | attempted-admin | 12536 | |||
| 3485 | EXPLOIT ARCserve backup UDP product info msg 0x9c client domain overflow (more info ...) | attempted-admin | 12536 | |||
| 3530 | EXPLOIT ARCserve backup UDP msg 0x99 client name overflow (more info ...) | attempted-admin | 12536 | |||
| 3531 | EXPLOIT ARCserve backup UDP msg 0x99 client domain overflow (more info ...) | attempted-admin | 12536 | |||
| 3658 | EXPLOIT ARCserve universal backup agent option 1000 little endian buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3659 | EXPLOIT ARCserve universal backup agent option 1000 buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3660 | EXPLOIT ARCserve universal backup agent option 00 little endian buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3661 | EXPLOIT ARCserve universal backup agent option 00 buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3662 | EXPLOIT ARCserve universal backup agent option 03 little endian buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3663 | EXPLOIT ARCserve universal backup agent option 03 buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3695 | EXPLOIT Veritas Backup Agent password overflow attempt (more info ...) | attempted-admin | 2005-0773 | |||
| 3696 | EXPLOIT Veritas Backup Agent DoS attempt (more info ...) | attempted-dos | 2005-0772 | 14201 | ||
| 3697 | NETBIOS DCERPC NCACN-IP-TCP veritas bind attempt (more info ...) | protocol-command-decode | 2005-0771 | 14020 | URL | |
| 4126 | EXPLOIT Veritas Backup Exec root connection attempt using default password hash (more info ...) | suspicious-login | 2005-2611 | 14551 | ||
| 6011 | EXPLOIT VERITAS NetBackup vnetd buffer overflow attempt (more info ...) | attempted-admin | 2006-0991 | 17264 | ||
| 6405 | EXPLOIT Veritas NetBackup Volume Manager overflow attempt (more info ...) | attempted-admin | 2006-0989 | 17264 | ||
| 10132 | RPC portmap BrightStor ARCserve denial of service attempt (more info ...) | attempted-dos | 2007-0816 | 22365 | ||
| 10133 | RPC portmap BrightStor ARCserve denial of service attempt (more info ...) | attempted-dos | 2007-0816 | 22365 | ||
| 10482 | RPC portmap CA BrightStor ARCserve tcp request (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 10483 | RPC portmap CA BrightStor ARCserve udp request (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 10484 | RPC portmap CA BrightStor ARCserve tcp procedure 191 attempt (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 10485 | RPC portmap CA BrightStor ARCserve udp procedure 191 attempt (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 13716 | RPC portmap CA BrightStor ARCserve tcp procedure 232 attempt (more info ...) | rpc-portmap-decode | 23209 | |||
| 13717 | RPC portmap CA BrightStor ARCserve udp procedure 232 attempt (more info ...) | rpc-portmap-decode | 23209 | |||
| 13805 | RPC portmap CA BrightStor ARCserve tcp procedure 234 attempt (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 13806 | RPC portmap CA BrightStor ARCserve udp procedure 234 attempt (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 17045 | EXPLOIT CA ARCserve Backup for Laptops and Desktops LGServer handshake buffer overflow attempt (more info ...) | attempted-admin | 2008-3175 | 30472 | ||
| 17046 | EXPLOIT CA ARCserve Backup for Laptops and Desktops LGServer handshake buffer overflow attempt (more info ...) | attempted-admin | 2008-3175 | 30472 | ||
| 17643 | EXPLOIT CA BrightStor ARCServe logger servie null-pointer dereference attempt (more info ...) | attempted-admin | 2007-2772 | |||
| 17710 | EXPLOIT Veritas NetBackup vmd shared library buffer overflow attempt (more info ...) | attempted-admin | 2005-3116 | 15353 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 569 | RPC snmpXdmi overflow attempt TCP (more info ...) | attempted-admin | 2001-0236 | 2417 | 10659 | URL |
| 16712 | WEB-MISC HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflow attempt - GET (more info ...) | attempted-user | 2009-4181 | 37343 | ||
| 16713 | WEB-MISC HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflow attempt - POST (more info ...) | attempted-user | 2009-4181 | 37343 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 593 | RPC portmap snmpXdmi request TCP (more info ...) | rpc-portmap-decode | 2001-0236 | 2417 | 10659 | URL |
| 1279 | RPC portmap snmpXdmi request UDP (more info ...) | rpc-portmap-decode | 2001-0236 | 2417 | 10659 | URL |
| 2045 | RPC snmpXdmi overflow attempt UDP (more info ...) | attempted-admin | 2001-0236 | 2417 | 10659 | URL |
| 13773 | DOS linux kernel snmp nat netfilter memory corruption attempt (more info ...) | attempted-dos | 2008-1673 | 18081 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 13223 | RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt (more info ...) | attempted-admin | 2007-2442 | 24655 | URL | |
| 13268 | RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt (more info ...) | attempted-admin | 2007-2442 | 24655 | URL | |
| 16207 | WEB-MISC MIT Kerberos V% KAdminD klog_vsyslog server overflow attempt (more info ...) | attempted-user | 2007-0957 | 23285 | ||
| 16209 | DOS FreeRADIUS RADIUS server rad_decode remote denial of service attempt (more info ...) | attempted-dos | 2009-3111 | 36263 | ||
| 17273 | SPECIFIC-THREATS MIT Kerberos V5 KDC krb5_unparse_name overflow attempt (more info ...) | attempted-admin | 2005-1174 | URL | ||
| 17274 | SPECIFIC-THREATS MIT Kerberos V5 KDC krb5_unparse_name overflow attempt (more info ...) | attempted-admin | 2005-1175 | URL | ||
| 17741 | EXPLOIT MIT Kerberos ASN.1 asn1_decode_generaltime uninitialized pointer reference attempt (more info ...) | attempted-admin | 2009-0846 | 34409 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 2578 | EXPLOIT kerberos principal name overflow UDP (more info ...) | attempted-admin | 2003-0072 | 11512 | URL | |
| 2579 | EXPLOIT kerberos principal name overflow TCP (more info ...) | attempted-admin | 2003-0072 | 11512 | URL | |
| 3538 | EXPLOIT RADIUS registration MSID overflow attempt (more info ...) | attempted-admin | 2005-0699 | 12759 | 19120 | |
| 3539 | EXPLOIT RADIUS MSID overflow attempt (more info ...) | attempted-admin | 2005-0699 | 12759 | 19120 | |
| 3540 | EXPLOIT RADIUS registration vendor ATTR_TYPE_STR overflow attempt (more info ...) | attempted-admin | 2005-0699 | 12759 | 19120 | |
| 3541 | EXPLOIT RADIUS ATTR_TYPE_STR overflow attempt (more info ...) | attempted-admin | 2005-0699 | 12759 | 19120 | |
| 12046 | RPC MIT Kerberos kadmind RPC Library unix authentication buffer overflow attempt (more info ...) | attempted-admin | 2007-2443 | 24657 | URL | |
| 12075 | RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt (more info ...) | attempted-admin | 2007-2442 | 24655 | URL | |
| 12424 | RPC MIT Kerberos kadmind rpc RPCSEC_GSS buffer overflow attempt (more info ...) | attempted-admin | 2007-3999 | 25534 | URL | |
| 12708 | RPC MIT Kerberos kadmind auth buffer overflow attempt (more info ...) | rpc-portmap-decode | 2007-2443 | 24657 | ||
| 16394 | DOS Active Directory Kerberos referral TGT renewal DoS attempt (more info ...) | attempted-dos | 2010-0035 | URL | ||
| 17243 | EXPLOIT MIT Kerberos V5 krb5_recvauth double free attempt (more info ...) | attempted-admin | 2005-1689 | 14239 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 13616 | SPECIFIC-THREATS CVS Argument overflow (more info ...) | attempted-admin | 2004-0396 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1551 | WEB-MISC /CVS/Entries access (more info ...) | web-application-activity | 11032 | |||
| 1552 | WEB-MISC cvsweb version access (more info ...) | web-application-activity | 2000-0670 | 10465 | ||
| 2008 | MISC CVS invalid user authentication response (more info ...) | misc-attack | ||||
| 2009 | MISC CVS invalid repository response (more info ...) | misc-attack | ||||
| 2010 | MISC CVS double free exploit attempt response (more info ...) | misc-attack | 2003-0015 | 6650 | 11385 | |
| 2011 | MISC CVS invalid directory response (more info ...) | misc-attack | 2003-0015 | 6650 | 11385 | |
| 2012 | MISC CVS missing cvsroot response (more info ...) | misc-attack | ||||
| 2013 | MISC CVS invalid module response (more info ...) | misc-attack | ||||
| 2317 | MISC CVS non-relative path error response (more info ...) | misc-attack | 2003-0977 | 9178 | 11947 | |
| 2318 | MISC CVS non-relative path access attempt (more info ...) | misc-attack | 2003-0977 | 9178 | 11947 | |
| 2583 | MISC CVS Max-dotdot integer overflow attempt (more info ...) | misc-attack | 2004-0417 | 10499 | ||
| 3651 | EXPLOIT CVS rsh annotate revision overflow attempt (more info ...) | attempted-dos | 2005-0753 | 13217 | 18097 | URL |
| 3652 | EXPLOIT CVS pserver annotate revision overflow attempt (more info ...) | attempted-dos | 2005-0753 | 13217 | 18097 | URL |
| 13614 | EXPLOIT CVS Argument overflow attempt (more info ...) | attempted-admin | 2004-0396 | |||
| 13615 | EXPLOIT CVS Argument overflow attempt (more info ...) | attempted-admin | 2004-0396 | |||
| 15971 | EXPLOIT CVS Argumentx command double free attempt (more info ...) | attempted-admin | 2004-0416 | 10499 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 4170 | WEB-ACTIVEX Office 2000 and 2002 Web Components Data Source Control ActiveX clsid access (more info ...) | attempted-user | 2007-1201 | 4449 | URL | |
| 4175 | WEB-ACTIVEX Office 2000/2002 Web Components PivotTable ActiveX Object Access (more info ...) | attempted-user | 2002-0727 | 4449 | URL | |
| 4176 | WEB-ACTIVEX Office 2000 and 2002 Web Components Chart ActiveX Object Access (more info ...) | attempted-user | 2002-0727 | 4449 | URL | |
| 4177 | WEB-ACTIVEX Office 2000 and 2002 Web Components Spreadsheet ActiveX clsid access (more info ...) | attempted-user | 2006-4695 | 4453 | URL | |
| 4178 | WEB-ACTIVEX Office 2000 and 2002 Web Components Record Navigation Control ActiveX Object Access (more info ...) | attempted-user | 2002-0727 | 4449 | URL | |
| 4217 | WEB-ACTIVEX Microsoft Office Services on the Web Free/Busy ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4218 | WEB-ACTIVEX Microsoft Visual Basic WebClass ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 5780 | SPYWARE-PUT Keylogger runtime detection - hwpe word filtered echelon log (more info ...) | successful-recon-limited | URL | |||
| 5782 | SPYWARE-PUT Keylogger runtime detection - hwae word filtered echelon log (more info ...) | successful-recon-limited | URL | |||
| 5892 | SPYWARE-PUT Trackware wordiq toolbar runtime detection - get link info (more info ...) | successful-recon-limited | URL | |||
| 5893 | SPYWARE-PUT Trackware wordiq toolbar runtime detection - search keyword (more info ...) | successful-recon-limited | URL | |||
| 5958 | SPYWARE-PUT Hacker-Tool ghostvoice 1.02 runtime detection - init connection with password requirement (more info ...) | misc-activity | URL | |||
| 5959 | SPYWARE-PUT Hijacker raxsearch detection - send search keywords to raxsearch (more info ...) | misc-activity | URL | |||
| 5962 | SPYWARE-PUT Hijacker searchfast detection - catch search keyword (more info ...) | misc-activity | URL | |||
| 5992 | SPYWARE-PUT Hijacker getmirar runtime detection - get keyword-related content (more info ...) | misc-activity | URL | |||
| 6185 | SPYWARE-PUT Adware 180Search assistant runtime detection - reporting keyword (more info ...) | misc-activity | URL | |||
| 6192 | SPYWARE-PUT Adware seekmo runtime detection - reporting keyword (more info ...) | misc-activity | URL | |||
| 6278 | SPYWARE-PUT Trickler navexcel search toolbar runtime detection - activate/update (more info ...) | misc-activity | URL | |||
| 6309 | BACKDOOR net demon runtime detection - initial connection - password request (more info ...) | trojan-activity | URL | |||
| 6310 | BACKDOOR net demon runtime detection - initial connection - password send (more info ...) | trojan-activity | URL | |||
| 6311 | BACKDOOR net demon runtime detection - initial connection - password accepted (more info ...) | trojan-activity | URL | |||
| 7002 | WEB-CLIENT excel url unicode overflow attempt (more info ...) | attempted-user | 2006-3086 | 18500 | URL | |
| 7025 | WEB-CLIENT excel url unicode overflow attempt (more info ...) | attempted-user | 2006-3014 | 18583 | URL | |
| 7047 | WEB-CLIENT excel object record overflow attempt (more info ...) | attempted-user | 2006-1306 | URL | ||
| 7048 | WEB-CLIENT excel object record overflow attempt (more info ...) | attempted-user | 2006-1306 | URL | ||
| 7087 | BACKDOOR sinique 1.0 runtime detection - initial connection with correct password client-to-server (more info ...) | trojan-activity | URL | |||
| 7089 | BACKDOOR sinique 1.0 runtime detection - initial connection with wrong password -client-to-server (more info ...) | trojan-activity | URL | |||
| 7098 | BACKDOOR remote hack 1.5 runtime detection - get password (more info ...) | trojan-activity | URL | |||
| 7197 | WEB-CLIENT excel MSO.DLL malformed string parsing single byte buffer over attempt (more info ...) | attempted-user | 2006-1540 | 17252 | URL | |
| 7198 | WEB-CLIENT excel MSO.DLL malformed string parsing multi byte buffer over attempt (more info ...) | attempted-user | 2006-1540 | 17252 | URL | |
| 7199 | WEB-CLIENT excel label record overflow attempt (more info ...) | attempted-user | 2008-0114 | 28166 | URL | |
| 7200 | WEB-CLIENT microsoft word document summary information null string overflow attempt (more info ...) | attempted-user | 2006-1540 | URL | ||
| 7201 | WEB-CLIENT microsoft word summary information null string overflow attempt (more info ...) | attempted-user | 2006-1540 | URL | ||
| 7202 | WEB-CLIENT microsoft word document summary information string overflow attempt (more info ...) | attempted-user | 2006-1540 | URL | ||
| 7203 | WEB-CLIENT microsoft word information string overflow attempt (more info ...) | attempted-user | 2006-1540 | URL | ||
| 7517 | SPYWARE-PUT Hijacker chinese keywords runtime detection (more info ...) | misc-activity | URL | |||
| 7616 | BACKDOOR theef 2.0 runtime detection - connection without password (more info ...) | trojan-activity | URL | |||
| 7617 | BACKDOOR theef 2.0 runtime detection - connection request with password - flowbit 1 (more info ...) | trojan-activity | ||||
| 7618 | BACKDOOR theef 2.0 runtime detection - connection request with password - flowbit 2 (more info ...) | trojan-activity | ||||
| 7619 | BACKDOOR theef 2.0 runtime detection - connection request with password (more info ...) | trojan-activity | URL | |||
| 7785 | BACKDOOR forced control uploader runtime detection - connection with password (more info ...) | trojan-activity | ||||
| 7832 | SPYWARE-PUT Hijacker navexcel helper runtime detection - active/update (more info ...) | misc-activity | URL | |||
| 7833 | SPYWARE-PUT Hijacker navexcel helper runtime detection - search (more info ...) | misc-activity | URL | |||
| 7870 | WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid access (more info ...) | attempted-user | 2007-1201 | 28136 | URL | |
| 7871 | WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1201 | 28136 | URL | |
| 7874 | WEB-ACTIVEX Microsoft Office PivotTable 10.0 ActiveX CLSID access (more info ...) | attempted-user | 2002-0861 | URL | ||
| 7875 | WEB-ACTIVEX Microsoft Office PivotTable 10.0 ActiveX CLSID unicode access (more info ...) | attempted-user | 2002-0861 | URL | ||
| 7876 | WEB-ACTIVEX Microsoft Office Data Source Control 10.0 ActiveX clsid access (more info ...) | attempted-user | 2009-0562 | 35990 | URL | |
| 7877 | WEB-ACTIVEX Microsoft Office Data Source Control 10.0 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-0562 | 35990 | URL | |
| 8358 | SPYWARE-PUT Hijacker yok supersearch runtime detection - addressbar keyword search hijack (more info ...) | misc-activity | URL | |||
| 8397 | WEB-ACTIVEX Microsoft Office List 11.0 ActiveX CLSID access (more info ...) | attempted-user | ||||
| 8398 | WEB-ACTIVEX Microsoft Office List 11.0 ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8448 | WEB-CLIENT Excel colinfo XF record overflow attempt (more info ...) | attempted-user | 2006-3875 | URL | ||
| 8723 | WEB-ACTIVEX Microsoft Office Data Source Control 11.0 ActiveX clsid access (more info ...) | attempted-user | 2006-3729 | 24462 | URL | |
| 8724 | WEB-ACTIVEX Microsoft Office Data Source Control 11.0 ActiveX clsid unicode access (more info ...) | attempted-user | 2006-3729 | 24462 | URL | |
| 8738 | WEB-ACTIVEX Macrovision InstallShield Update Service ActiveX clsid access (more info ...) | attempted-user | 2007-5660 | 31235 | URL | |
| 8739 | WEB-ACTIVEX Macrovision InstallShield Update Service ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5660 | 31235 | URL | |
| 8740 | WEB-ACTIVEX Macrovision InstallShield Update Service ActiveX function call access (more info ...) | attempted-user | 2007-5660 | 31235 | URL | |
| 9645 | SPYWARE-PUT Hijacker sogou runtime detection - keyword hijack (more info ...) | misc-activity | URL | |||
| 10123 | SPECIFIC-THREATS PA168 chipset based IP phone default password attempt (more info ...) | attempted-admin | URL | |||
| 10173 | WEB-ACTIVEX Trend Micro OfficeScan Client ActiveX clsid access (more info ...) | attempted-user | 2007-0325 | 22585 | ||
| 10174 | WEB-ACTIVEX Trend Micro OfficeScan Client ActiveX clsid unicode access (more info ...) | attempted-user | 2007-0325 | 22585 | ||
| 10175 | WEB-ACTIVEX Trend Micro OfficeScan Client ActiveX function call access (more info ...) | attempted-user | 2007-0325 | 22585 | ||
| 10445 | BACKDOOR acidbattery 1.0 runtime detection - get password (more info ...) | trojan-activity | URL | |||
| 11181 | WEB-ACTIVEX Excel Viewer ActiveX clsid access (more info ...) | attempted-user | 33243 | URL | ||
| 11182 | WEB-ACTIVEX Excel Viewer ActiveX clsid unicode access (more info ...) | attempted-user | 33243 | URL | ||
| 11183 | WEB-ACTIVEX Excel Viewer ActiveX function call access (more info ...) | attempted-user | 33243 | URL | ||
| 11184 | WEB-ACTIVEX Excel Viewer ActiveX function call unicode access (more info ...) | attempted-user | 33243 | URL | ||
| 11186 | DOS CA eTrust key handling dos -- password (more info ...) | denial-of-service | 2007-1005 | 22743 | ||
| 11187 | WEB-ACTIVEX Word Viewer ActiveX clsid access (more info ...) | attempted-user | 33243 | URL | ||
| 11188 | WEB-ACTIVEX Word Viewer ActiveX clsid unicode access (more info ...) | attempted-user | 33243 | URL | ||
| 11189 | WEB-ACTIVEX Word Viewer ActiveX function call access (more info ...) | attempted-user | 33243 | URL | ||
| 11190 | WEB-ACTIVEX Word Viewer ActiveX function call unicode access (more info ...) | attempted-user | 33243 | URL | ||
| 11258 | WEB-CLIENT Excel Malformed Named Graph Information unicode overflow (more info ...) | attempted-user | 2007-0215 | URL | ||
| 11290 | WEB-CLIENT Excel malformed named graph information ascii overflow (more info ...) | attempted-user | 2007-0215 | URL | ||
| 11836 | MISC Visio version number anomaly (more info ...) | misc-activity | 2007-0934 | URL | ||
| 12233 | BACKDOOR theef 2.10 runtime detection - connect with no password (more info ...) | trojan-activity | ||||
| 12235 | BACKDOOR theef 2.10 runtime detection - connect with password (more info ...) | trojan-activity | ||||
| 12256 | WEB-CLIENT Excel malformed FBI record (more info ...) | attempted-user | 2007-1747 | 23826 | URL | |
| 12285 | WEB-CLIENT Excel Workspace file download (more info ...) | misc-activity | URL | |||
| 12703 | WEB-ACTIVEX Macrovision InstallShield Update Service ActiveX function call unicode access (more info ...) | attempted-user | 2007-5660 | 31235 | URL | |
| 13325 | WEB-ACTIVEX Macrovision FLEXnet Connect ActiveX clsid access (more info ...) | attempted-user | 27279 | |||
| 13326 | WEB-ACTIVEX Macrovision FLEXnet Connect ActiveX clsid unicode access (more info ...) | attempted-user | 27279 | |||
| 13327 | WEB-ACTIVEX Macrovision FLEXnet Connect ActiveX function call access (more info ...) | attempted-user | 27279 | |||
| 13328 | WEB-ACTIVEX Macrovision FLEXnet Connect ActiveX function call unicode access (more info ...) | attempted-user | 27279 | |||
| 13571 | WEB-CLIENT Microsoft Excel dval record arbitrary code excecution attempt (more info ...) | attempted-user | 2008-0111 | URL | ||
| 13665 | WEB-CLIENT Microsoft Visio DXF file invalid memory allocation exploit attempt (more info ...) | attempted-user | 2008-1090 | URL | ||
| 13790 | WEB-CLIENT Microsoft Word malformed css remote code execution attempt (more info ...) | attempted-user | 2008-1434 | URL | ||
| 13803 | WEB-CLIENT RTF control word overflow attempt (more info ...) | attempted-user | 2008-1091 | URL | ||
| 13973 | WEB-CLIENT Microsoft Excel format record code execution attempt (more info ...) | attempted-user | 2008-3005 | URL | ||
| 13983 | WEB-CLIENT Microsoft Office eps file download (more info ...) | misc-activity | ||||
| 14628 | WEB-ACTIVEX Office 2000 and 2002 Web Components Chart ActiveX clsid unicode access (more info ...) | attempted-user | 2002-0727 | 4449 | URL | |
| 14629 | WEB-ACTIVEX Office 2000 and 2002 Web Components PivotTable ActiveX clsid unicode access (more info ...) | attempted-user | 2002-0727 | 4449 | URL | |
| 14630 | WEB-ACTIVEX Office 2000 and 2002 Web Components Data Source Control ActiveX clsid unicode access (more info ...) | attempted-user | 2002-0727 | 4449 | URL | |
| 14641 | WEB-CLIENT Microsoft Excel invalid FRTWrapper record buffer overflow attempt (more info ...) | attempted-user | 2008-3471 | URL | ||
| 14642 | WEB-CLIENT Microsoft Excel file with embedded ActiveX control (more info ...) | attempted-user | 2008-3477 | URL | ||
| 14764 | WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX clsid access (more info ...) | attempted-user | 2008-2470 | 31235 | ||
| 14765 | WEB-ACTIVEX Macrovision InstallShield Update Service Agent ActiveX function call (more info ...) | attempted-user | 2008-2470 | 31235 | ||
| 14997 | WEB-ACTIVEX DjVu MSOffice Converter ActiveX clsid access (more info ...) | attempted-user | 2008-4922 | 31987 | ||
| 14998 | WEB-ACTIVEX DjVu MSOffice Converter ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4922 | 31987 | ||
| 15083 | EXPLOIT Microsoft Word .rtf file double free attempt (more info ...) | attempted-user | 2008-4027 | URL | ||
| 15088 | WEB-ACTIVEX Microsoft Visual Basic Charts ActiveX clsid access (more info ...) | attempted-user | 2008-4256 | URL | ||
| 15090 | WEB-ACTIVEX Microsoft Visual Basic Charts ActiveX function call access (more info ...) | attempted-user | 2008-4256 | URL | ||
| 15092 | WEB-ACTIVEX Microsoft Visual Basic DataGrid ActiveX clsid access (more info ...) | attempted-user | 2008-4252 | URL | ||
| 15094 | WEB-ACTIVEX Microsoft Visual Basic DataGrid ActiveX function call access (more info ...) | attempted-user | 2008-4252 | URL | ||
| 15096 | WEB-ACTIVEX Microsoft Visual Basic FlexGrid ActiveX clsid access (more info ...) | attempted-user | 2008-4253 | URL | ||
| 15098 | WEB-ACTIVEX Microsoft Visual Basic FlexGrid ActiveX function call access (more info ...) | attempted-user | 2008-4253 | URL | ||
| 15100 | WEB-ACTIVEX Microsoft Visual Basic Hierarchical FlexGrid ActiveX clsid access (more info ...) | attempted-user | 2008-4254 | URL | ||
| 15102 | WEB-ACTIVEX Microsoft Visual Basic Hierarchical FlexGrid ActiveX function call access (more info ...) | attempted-user | 2008-4254 | URL | ||
| 15104 | WEB-CLIENT Visual Basic 6.0 malformed AVI buffer overflow attempt (more info ...) | attempted-user | 2008-4255 | URL | ||
| 15106 | WEB-CLIENT Microsoft Word .rtf file integer overflow attempt (more info ...) | misc-attack | 2008-4025 | URL | ||
| 15107 | WEB-CLIENT Microsoft Word .rtf file stylesheet buffer overflow attempt (more info ...) | attempted-user | 2008-4031 | URL | ||
| 15108 | WEB-CLIENT Microsoft Office Sharepoint Server elevation of privilege exploit attempt (more info ...) | attempted-admin | 2008-4032 | URL | ||
| 15118 | WEB-ACTIVEX Microsoft Visual Basic Winsock ActiveX clsid access (more info ...) | attempted-user | 2008-4251 | URL | ||
| 15120 | WEB-ACTIVEX Microsoft Visual Basic Winsock ActiveX function call access (more info ...) | attempted-user | 2008-4251 | URL | ||
| 15163 | SPECIFIC-THREATS Microsoft Visio Object Header Buffer Overflow attempt (more info ...) | attempted-user | 2008-1089 | |||
| 15230 | WEB-ACTIVEX Office Viewer 2 ActiveX clsid access (more info ...) | attempted-user | 33245 | URL | ||
| 15231 | WEB-ACTIVEX Office Viewer 2 ActiveX clsid unicode access (more info ...) | attempted-user | 33245 | URL | ||
| 15282 | WEB-ACTIVEX FlexCell Grid ActiveX clsid access (more info ...) | attempted-user | 2009-0301 | 33453 | ||
| 15283 | WEB-ACTIVEX FlexCell Grid ActiveX clsid unicode access (more info ...) | attempted-user | 2009-0301 | 33453 | ||
| 15294 | WEB-CLIENT Microsoft Visio file download request (more info ...) | misc-activity | ||||
| 15298 | WEB-CLIENT Microsoft Visio could allow remote code execution (more info ...) | attempted-user | 2009-0097 | URL | ||
| 15299 | WEB-CLIENT Microsoft Office Visio invalid ho tag attempt (more info ...) | attempted-user | 2009-0096 | 33660 | URL | |
| 15303 | WEB-CLIENT Malformed Visio IconBitsComponent arbitrary code execution attempt (more info ...) | attempted-user | 2009-0095 | URL | ||
| 15334 | WEB-ACTIVEX GeoVision LiveX 7000 ActiveX clsid access (more info ...) | attempted-user | 33782 | |||
| 15335 | WEB-ACTIVEX GeoVision LiveX 7000 ActiveX clsid unicode access (more info ...) | attempted-user | 33782 | |||
| 15336 | WEB-ACTIVEX GeoVision LiveX 7000 ActiveX function call access (more info ...) | attempted-user | 33782 | |||
| 15337 | WEB-ACTIVEX GeoVision LiveX 7000 ActiveX function call unicode access (more info ...) | attempted-user | 33782 | |||
| 15338 | WEB-ACTIVEX GeoVision LiveX 8120 ActiveX clsid access (more info ...) | attempted-user | 33782 | |||
| 15339 | WEB-ACTIVEX GeoVision LiveX 8120 ActiveX clsid unicode access (more info ...) | attempted-user | 33782 | |||
| 15340 | WEB-ACTIVEX GeoVision LiveX 8120 ActiveX function call access (more info ...) | attempted-user | 33782 | |||
| 15341 | WEB-ACTIVEX GeoVision LiveX 8120 ActiveX function call unicode access (more info ...) | attempted-user | 33782 | |||
| 15342 | WEB-ACTIVEX GeoVision LiveX 8200 ActiveX clsid access (more info ...) | attempted-user | 33782 | |||
| 15343 | WEB-ACTIVEX GeoVision LiveX 8200 ActiveX clsid unicode access (more info ...) | attempted-user | 33782 | |||
| 15344 | WEB-ACTIVEX GeoVision LiveX 8200 ActiveX function call access (more info ...) | attempted-user | 33782 | |||
| 15345 | WEB-ACTIVEX GeoVision LiveX 8200 ActiveX function call unicode access (more info ...) | attempted-user | 33782 | |||
| 15365 | WEB-CLIENT Microsoft Excel extrst record arbitrary code excecution attempt (more info ...) | attempted-user | 2009-0238 | URL | ||
| 15454 | WEB-CLIENT Microsoft Office PowerPoint malformed msofbtTextbox exploit attempt (more info ...) | attempted-user | 2009-0556 | URL | ||
| 15455 | EXPLOIT WordPad and Office Text Converters XST parsing buffer overflow attempt (more info ...) | attempted-user | 2008-4841 | URL | ||
| 15463 | WEB-CLIENT Microsoft Excel file request (more info ...) | protocol-command-decode | ||||
| 15465 | WEB-CLIENT Microsoft Excel malformed object record remote code execution attempt (more info ...) | attempted-user | 2009-0100 | URL | ||
| 15466 | EXPLOIT WordPad WordPerfect 6.x converter buffer overflow attempt (more info ...) | attempted-user | 2009-0088 | URL | ||
| 15467 | EXPLOIT WordPad and Office Text Converters PlcPcd aCP buffer overflow attempt (more info ...) | attempted-user | 2009-0235 | URL | ||
| 15469 | WEB-CLIENT Microsoft WordPad and Office text converters integer underflow attempt (more info ...) | attempted-user | 2009-0087 | URL | ||
| 15488 | SPECIFIC-THREATS Oracle Database Application Express Component APEX password hash disclosure attempt (more info ...) | misc-attack | 2009-0981 | 34461 | URL | |
| 15519 | WEB-CLIENT Microsoft Office Excel BRAI record remote code execution attempt (more info ...) | attempted-user | 2009-0549 | URL | ||
| 15520 | WEB-CLIENT Microsoft Office Excel FtCbls remote code execution attempt (more info ...) | attempted-user | 2009-0557 | URL | ||
| 15521 | WEB-CLIENT Microsoft Office Excel ExternSheet record remote code execution attempt (more info ...) | attempted-user | 2009-0558 | URL | ||
| 15524 | EXPLOIT Microsoft Word remote code execution attempt (more info ...) | attempted-user | 2009-0563 | URL | ||
| 15525 | EXPLOIT Microsoft Word remote code execution attempt (more info ...) | attempted-user | 2009-0565 | URL | ||
| 15537 | WEB-CLIENT Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (more info ...) | attempted-user | 2009-0559 | URL | ||
| 15541 | WEB-CLIENT Excel SST record remote code execution attempt (more info ...) | attempted-user | 2009-3037 | 36042 | URL | |
| 15542 | WEB-CLIENT Microsoft Office Excel Qsir and Qsif record remote code execution attempt (more info ...) | attempted-user | 2009-1134 | URL | ||
| 15587 | WEB-CLIENT Word file download request (more info ...) | protocol-command-decode | ||||
| 15685 | WEB-ACTIVEX Microsoft Office Web Components 10 Spreadsheet ActiveX clsid access (more info ...) | attempted-user | 2009-2496 | URL | ||
| 15687 | WEB-ACTIVEX Microsoft Office Web Components 10 Spreadsheet ActiveX function call access (more info ...) | attempted-user | 2009-2496 | URL | ||
| 15689 | WEB-ACTIVEX Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 15691 | WEB-ACTIVEX Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 15852 | WEB-ACTIVEX Microsoft Office Web Components Datasource ActiveX clsid access (more info ...) | attempted-user | 2009-0562 | URL | ||
| 15853 | WEB-ACTIVEX Microsoft Office Web Components Datasource ActiveX clsid unicode access (more info ...) | attempted-user | 2009-0562 | URL | ||
| 15913 | WEB-CLIENT javascript arguments keyword override rce attempt (more info ...) | attempted-user | 2009-1920 | URL | ||
| 15975 | WEB-CLIENT OpenOffice TIFF file in little endian format parsing integer overflow attempt (more info ...) | attempted-user | 2007-2834 | 25690 | ||
| 15976 | WEB-CLIENT OpenOffice TIFF file in big endian format parsing integer overflow attempt (more info ...) | attempted-user | 2007-2834 | 25690 | ||
| 15987 | WEB-MISC Microsoft Visio DXF file download request (more info ...) | misc-activity | ||||
| 16177 | EXPLOIT Microsoft GDI+ Word file Office Art Property Table remote code execution attempt (more info ...) | attempted-user | 2009-2528 | URL | ||
| 16178 | EXPLOIT Microsoft GDI+ Excel file Office Art Property Table remote code execution attempt (more info ...) | attempted-user | 2009-2528 | URL | ||
| 16226 | EXPLOIT Microsoft Office Excel integer field in row record improper validation remote code execution attempt (more info ...) | attempted-user | 2009-3130 | URL | ||
| 16229 | WEB-CLIENT Microsoft Excel oversized ib memory corruption attempt (more info ...) | attempted-user | 2009-3131 | URL | ||
| 16230 | WEB-CLIENT Microsoft Excel oversized ib memory corruption attempt (more info ...) | attempted-user | 2009-3131 | URL | ||
| 16233 | EXPLOIT Microsoft Excel oversized ptgFuncVar cparams value buffer overflow attempt (more info ...) | attempted-user | 2009-3132 | URL | ||
| 16234 | WEB-CLIENT Microsoft Word Document remote code execution attempt (more info ...) | attempted-user | 2009-3135 | URL | ||
| 16235 | EXPLOIT Microsoft Excel file SXDB record exploit attempt (more info ...) | attempted-user | 2009-3127 | URL | ||
| 16236 | EXPLOIT Microsoft Excel file SxView record exploit attempt (more info ...) | attempted-user | 2009-3128 | URL | ||
| 16240 | EXPLOIT Microsoft Excel file Window/Pane record exploit attempt (more info ...) | attempted-user | 2009-3133 | URL | ||
| 16241 | WEB-CLIENT Microsoft Office Excel FeatHdr BIFF record remote code execution attempt (more info ...) | attempted-user | 2009-3129 | URL | ||
| 16314 | EXPLOIT Microsoft WordPad and Office text converter integer overflow attempt (more info ...) | attempted-user | 2009-2506 | URL | ||
| 16318 | WEB-CLIENT Microsoft Office Visio invalid ho tag attempt (more info ...) | attempted-user | 2009-0096 | 33660 | URL | |
| 16328 | EXPLOIT Microsoft Office Project file parsing arbitrary memory access attempt (more info ...) | attempted-user | 2009-0102 | URL | ||
| 16361 | WEB-CLIENT Microsoft Office BMP header biClrUsed integer overflow attempt (more info ...) | attempted-admin | 2009-2518 | 36651 | ||
| 16461 | EXPLOIT Microsoft Excel write access violation attempt (more info ...) | misc-activity | 2010-0257 | URL | ||
| 16462 | EXPLOIT Microsoft Excel BIFF8 formulas from records parsing code execution attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 16463 | EXPLOIT Microsoft Excel BIFF5 formulas from records parsing code execution attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 16464 | WEB-CLIENT Microsoft Excel ContinueFRT12 heap overflow attempt (more info ...) | attempted-user | 2010-0260 | URL | ||
| 16465 | WEB-CLIENT Microsoft Excel ContinueFRT12 and MDXSet heap overflow attempt (more info ...) | attempted-user | 2010-0261 | URL | ||
| 16466 | EXPLOIT Microsoft Excel uninitialized stack variable code execution attempt (more info ...) | attempted-user | 2010-0262 | URL | ||
| 16467 | EXPLOIT Microsoft Excel 2007 invalid comments.xml uninitialized pointer access attempt 1 (more info ...) | attempted-user | 2010-0263 | URL | ||
| 16468 | EXPLOIT Microsoft Excel 2007 invalid comments.xml uninitialized pointer access attempt 2 (more info ...) | attempted-user | 2010-0263 | URL | ||
| 16469 | WEB-CLIENT Microsoft Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 16470 | WEB-CLIENT Microsoft Excel DbOrParamQry.fWeb parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 16471 | WEB-CLIENT Microsoft Excel DbOrParamQry.fWeb parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 16553 | EXPLOIT Microsoft Office Excel ptg index parsing code execution attempt (more info ...) | attempted-user | 2009-3132 | URL | ||
| 16565 | WEB-ACTIVEX Ultra Shareware Office ActiveX clsid access (more info ...) | attempted-user | 2008-3878 | 30861 | ||
| 16586 | WEB-CLIENT Microsoft Word Document remote code execution attempt (more info ...) | attempted-user | 2009-3135 | URL | ||
| 16638 | WEB-CLIENT Microsoft Excel OBJ record stack buffer overflow attempt (more info ...) | attempted-user | 2010-0822 | URL | ||
| 16639 | WEB-CLIENT Microsoft Excel OBJ record stack buffer overflow attempt - with macro (more info ...) | attempted-user | 2010-0822 | URL | ||
| 16640 | WEB-CLIENT Microsoft Excel OBJ record stack buffer overflow attempt - with linkFmla (more info ...) | attempted-user | 2010-0822 | URL | ||
| 16641 | WEB-CLIENT Microsoft Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (more info ...) | attempted-user | 2010-0822 | URL | ||
| 16643 | WEB-CLIENT Microsoft Excel Chart Sheet Substream memory corruption attempt (more info ...) | attempted-user | 2010-0823 | URL | ||
| 16644 | EXPLOIT Microsoft Excel WOpt record memory corruption attempt (more info ...) | attempted-user | 2010-0824 | URL | ||
| 16645 | EXPLOIT Microsoft Excel SxView record memory pointer corruption attempt (more info ...) | attempted-user | 2010-1245 | URL | ||
| 16646 | EXPLOIT Microsoft Excel RealTimeData record stack buffer overflow attempt (more info ...) | attempted-user | 2010-1246 | URL | ||
| 16647 | WEB-CLIENT Microsoft Excel RealTimeData record heap memory corruption attempt - 2 (more info ...) | attempted-user | 2010-1247 | URL | ||
| 16648 | EXPLOIT Microsoft Excel RealTimeData record heap memory corruption attempt - 1 (more info ...) | attempted-user | 2010-1247 | URL | ||
| 16649 | WEB-CLIENT Microsoft Excel HFPicture record stack buffer overflow attempt (more info ...) | attempted-user | 2010-1248 | URL | ||
| 16662 | WEB-CLIENT Microsoft Excel SxView heap overflow attempt (more info ...) | attempted-user | 2010-0821 | URL | ||
| 16786 | SPECIFIC-THREATS Microsoft Office Web Components Spreadsheet ActiveX buffer overflow attempt (more info ...) | attempted-user | 2009-1534 | 35992 | ||
| 16800 | EXPLOIT Microsoft Excel FRTWrapper record buffer overflow attempt (more info ...) | attempted-user | 2008-3471 | URL | ||
| 17119 | EXPLOIT Microsoft Word sprmCMajority SPRM overflow attempt (more info ...) | attempted-user | 2010-1900 | URL | ||
| 17124 | WEB-CLIENT Microsoft Word malformed table record memory corruption attempt (more info ...) | attempted-user | 2010-1903 | URL | ||
| 17227 | WEB-CLIENT Microsoft Excel sheet name memory corruption attempt (more info ...) | attempted-user | 2007-3490 | 24691 | ||
| 17250 | EXPLOIT Microsoft WordPad sprmTSetBrc80 SPRM overflow attempt (more info ...) | attempted-user | 2010-2563 | URL | ||
| 17284 | WEB-CLIENT Microsoft Office malformed routing slip code execution attempt (more info ...) | attempted-user | 2006-0009 | 17000 | ||
| 17286 | SPECIFIC-THREATS Microsoft Visual Basic for Applications document properties overflow attempt (more info ...) | attempted-user | 2006-3649 | 19414 | ||
| 17295 | WEB-MISC Trend Micro OfficeScan Console authentication buffer overflow attempt (more info ...) | attempted-admin | 2007-3455 | 24935 | ||
| 17301 | WEB-CLIENT Microsoft Word TextBox sub-document memory corruption attempt (more info ...) | attempted-user | 2007-1910 | 23380 | ||
| 17308 | WEB-CLIENT Microsoft Word SmartTag record code execution attempt (more info ...) | attempted-user | 2008-2244 | 30124 | ||
| 17315 | WEB-CLIENT OpenOffice OLE File Stream Buffer Overflow (more info ...) | attempted-user | 2008-0320 | 28819 | ||
| 17322 | SHELLCODE x86 OS agnostic fnstenv geteip dword xor decoder (more info ...) | shellcode-detect | ||||
| 17344 | SHELLCODE x86 OS agnostic xor dword decoder (more info ...) | shellcode-detect | ||||
| 17345 | SHELLCODE x86 OS agnostic dword additive feedback decoder (more info ...) | shellcode-detect | ||||
| 17362 | WEB-CLIENT Microsoft Excel IMDATA buffer overflow attempt (more info ...) | attempted-user | 2007-0027 | 21856 | ||
| 17368 | WEB-CLIENT Microsoft Word document stream handling code execution attempt (more info ...) | attempted-user | 2007-0870 | 25567 | ||
| 17377 | SPECIFIC-THREATS Microsoft excel Malformed Filter Records Handling Code Execution attempt (more info ...) | attempted-user | 2007-1214 | 23780 | ||
| 17403 | WEB-CLIENT OpenOffice RTF File parsing heap buffer overflow attempt (more info ...) | attempted-user | 2007-0245 | 24450 | ||
| 17404 | EXPLOIT Microsoft Word Converter XST structure buffer overflow attempt (more info ...) | attempted-user | 2008-4841 | URL | ||
| 17405 | EXPLOIT Microsoft Word Converter XST structure buffer overflow attempt (more info ...) | attempted-user | 2008-4841 | URL | ||
| 17406 | EXPLOIT Microsoft Word Converter XST structure buffer overflow attempt (more info ...) | attempted-user | 2008-4841 | URL | ||
| 17488 | SPECIFIC-THREATS Excel Malformed Range Code Execution attempt (more info ...) | attempted-user | 2005-4131 | 15780 | ||
| 17491 | SPECIFIC-THREATS Microsoft Word mso.dll LsCreateLine Memory Corruption (more info ...) | attempted-user | 2006-3493 | 18905 | ||
| 17492 | SPECIFIC-THREATS Microsoft Excel Malformed SELECTION Record Code Execution attempt (more info ...) | attempted-user | 2006-1301 | 18853 | ||
| 17505 | WEB-CLIENT Microsoft Word formatted disk pages table memory corruption attempt (more info ...) | attempted-user | 2006-6561 | 21589 | ||
| 17506 | WEB-CLIENT Microsoft Word formatted disk pages table memory corruption attempt (more info ...) | attempted-user | 2006-6561 | 21589 | ||
| 17507 | WEB-CLIENT Microsoft Word formatted disk pages table memory corruption attempt (more info ...) | attempted-user | 2006-6561 | 21589 | ||
| 17511 | WEB-CLIENT Excel malformed Graphic Code Execution (more info ...) | attempted-user | 2006-0030 | 16181 | ||
| 17517 | WEB-CLIENT excel Malformed Record Code Execution attempt (more info ...) | attempted-user | 2006-0031 | 17101 | ||
| 17537 | SPECIFIC-THREATS Microsoft Excel Unspecified Null Page Name Memory Corruption Attempt (more info ...) | attempted-user | 2006-0031 | 15926 | ||
| 17538 | SPECIFIC-THREATS Microsoft Excel Unspecified Page Name Memory Corruption Attempt (more info ...) | attempted-user | 2006-0031 | 15926 | ||
| 17539 | SPECIFIC-THREATS Microsoft Excel Unspecified Grafic Pointer Memory Corruption Attempt (more info ...) | attempted-user | 2006-0030 | 15926 | ||
| 17542 | SPECIFIC-THREATS Excel MalformedPalete Record Memory Corruption attempt (more info ...) | attempted-user | 2007-0031 | 21922 | ||
| 17543 | WEB-CLIENT Excel Column Record Handling Memory Corruption attempt (more info ...) | attempted-user | 2007-0030 | 21925 | ||
| 17550 | SPECIFIC-THREATS Microsoft Word Font Parsing Buffer Overflow attempt (more info ...) | attempted-user | 2005-0564 | 14216 | ||
| 17555 | SPECIFIC-THREATS Macrovision InstallShield Update Service ActiveX exploit attempt (more info ...) | attempted-user | 2007-5660 | 31235 | URL | |
| 17560 | SPECIFIC-THREATS Microsoft Word Global Array Index Heap Overflow attempt (more info ...) | attempted-user | 2008-4026 | 32583 | ||
| 17565 | SPECIFIC-THREATS Microsoft Office PowerPoint PP7 File Handling Memory Corruption attempt (more info ...) | attempted-user | 2009-0225 | 34880 | ||
| 17568 | WEB-MISC Microsoft Office XP URL Handling Buffer Overflow attempt (more info ...) | attempted-admin | 2004-0848 | 12480 | ||
| 17574 | SPECIFIC-THREATS Sophos Anti-Virus Visio File Parsing Buffer Overflow attempt (more info ...) | attempted-user | 2005-2768 | 14362 | ||
| 17578 | SPECIFIC-THREATS Microsoft Word Section Table Array Buffer Overflow attempt (more info ...) | attempted-user | 2007-0515 | 22225 | ||
| 17579 | SPECIFIC-THREATS Microsoft Office Drawing Record msofbtOPT Code Execution attempt (more info ...) | attempted-user | 2007-0671 | 22383 | ||
| 17591 | WEB-CLIENT Microsoft Word Crafted Sprm memory corruption attempt (more info ...) | attempted-user | 2008-4837 | 32584 | ||
| 17649 | WEB-CLIENT Microsoft Word array data handling buffer overflow attempt (more info ...) | attempted-user | 2007-0035 | 23804 | ||
| 17655 | WEB-CLIENT Microsoft Excel malformed formula parsing code execution attempt (more info ...) | attempted-user | 2008-0115 | 28167 | URL | |
| 17665 | WEB-CLIENT OpenOffice Word document table parsing multiple heap based buffer overflow attempt (more info ...) | attempted-user | 2009-0201 | 36200 | ||
| 17670 | WEB-ACTIVEX BigAnt Office Manager ActiveX clsid access (more info ...) | attempted-user | 39721 | |||
| 17671 | WEB-ACTIVEX BigAnt Office Manager ActiveX clsid unicode access (more info ...) | attempted-user | 39721 | |||
| 17672 | WEB-ACTIVEX BigAnt Office Manager ActiveX function call access (more info ...) | attempted-user | 39721 | |||
| 17673 | WEB-ACTIVEX BigAnt Office Manager ActiveX function call unicode access (more info ...) | attempted-user | 39721 | |||
| 17690 | EXPLOIT Microsoft Word remote code execution attempt (more info ...) | attempted-user | 2009-0565 | URL | ||
| 17691 | EXPLOIT Microsoft Word remote code execution attempt (more info ...) | attempted-user | 2009-0565 | URL | ||
| 17701 | SPECIFIC-THREATS Office Viewer ActiveX arbitrary command execution attempt (more info ...) | attempted-user | 2007-2588 | 33245 | URL | |
| 17734 | WEB-MISC Excel REPT integer underflow attempt (more info ...) | attempted-user | 2008-4019 | 31706 | ||
| 17742 | EXPLOIT Microsoft Word remote code execution attempt (more info ...) | attempted-user | 2009-0563 | URL | ||
| 17743 | EXPLOIT Microsoft Word RTF parsing memory corruption (more info ...) | attempted-user | 2008-1091 | 29104 | URL | |
| 17754 | EXPLOIT Microsoft Word bookmark bound check remote code execution attempt (more info ...) | attempted-user | 2010-3216 | URL | ||
| 17755 | EXPLOIT Microsoft Word unchecked index value remote code execution attempt (more info ...) | attempted-user | 2010-3219 | URL | ||
| 17756 | WEB-CLIENT Microsoft Word XP PLFLSInTableStream heap overflow attempt (more info ...) | attempted-user | 2010-3220 | URL | ||
| 17757 | WEB-CLIENT Microsoft Excel CrErr record integer overflow attempt (more info ...) | attempted-user | 2010-3230 | URL | ||
| 17758 | EXPLOIT Microsoft Excel PtgExtraArray data parsing vulnerability exploit attempt (more info ...) | attempted-user | 2010-3231 | URL | ||
| 17759 | EXPLOIT Microsoft Excel invalid SerAr object exploit attempt (more info ...) | attempted-user | 2010-3239 | URL | ||
| 17760 | EXPLOIT Microsoft Excel RealTimeData record exploit attempt (more info ...) | attempted-user | 2010-3240 | URL | ||
| 17761 | WEB-CLIENT Microsoft Excel malformed MergeCells record exploit attempt (more info ...) | attempted-user | 2010-3237 | URL | ||
| 17762 | WEB-CLIENT Microsoft Excel corrupted TABLE record clean up exploit attempt (more info ...) | attempted-user | 2010-3232 | URL | ||
| 17763 | EXPLOIT Microsoft Excel GhostRw record exploit attempt (more info ...) | attempted-user | 2010-3242 | URL | ||
| 17764 | EXPLOIT Microsoft Excel PtgName invalid index exploit attempt (more info ...) | attempted-user | 2010-3235 | URL | ||
| 18063 | WEB-CLIENT Microsoft Office embedded Office Art drawings execution attempt (more info ...) | attempted-user | 2010-3334 | URL | ||
| 18067 | WEB-CLIENT Microsoft Office RTF parsing remote code execution attempt (more info ...) | attempted-user | 2010-3333 | URL | ||
| 18068 | EXPLOIT Microsoft Excel malformed MsoDrawingObject record attempt (more info ...) | attempted-user | 2010-3335 | URL | ||
| 18069 | WEB-CLIENT Microsoft Office Art drawing invalid shape identifier attempt (more info ...) | attempted-user | 2010-3336 | URL | ||
| 18200 | EXPLOIT Microsoft Office .CGM file cell array heap overflow attempt (more info ...) | attempted-user | 2010-3945 | URL | ||
| 18201 | EXPLOIT Microsoft Office TIFF filter remote code execution attempt (more info ...) | attempted-user | 2010-3947 | URL | ||
| 18235 | WEB-CLIENT Microsoft Office PICT graphics converter memory corruption attempt (more info ...) | attempted-user | 2010-3946 | URL | ||
| 18236 | SPECIFIC-THREATS Microsoft Office TIFFIM32.FLT filter memory corruption attempt (more info ...) | attempted-user | 2010-3949 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 233 | DDOS Trin00 Attacker to Master default startup password (more info ...) | attempted-dos | 2000-0138 | |||
| 234 | DDOS Trin00 Attacker to Master default password (more info ...) | attempted-dos | 2000-0138 | |||
| 235 | DDOS Trin00 Attacker to Master default mdie password (more info ...) | bad-unknown | 2000-0138 | |||
| 237 | DDOS Trin00 Master to Daemon default password attempt (more info ...) | attempted-dos | 2000-0138 | |||
| 505 | MISC Insecure TIMBUKTU Password (more info ...) | bad-unknown | ||||
| 1098 | WEB-MISC SmartWin CyberOffice Shopping Cart access (more info ...) | web-application-attack | 2000-0925 | 1734 | ||
| 1192 | WEB-MISC Trend Micro OfficeScan access (more info ...) | attempted-recon | 1057 | |||
| 1381 | WEB-MISC Trend Micro OfficeScan attempt (more info ...) | attempted-recon | 1057 | |||
| 1859 | WEB-MISC Sun JavaServer default password login attempt (more info ...) | default-login-attempt | 10995 | |||
| 1860 | WEB-MISC Linksys router default password login attempt (more info ...) | default-login-attempt | 10999 | |||
| 1861 | WEB-MISC Linksys router default username and password login attempt (more info ...) | default-login-attempt | 10999 | |||
| 2027 | RPC yppasswd old password overflow attempt UDP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2028 | RPC yppasswd old password overflow attempt TCP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2029 | RPC yppasswd new password overflow attempt UDP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2030 | RPC yppasswd new password overflow attempt TCP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2114 | RSERVICES rexec password overflow attempt (more info ...) | attempted-admin | ||||
| 2230 | WEB-MISC NetGear router default password login attempt admin/password (more info ...) | default-login-attempt | 11737 | |||
| 2408 | WEB-MISC Invision Power Board search.pl access (more info ...) | web-application-activity | 9766 | |||
| 6471 | EXPLOIT RealVNC password authentication bypass attempt (more info ...) | attempted-admin | 2006-2369 | 17978 | ||
| 7024 | WEB-CLIENT excel style handling overflow attempt (more info ...) | attempted-user | 2006-3431 | 18872 | URL | |
| 7088 | BACKDOOR sinique 1.0 runtime detection - initial connection with correct password server-to-client (more info ...) | trojan-activity | URL | |||
| 7090 | BACKDOOR sinique 1.0 runtime detection - initial connection with wrong password server-to-client (more info ...) | trojan-activity | URL | |||
| 7204 | WEB-CLIENT excel object ftCmo overflow attempt (more info ...) | attempted-user | 2006-1306 | 18886 | ||
| 7205 | WEB-CLIENT excel FngGroupCount record overflow attempt (more info ...) | attempted-user | 2006-1308 | 18890 | ||
| 7872 | WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX clsid access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 7873 | WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX clsid unicode access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 10087 | EXPLOIT VNC password request buffer overflow attempt (more info ...) | web-application-attack | 2006-1652 | 2305 | ||
| 10407 | EXPLOIT Helix Server LoadTestPassword buffer overflow attempt (more info ...) | attempted-admin | 2006-6026 | 23068 | URL | |
| 11199 | WEB-ACTIVEX Office Viewer ActiveX clsid access (more info ...) | attempted-user | 33283 | URL | ||
| 11200 | WEB-ACTIVEX Office Viewer ActiveX clsid unicode access (more info ...) | attempted-user | 33283 | URL | ||
| 11201 | WEB-ACTIVEX Office Viewer ActiveX function call access (more info ...) | attempted-user | 33283 | URL | ||
| 11202 | WEB-ACTIVEX Office Viewer ActiveX function call unicode access (more info ...) | attempted-user | 33283 | URL | ||
| 11622 | WEB-ACTIVEX Microsoft Office 2000 OUACTR ActiveX clsid access (more info ...) | attempted-user | 2007-2903 | 24118 | URL | |
| 11623 | WEB-ACTIVEX Microsoft Office 2000 OUACTR ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2903 | 24118 | URL | |
| 11660 | WEB-ACTIVEX EDraw Office Viewer ActiveX clsid access (more info ...) | attempted-user | 24230 | URL | ||
| 11661 | WEB-ACTIVEX EDraw Office Viewer ActiveX clsid unicode access (more info ...) | attempted-user | 24230 | URL | ||
| 11662 | WEB-ACTIVEX EDraw Office Viewer ActiveX function call access (more info ...) | attempted-user | 24230 | URL | ||
| 11663 | WEB-ACTIVEX EDraw Office Viewer ActiveX function call unicode access (more info ...) | attempted-user | 24230 | URL | ||
| 11967 | WEB-ACTIVEX Microsoft Office Data Source Control 11.0 ActiveX function call unicode access (more info ...) | attempted-user | 2006-3729 | 24462 | URL | |
| 12070 | EXPLOIT Microsoft Excel malformed version field (more info ...) | attempted-user | 2007-1756 | 24801 | URL | |
| 12099 | MISC Microsoft Excel rtWindow1 record handling arbitrary code execution attempt (more info ...) | attempted-user | 2007-3029 | 22555 | URL | |
| 12184 | MISC Microsoft Excel workbook workspace designation handling arbitrary code execution attempt (more info ...) | attempted-user | 2007-3030 | 24803 | URL | |
| 12234 | BACKDOOR theef 2.10 runtime detection - connect with no password (more info ...) | trojan-activity | URL | |||
| 12236 | BACKDOOR theef 2.10 runtime detection - connect with password (more info ...) | trojan-activity | URL | |||
| 12261 | WEB-ACTIVEX Microsoft Visual Basic 6 PDWizard.File ActiveX clsid access (more info ...) | attempted-user | 2007-3041 | URL | ||
| 12262 | WEB-ACTIVEX Microsoft Visual Basic 6 PDWizard.File ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3041 | URL | ||
| 12263 | WEB-ACTIVEX Microsoft Visual Basic 6 PDWizard.File ActiveX function call access (more info ...) | attempted-user | 2007-3041 | URL | ||
| 12264 | WEB-ACTIVEX Microsoft Visual Basic 6 PDWizard.File ActiveX function call unicode access (more info ...) | attempted-user | 2007-3041 | URL | ||
| 12265 | WEB-ACTIVEX Microsoft Visual Basic 6 SearchHelper ActiveX clsid access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12266 | WEB-ACTIVEX Microsoft Visual Basic 6 SearchHelper ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12267 | WEB-ACTIVEX Microsoft Visual Basic 6 SearchHelper ActiveX function call access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12268 | WEB-ACTIVEX Microsoft Visual Basic 6 SearchHelper ActiveX function call unicode access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12269 | WEB-ACTIVEX Microsoft Visual Basic 6 TLIApplication ActiveX clsid access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12270 | WEB-ACTIVEX Microsoft Visual Basic 6 TLIApplication ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12271 | WEB-ACTIVEX Microsoft Visual Basic 6 TLIApplication ActiveX function call access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12272 | WEB-ACTIVEX Microsoft Visual Basic 6 TLIApplication ActiveX function call unicode access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12273 | WEB-ACTIVEX Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12274 | WEB-ACTIVEX Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid unicode access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12275 | WEB-ACTIVEX Microsoft Visual Basic 6 TypeLibInfo ActiveX function call access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12276 | WEB-ACTIVEX Microsoft Visual Basic 6 TypeLibInfo ActiveX function call unicode access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12284 | WEB-CLIENT Excel rtWnDesk record memory corruption exploit attempt (more info ...) | attempted-user | 2007-3890 | URL | ||
| 12430 | WEB-ACTIVEX EDraw Office Viewer Component ActiveX clsid access (more info ...) | attempted-user | 2007-4821 | 25892 | ||
| 12431 | WEB-ACTIVEX EDraw Office Viewer Component ActiveX clsid unicode access (more info ...) | attempted-user | 2007-4821 | 25892 | ||
| 12432 | WEB-ACTIVEX EDraw Office Viewer Component ActiveX function call access (more info ...) | attempted-user | 2007-4821 | 25892 | ||
| 12433 | WEB-ACTIVEX EDraw Office Viewer Component ActiveX function call unicode access (more info ...) | attempted-user | 2007-4821 | 25892 | ||
| 12618 | WEB-CLIENT Microsoft Visual Basic VBP file reference overflow attempt (more info ...) | attempted-user | 2007-4776 | 25629 | ||
| 13277 | SPYWARE-PUT Adware netword agent runtime detection (more info ...) | misc-activity | URL | |||
| 13467 | WEB-ACTIVEX Office 2000 and 2002 Web Components Spreadsheet ActiveX clsid unicode access (more info ...) | attempted-user | 2006-4695 | 4453 | URL | |
| 13468 | WEB-ACTIVEX Office 2000 and 2002 Web Components Data Source Control ActiveX clsid unicode access (more info ...) | attempted-user | 2007-1201 | 4449 | URL | |
| 13469 | WEB-CLIENT Microsoft Word ole stream memory corruption attempt (more info ...) | attempted-user | 2008-0109 | URL | ||
| 13556 | SPYWARE-PUT Hijacker kword interkey runtime detection - search traffic 1 (more info ...) | misc-activity | URL | |||
| 13557 | SPYWARE-PUT Hijacker kword interkey runtime detection - search traffic 2 (more info ...) | misc-activity | URL | |||
| 13558 | SPYWARE-PUT Hijacker kword interkey runtime detection - log user info (more info ...) | misc-activity | URL | |||
| 13569 | WEB-CLIENT Microsoft Excel macro validation arbitrary code execution attempt (more info ...) | attempted-user | 2008-0081 | URL | ||
| 13580 | WEB-ACTIVEX Microsoft Office Web Components remote code execution attempt ActiveX clsid access (more info ...) | attempted-user | 2006-4695 | URL | ||
| 13581 | WEB-ACTIVEX Microsoft Office Web Components remote code execution attempt ActiveX clsid unicode access (more info ...) | attempted-user | 2006-4695 | URL | ||
| 13958 | WEB-CLIENT WordPerfect Graphics file invalid RLE buffer overflow attempt (more info ...) | attempted-user | 2008-3460 | URL | ||
| 15089 | WEB-ACTIVEX Microsoft Visual Basic Charts ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4256 | URL | ||
| 15091 | WEB-ACTIVEX Microsoft Visual Basic Charts ActiveX function call unicode access (more info ...) | attempted-user | 2008-4256 | URL | ||
| 15093 | WEB-ACTIVEX Microsoft Visual Basic DataGrid ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4252 | URL | ||
| 15095 | WEB-ACTIVEX Microsoft Visual Basic DataGrid ActiveX function call unicode access (more info ...) | attempted-user | 2008-4252 | URL | ||
| 15097 | WEB-ACTIVEX Microsoft Visual Basic FlexGrid ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4253 | URL | ||
| 15099 | WEB-ACTIVEX Microsoft Visual Basic FlexGrid ActiveX function call unicode access (more info ...) | attempted-user | 2008-4253 | URL | ||
| 15101 | WEB-ACTIVEX Microsoft Visual Basic Hierarchical FlexGrid ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4254 | URL | ||
| 15103 | WEB-ACTIVEX Microsoft Visual Basic Hierarchical FlexGrid ActiveX function call unicode access (more info ...) | attempted-user | 2008-4254 | URL | ||
| 15119 | WEB-ACTIVEX Microsoft Visual Basic Winsock ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4251 | URL | ||
| 15121 | WEB-ACTIVEX Microsoft Visual Basic Winsock ActiveX function call unicode access (more info ...) | attempted-user | 2008-4251 | URL | ||
| 15539 | WEB-CLIENT Microsoft Office Excel Formula record remote code execution attempt (more info ...) | attempted-user | 2009-0560 | URL | ||
| 15575 | WEB-CLIENT WordPerfect file download (more info ...) | misc-activity | URL | |||
| 15686 | WEB-ACTIVEX Microsoft Office Web Components 10 Spreadsheet ActiveX clsid unicode access (more info ...) | attempted-user | 2009-2496 | URL | ||
| 15688 | WEB-ACTIVEX Microsoft Office Web Components 10 Spreadsheet ActiveX function call unicode access (more info ...) | attempted-user | 2009-2496 | URL | ||
| 15690 | WEB-ACTIVEX Microsoft Office Web Components 11 Spreadsheet ActiveX clsid unicode access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 15692 | WEB-ACTIVEX Microsoft Office Web Components 11 Spreadsheet ActiveX function call unicode access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 15855 | WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX function call access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 15856 | WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX function call unicode access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 15858 | WEB-ACTIVEX Microsoft Office Web Components Spreadsheet ActiveX clsid access (more info ...) | attempted-user | 2009-1534 | URL | ||
| 15859 | WEB-ACTIVEX Microsoft Office Web Components Spreadsheet ActiveX clsid unicode access (more info ...) | attempted-user | 2009-1534 | URL | ||
| 16059 | EXPLOIT Microsoft Excel malformed file format parsing code execution attempt (more info ...) | attempted-user | 2006-0028 | URL | ||
| 16228 | WEB-CLIENT Microsoft Excel malformed StartObject record arbitrary code execution attempt (more info ...) | attempted-admin | 2009-3134 | URL | ||
| 16650 | WEB-CLIENT Microsoft Excel ExternName record stack buffer overflow attempt - 1 (more info ...) | attempted-user | 2010-1249 | URL | ||
| 16651 | WEB-CLIENT Microsoft Excel ExternName record stack buffer overflow attempt - 2 (more info ...) | attempted-user | 2010-1249 | URL | ||
| 16652 | WEB-CLIENT Microsoft Excel ExternName record stack buffer overflow attempt - 3 (more info ...) | attempted-user | 2010-1249 | URL | ||
| 16653 | WEB-CLIENT Microsoft Excel ExternName record stack buffer overflow attempt - 4 (more info ...) | attempted-user | 2010-1249 | URL | ||
| 16654 | WEB-CLIENT Microsoft Excel undocumented Publisher record heap buffer overflow attempt (more info ...) | attempted-user | 2010-1250 | URL | ||
| 16655 | WEB-CLIENT Microsoft Excel Lbl record stack overflow attempt (more info ...) | attempted-user | 2010-1251 | URL | ||
| 16656 | WEB-CLIENT Microsoft Excel BIFF5 ExternSheet record stack overflow attempt (more info ...) | attempted-user | 2010-1252 | URL | ||
| 16657 | WEB-CLIENT Microsoft Excel DBQueryExt record memory corruption attempt (more info ...) | attempted-user | 2010-1253 | URL | ||
| 17134 | WEB-CLIENT Microsoft Excel out-of-bounds structure read memory corruption attempt (more info ...) | attempted-user | 2010-2562 | URL | ||
| 17388 | WEB-CLIENT OpenOffice EMF file EMR record parsing integer overflow attempt (more info ...) | attempted-user | 2008-2238 | URL | ||
| 17532 | SPECIFIC-THREATS Microsoft Excel TXO and OBJ Records Parsing Stack Memory Corruption (more info ...) | attempted-user | 2008-4265 | 32618 | ||
| 17708 | EXPLOIT VNC password request URL buffer overflow attempt (more info ...) | web-application-attack | 2006-1652 | 17378 | ||
| 18049 | PHISHING-SPAM word.onlinephilbert42f.ru known spam email attempt (more info ...) | policy-violation |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3686 | WEB-CLIENT Microsoft Internet Explorer Content Advisor memory corruption attempt (more info ...) | attempted-user | 2005-0555 | URL | ||
| 3814 | WEB-CLIENT IE javaprxy.dll COM access (more info ...) | attempted-user | 2005-2087 | 14087 | URL | |
| 4169 | WEB-ACTIVEX Internet Explorer Active Setup ActiveX Object Access (more info ...) | attempted-user | 667 | URL | ||
| 4198 | WEB-ACTIVEX Internet Explorer Blnmgrps.dll ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4199 | WEB-ACTIVEX Internet Explorer Blnmgrps.dll ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4210 | WEB-ACTIVEX Internet Explorer Msb1geen.dll ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4222 | WEB-ACTIVEX Internet Explorer Outllib.dll ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4235 | WEB-ACTIVEX Helper Object for Java ActiveX Object Access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4647 | WEB-CLIENT internet explorer javascript onload overflow attempt (more info ...) | attempted-user | 2005-1790 | 13799 | URL | |
| 4917 | WEB-CLIENT internet explorer javascript onload prompt obfuscation overflow attempt (more info ...) | attempted-user | 2005-1790 | 13799 | URL | |
| 6509 | WEB-CLIENT Internet Explorer mhtml uri href buffer overflow attempt (more info ...) | attempted-user | 2006-2766 | 18198 | URL | |
| 6510 | WEB-CLIENT Internet Explorer mhtml uri shortcut buffer overflow attempt (more info ...) | attempted-user | 2006-2766 | 18198 | URL | |
| 8019 | WEB-ACTIVEX Internet Explorer Address Bar ActiveX CLSID access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8020 | WEB-ACTIVEX Internet Explorer Address Bar ActiveX CLSID unicode access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8058 | WEB-CLIENT Mozilla javascript navigator object access (more info ...) | attempted-user | 2006-3677 | 19181 | URL | |
| 8443 | WEB-CLIENT Mozilla regular expression heap corruption attempt (more info ...) | attempted-user | 2006-4566 | 20042 | ||
| 9628 | WEB-ACTIVEX javaprxy.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2005-2087 | 14087 | URL | |
| 9843 | WEB-CLIENT Adobe Acrobat Plugin JavaScript parameter double free attempt (more info ...) | attempted-user | 2007-0046 | URL | ||
| 10062 | WEB-CLIENT Java Virtual Machine malformed GIF buffer overflow attempt (more info ...) | attempted-user | 2007-0243 | 22085 | ||
| 10131 | WEB-CLIENT mozilla compareTo arbitrary code execution attempt (more info ...) | attempted-user | 2005-2265 | 14242 | URL | |
| 11257 | WEB-CLIENT Microsoft Internet Explorer colgroup tag uninitialized memory corruption vulnerability (more info ...) | attempted-user | 2007-0944 | 23771 | URL | |
| 11680 | MISC Sun Java web proxy sockd buffer overflow attempt (more info ...) | attempted-admin | 2007-2881 | 24165 | URL | |
| 11834 | WEB-MISC Internet Explorer navcancl.htm url spoofing attempt (more info ...) | misc-attack | 2007-1752 | 22966 | URL | |
| 12472 | WEB-ACTIVEX Sun Java Web Start ActiveX clsid access (more info ...) | attempted-user | 2007-5019 | 25734 | ||
| 12473 | WEB-ACTIVEX Sun Java Web Start ActiveX clsid unicode access (more info ...) | attempted-user | 2007-5019 | 25734 | ||
| 12474 | WEB-ACTIVEX Sun Java Web Start ActiveX function call access (more info ...) | attempted-user | 2007-5019 | 25734 | ||
| 12475 | WEB-ACTIVEX Sun Java Web Start ActiveX function call unicode access (more info ...) | attempted-user | 2007-5019 | 25734 | ||
| 13834 | WEB-CLIENT Microsoft Internet Explorer request header overwrite (more info ...) | misc-activity | 2008-1544 | URL | ||
| 13838 | WEB-CLIENT Mozilla Firefox IFRAME style change handling code execution (more info ...) | attempted-user | 2008-1236 | 28448 | URL | |
| 13960 | WEB-CLIENT Microsoft Internet Explorer static text range overflow attempt (more info ...) | attempted-user | 2008-2255 | URL | ||
| 13961 | WEB-CLIENT Internet Explorer table layout access violation vulnerability (more info ...) | misc-attack | 2008-2258 | URL | ||
| 13963 | WEB-CLIENT Internet Explorer argument validation in print preview handling vulnerability (more info ...) | attempted-user | 2008-2259 | URL | ||
| 14615 | EXPLOIT Sun Java web console format string attempt (more info ...) | attempted-user | 2007-1681 | |||
| 15081 | WEB-CLIENT Sun Java Web Start xml encoding buffer overflow attempt (more info ...) | attempted-admin | 2008-1188 | 28083 | URL | |
| 15114 | WEB-CLIENT Microsoft Internet Explorer embed src buffer overflow attempt (more info ...) | attempted-user | 2008-4261 | URL | ||
| 15126 | WEB-CLIENT Internet Explorer nested tag memory corruption attempt (more info ...) | attempted-user | 2008-4844 | 32721 | URL | |
| 15164 | SPECIFIC-THREATS Mozilla Products SVG Layout Engine Index Parameter memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 15191 | SPECIFIC-THREATS Mozilla Firefox animated PNG processing integer overflow (more info ...) | attempted-user | 2008-4064 | |||
| 15237 | WEB-MISC Java .class file download attempt (more info ...) | misc-activity | ||||
| 15238 | SPECIFIC-THREATS Apple QuickTime for Java toQTPointer function memory corruption attempt (more info ...) | attempted-user | 2007-2175 | 23608 | ||
| 15300 | WEB-CLIENT Microsoft Internet Explorer EMF polyline overflow attempt (more info ...) | attempted-user | 2009-0081 | URL | ||
| 15304 | WEB-CLIENT Internet Explorer object clone deletion memory corruption attempt (more info ...) | attempted-user | 2009-0075 | URL | ||
| 15305 | WEB-CLIENT Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 15362 | WEB-CLIENT obfuscated javascript excessive fromCharCode - potential attack (more info ...) | misc-activity | URL | |||
| 15363 | WEB-CLIENT Potential obfuscated javascript eval unescape attack attempt (more info ...) | misc-activity | URL | |||
| 15383 | SPECIFIC-THREATS Mozilla Firefox XBL Event Handler Tags Removal memory corruption attempt (more info ...) | attempted-user | 2007-5339 | 26132 | ||
| 15428 | WEB-CLIENT Mozilla Firefox SVG data processing memory corruption attempt (more info ...) | attempted-user | 2009-0771 | 33990 | URL | |
| 15458 | EXPLOIT Internet Explorer navigating between pages race condition attempt (more info ...) | attempted-user | 2009-0551 | URL | ||
| 15459 | EXPLOIT Internet Explorer deleted/unitialized object memory corruption attempt (more info ...) | attempted-user | 2009-0552 | URL | ||
| 15460 | EXPLOIT Internet Explorer ActiveX load/unload race condition attempt (more info ...) | attempted-user | 2009-0553 | URL | ||
| 15461 | WEB-CLIENT Microsoft Internet Explorer marquee tag onstart memory corruption (more info ...) | attempted-user | 2009-0554 | URL | ||
| 15482 | EXPLOIT Sun Java System sockd authentication buffer overflow attempt (more info ...) | attempted-admin | 2007-2881 | |||
| 15529 | WEB-CLIENT Microsoft Internet Explorer cross-domain navigation cookie stealing attempt (more info ...) | misc-attack | 2007-3091 | URL | ||
| 15678 | SPECIFIC-THREATS Microsoft DirectShow ActiveX exploit via JavaScript (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15679 | SPECIFIC-THREATS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15697 | WEB-CLIENT Generic javascript obfuscation attempt (more info ...) | attempted-user | 35660 | |||
| 15698 | WEB-CLIENT Possible generic javascript heap spray attempt (more info ...) | attempted-user | 35660 | |||
| 15699 | SPECIFIC-THREATS Mozilla Firefox 3.5 unicode stack overflow attempt (more info ...) | attempted-user | 2009-2479 | 35707 | ||
| 15731 | EXPLOIT javascript deleted reference arbitrary code execution attempt (more info ...) | attempted-user | 2009-1917 | URL | ||
| 15732 | EXPLOIT Microsoft Internet Explorer CSS handling memory corruption attempt (more info ...) | attempted-user | 2009-1919 | URL | ||
| 15733 | EXPLOIT Microsoft Internet Explorer empty table tag memory corruption attempt (more info ...) | attempted-user | 2009-1918 | URL | ||
| 15880 | SPECIFIC-THREATS Microsoft Internet Explorer popup window object tag code execution attempt (more info ...) | attempted-user | 2003-0838 | |||
| 15910 | EXPLOIT Microsoft Internet Explorer getElementById object corruption (more info ...) | attempted-user | 2008-2254 | 30614 | URL | |
| 15997 | SPECIFIC-THREATS Mozilla Firefox JIT escape function memory corruption attempt (more info ...) | attempted-user | 2009-2477 | 35660 | URL | |
| 15999 | SPECIFIC-THREATS Mozilla products frame comment objects manipulation memory corruption attempt (more info ...) | attempted-user | 2006-6504 | 21668 | ||
| 16000 | WEB-CLIENT Sun Microsystems Java gif handling memory corruption attempt (more info ...) | attempted-user | 2007-0243 | 22085 | ||
| 16005 | SPECIFIC-THREATS Mozilla browsers JavaScript argument passing code execution attempt (more info ...) | attempted-user | 2007-0777 | 22694 | ||
| 16007 | SPECIFIC-THREATS Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (more info ...) | attempted-user | 2007-0944 | 23771 | URL | |
| 16008 | WEB-MISC Microsoft Internet Explorer 7 html object memory corruption attempt (more info ...) | misc-activity | 2007-0947 | |||
| 16009 | SPECIFIC-THREATS Mozilla products overflow event handling memory corruption attempt (more info ...) | attempted-user | 2007-2876 | 24376 | ||
| 16024 | SPECIFIC-THREATS Mozilla Firefox Javascript Function focus overflow attempt (more info ...) | attempted-user | 2006-1993 | 17671 | ||
| 16031 | WEB-CLIENT Microsoft Internet Explorer nested object tag memory corruption attempt (more info ...) | attempted-user | 2006-1992 | 17658 | ||
| 16032 | WEB-CLIENT Microsoft Internet Explorer HTML Decoding memory corruption attempt (more info ...) | attempted-user | 2006-2382 | 18309 | ||
| 16033 | SPECIFIC-THREATS Microsoft Internet Explorer compressed content attempt (more info ...) | attempted-user | 2006-3873 | 19987 | ||
| 16035 | WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | ||
| 16036 | WEB-CLIENT Mozilla Products QueryInterface method memory corruption attempt (more info ...) | attempted-user | 2006-0295 | 16476 | ||
| 16037 | WEB-CLIENT Mozilla products graphics and XML features integer overflows attempt (more info ...) | attempted-user | 2006-0297 | 16476 | ||
| 16038 | MISC Mozilla Thunderbird WYSIWIG engine filtering IFRAME JavaScript execution attempt (more info ...) | attempted-user | 2006-0884 | 16770 | ||
| 16042 | SPECIFIC-THREATS Mozilla browsers CSS moz-binding cross domain scripting attempt (more info ...) | attempted-user | 2006-0496 | 16427 | ||
| 16043 | WEB-CLIENT Microsoft Internet Explorer html tag memory corruption attempt (more info ...) | attempted-dos | 2006-1188 | 17468 | ||
| 16044 | WEB-CLIENT Mozilla Firefox CSS Letter-Spacing overflow attempt (more info ...) | attempted-user | 2006-1730 | 17516 | ||
| 16045 | SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt (more info ...) | attempted-user | 2006-3280 | 18682 | ||
| 16047 | SPECIFIC-THREATS Mozilla Firefox layout frame constructor memory corruption attempt (more info ...) | attempted-user | 2007-5959 | |||
| 16050 | WEB-CLIENT Mozilla Firefox tag order memory corruption attempt (more info ...) | attempted-user | 2006-0749 | 17516 | ||
| 16063 | WEB-CLIENT Internet Explorer isindex buffer overflow attempt (more info ...) | attempted-user | 2008-0076 | 27668 | URL | |
| 16064 | SPECIFIC-THREATS internet explorer onBeforeUnload address bar spoofing attempt (more info ...) | misc-activity | 2007-3826 | 24911 | URL | |
| 16065 | SPECIFIC-THREATS internet explorer location.replace memory corruption attempt (more info ...) | attempted-user | 2007-5347 | 26427 | URL | |
| 16067 | SPECIFIC-THREATS Microsoft Internet Explorer DOM object cache management memory corruption attempt (more info ...) | attempted-user | 2007-5344 | |||
| 16142 | SPECIFIC-THREATS Mozilla Firefox PKCS11 module installation code execution attempt (more info ...) | attempted-user | 2009-3076 | 36343 | ||
| 16145 | SPECIFIC-THREATS Apple Safari Webkit floating point buffer overflow attempt (more info ...) | attempted-user | 2009-2195 | 36023 | ||
| 16149 | EXPLOIT Microsoft Internet Explorer data stream header remote code execution attempt (more info ...) | attempted-user | 2009-1547 | URL | ||
| 16150 | EXPLOIT Internet Explorer variant argument validation remote code execution attempt (more info ...) | misc-activity | 2009-2529 | URL | ||
| 16151 | WEB-CLIENT Internet Explorer unitialized or deleted object access attempt (more info ...) | misc-activity | 2009-2530 | URL | ||
| 16152 | EXPLOIT Internet Explorer table layout unitialized or deleted object access attempt (more info ...) | misc-activity | 2009-2531 | URL | ||
| 16169 | WEB-CLIENT Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 16284 | SPECIFIC-THREATS Mozilla Firefox ClearTextRun exploit attempt (more info ...) | attempted-user | 2009-1313 | 34743 | ||
| 16288 | SPECIFIC-THREATS Sun Java Runtime AWT setDiffICM stack buffer overflow attempt (more info ...) | attempted-user | 2009-3869 | 36881 | ||
| 16291 | WEB-CLIENT Mozilla Network Security Services regexp heap overflow attempt (more info ...) | attempted-user | 2009-2404 | 35891 | ||
| 16317 | EXPLOIT Internet Explorer mouse move during refresh memory corruption attempt (more info ...) | attempted-user | 2009-3673 | URL | ||
| 16319 | WEB-CLIENT Safari-IE SearchPath blended threat attempt (more info ...) | attempted-user | 2008-2540 | URL | ||
| 16326 | EXPLOIT Microsoft Internet Explorer 8 DOM memory corruption attempt (more info ...) | attempted-user | 2010-0246 | URL | ||
| 16339 | WEB-CLIENT Internet Explorer object clone deletion memory corruption attempt - obfuscated (more info ...) | attempted-user | 2009-0075 | URL | ||
| 16344 | SPECIFIC-THREATS Mozilla Firefox top-level script object offset calculation memory corruption attempt (more info ...) | attempted-user | 2009-3073 | 36343 | ||
| 16347 | SPECIFIC-THREATS Mozilla Firefox browser engine memory corruption attempt (more info ...) | attempted-user | 2009-3382 | 36866 | ||
| 16367 | WEB-CLIENT Microsoft Internet Explorer invalid object access memory corruption attempt (more info ...) | attempted-user | 2010-0249 | URL | ||
| 16369 | EXPLOIT Microsoft Internet Explorer deleted object access memory corruption attempt - public exploit (more info ...) | attempted-user | 2010-0249 | URL | ||
| 16376 | EXPLOIT Internet Explorer onPropertyChange deleteTable memory corruption attempt (more info ...) | misc-activity | 2010-0244 | |||
| 16377 | EXPLOIT Internet Explorer DOM mergeAttributes memory corruption attempt (more info ...) | misc-activity | 2010-0247 | |||
| 16392 | WEB-MISC Sun Java System Web Server 7.0u7 authorization digest heap overflow (more info ...) | attempted-user | 2010-0387 | 37896 | ||
| 16426 | WEB-MISC Sun Java System Web Server 7.0 WebDAV format string exploit attempt - PROPFIND method (more info ...) | attempted-user | 2010-0388 | 37910 | ||
| 16427 | WEB-MISC Sun Java System Web Server 7.0 WebDAV format string exploit attempt - LOCK method (more info ...) | attempted-user | 2010-0388 | 37910 | ||
| 16442 | BOTNET-CNC Possible Zeus User-Agent - Mozilla (more info ...) | trojan-activity | URL | |||
| 16482 | WEB-CLIENT Internet Explorer userdata behavior memory corruption attempt (more info ...) | attempted-user | 2010-0806 | URL | ||
| 16492 | WEB-CLIENT Safari inline text box use after free attempt (more info ...) | attempted-user | 2010-0049 | |||
| 16501 | WEB-CLIENT Mozilla Firefox WOFF font processing integer overflow attempt - TrueType (more info ...) | attempted-user | 2010-1028 | 38298 | URL | |
| 16502 | WEB-CLIENT Mozilla Firefox WOFF font processing integer overflow attempt - CFF-based (more info ...) | attempted-user | 2010-1028 | 38298 | URL | |
| 16503 | EXPLOIT Microsoft Internet Explorer event handling remote code execution attempt (more info ...) | attempted-user | 2010-0267 | URL | ||
| 16504 | EXPLOIT Microsoft Internet Explorer 7 encoded content handling exploit attempt (more info ...) | misc-attack | 2010-0488 | URL | ||
| 16509 | EXPLOIT Microsoft Internet Explorer designMode-enabled information disclosure attempt (more info ...) | misc-attack | 2010-0494 | URL | ||
| 16547 | WEB-ACTIVEX Java Web Start ActiveX launch command by CLSID (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 16548 | WEB-ACTIVEX Java Web Start ActiveX launch command by JavaScript CLSID (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 16549 | WEB-CLIENT Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - npruntime-scriptable-plugin (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 16550 | WEB-CLIENT Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - java-deployment-toolkit (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 16554 | WEB-CLIENT Adobe Acrobat JavaScript getIcon method buffer overflow attempt (more info ...) | attempted-user | 2009-0927 | 34169 | ||
| 16584 | WEB-CLIENT Java Web Start arbitrary command execution attempt - Internet Explorer (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 16585 | WEB-CLIENT Java Web Start arbitrary command execution attempt (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 16592 | SPECIFIC-THREATS Opera asynchronous document modifications attempted memory corruption (more info ...) | attempted-user | URL | |||
| 16602 | SPECIFIC-THREATS Microsoft DirectShow 3 ActiveX exploit via JavaScript (more info ...) | attempted-user | 2008-0015 | URL | ||
| 16605 | SPECIFIC-THREATS Internet Explorer nested SPAN tag memory corruption attempt (more info ...) | attempted-user | 2008-4844 | 32721 | ||
| 16635 | WEB-ACTIVEX Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (more info ...) | attempted-user | 2010-0811 | URL | ||
| 16637 | EXPLOIT Microsoft Internet Explorer security zone restriction bypass attempt (more info ...) | attempted-user | 2010-0255 | URL | ||
| 16658 | WEB-CLIENT Microsoft Internet Explorer 8 cross-site scripting attempt (more info ...) | attempted-user | 2010-1257 | URL | ||
| 16659 | EXPLOIT Microsoft Internet Explorer style sheet array memory corruption attempt (more info ...) | attempted-user | 2010-1262 | URL | ||
| 16666 | SPECIFIC-THREATS Apple Safari window.parent.close unspecified remote code execution vulnerability (more info ...) | attempted-user | 2010-1939 | 39990 | URL | |
| 16667 | SPECIFIC-THREATS Google Chrome GURL cross origin bypass attempt - 1 (more info ...) | attempted-user | 2010-1663 | 39813 | ||
| 16668 | SPECIFIC-THREATS Google Chrome GURL cross origin bypass attempt - 2 (more info ...) | attempted-user | 2010-1663 | 39813 | ||
| 16690 | SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | ||
| 16716 | WEB-CLIENT Sun Java Web Start Splashscreen PNG processing buffer overflow attempt (more info ...) | attempted-user | 2009-1097 | 34240 | ||
| 17058 | SPECIFIC-THREATS Trojan-Downloader.JS.Agent.ewh Javascript download attempt (more info ...) | trojan-activity | URL | |||
| 17109 | SPECIFIC-THREATS Sun Java Web Console logging functionality format string exploit attempt (more info ...) | attempted-admin | 2007-1681 | 23539 | ||
| 17132 | EXPLOIT Microsoft Internet Explorer invalid object access attempt (more info ...) | attempted-user | 2010-2560 | URL | ||
| 17136 | EXPLOIT Microsoft Internet Explorer 6 race condition exploit attempt (more info ...) | attempted-user | 2010-2558 | URL | ||
| 17140 | WEB-MISC OpenView Network Node Manager OvJavaLocale buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 17165 | WEB-CLIENT Opera browser document writing uninitialized memory access attempt (more info ...) | attempted-user | 2010-1728 | 39855 | ||
| 17166 | WEB-CLIENT Mozilla multiple products JavaScript string replace buffer overflow attempt (more info ...) | attempted-user | 2009-3075 | 36343 | ||
| 17212 | WEB-CLIENT Mozilla Firefox JavaScript eval arbitrary code execution attempt (more info ...) | attempted-user | 2005-1532 | URL | ||
| 17213 | WEB-CLIENT Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (more info ...) | attempted-user | 2005-2706 | URL | ||
| 17236 | WEB-CLIENT Mozilla Firefox nsPropertyTable PropertyList memory corruption attempt (more info ...) | attempted-user | 2009-3070 | URL | ||
| 17245 | WEB-CLIENT Mozilla Firefox image dragging exploit attempt (more info ...) | attempted-user | 2005-0230 | |||
| 17258 | WEB-CLIENT Mozilla Firefox XUL tree element code execution attempt (more info ...) | attempted-user | 2009-1044 | 34181 | ||
| 17260 | SPECIFIC-THREATS Mozilla Firefox Javascript contentWindow in an iframe exploit attempt (more info ...) | attempted-user | 2006-1993 | 17671 | ||
| 17261 | WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | ||
| 17262 | WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | ||
| 17263 | SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | ||
| 17265 | WEB-CLIENT Mozilla Firefox plugin access control bypass attempt (more info ...) | attempted-user | 2005-0527 | 12655 | ||
| 17268 | SPECIFIC-THREATS Mozilla Firefox sidebar panel arbitrary code execution attempt (more info ...) | attempted-user | 2005-0402 | 12884 | ||
| 17355 | WEB-CLIENT Microsoft Internet Explorer JPEG Decoder Vulnerabilities attempt (more info ...) | attempted-user | 2005-2308 | 14282 | ||
| 17360 | WEB-CLIENT Mozilla Firefox XBM image processing buffer overflow attempt (more info ...) | attempted-user | 2005-2701 | 14916 | ||
| 17378 | WEB-CLIENT Mozilla Firefox Animated PNG Processing integer overflow (more info ...) | attempted-user | 2008-4064 | |||
| 17379 | WEB-CLIENT Mozilla Firefox Animated PNG Processing integer overflow (more info ...) | attempted-user | 2008-4064 | |||
| 17389 | SPECIFIC-THREATS mozilla firefox DOMNodeRemoved attack attempt (more info ...) | attempted-user | 2006-2779 | 18228 | ||
| 17392 | SHELLCODE JavaScript var shellcode (more info ...) | shellcode-detect | ||||
| 17393 | SHELLCODE JavaScript var heapspray (more info ...) | shellcode-detect | ||||
| 17395 | SPECIFIC-THREATS Sun Java Web Start Splashscreen GIF decoding buffer overflow attempt (more info ...) | attempted-user | 2008-2086 | |||
| 17398 | WEB-CLIENT Mozilla Firefox Javascript array.splice memory corruption attempt (more info ...) | attempted-user | 2009-0773 | 33990 | ||
| 17399 | WEB-CLIENT Mozilla Firefox Javascript array.splice memory corruption attempt (more info ...) | attempted-user | 2009-0773 | 33990 | ||
| 17400 | WEB-CLIENT rename of JavaScript unescape function - likely malware obfuscation (more info ...) | attempted-user | ||||
| 17401 | SPECIFIC-THREATS Internet Explorer nested tag memory corruption attempt - unescaped (more info ...) | attempted-user | 2008-4844 | 32721 | URL | |
| 17402 | SPECIFIC-THREATS Internet Explorer nested tag memory corruption attempt (more info ...) | attempted-user | 2008-4844 | 32721 | URL | |
| 17411 | SPECIFIC-THREATS Microsoft Internet Explorer CDF cross-domain scripting attempt (more info ...) | attempted-user | 2005-0056 | 12427 | URL | |
| 17414 | SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt (more info ...) | attempted-user | 2005-0989 | 12998 | ||
| 17415 | SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt (more info ...) | attempted-user | 2005-0989 | 12998 | ||
| 17424 | SPECIFIC-THREATS Mozilla Firefox IconURL Arbitrary Javascript Execution attempt (more info ...) | attempted-user | 2005-1477 | 13544 | ||
| 17434 | WEB-CLIENT Mozilla Firefox Unicode sequence handling stack corruption attempt (more info ...) | attempted-user | 2005-2702 | 14918 | ||
| 17462 | WEB-CLIENT Microsoft Internet Explorer marquee object handling memory corruption attempt (more info ...) | attempted-user | 2009-0554 | URL | ||
| 17463 | SPECIFIC-THREATS Internet Explorer File Download Dialog Box Manipulation (more info ...) | attempted-user | 2005-2829 | 15823 | URL | |
| 17471 | SPECIFIC-THREATS Adobe Acrobat JavaScript getIcon method buffer overflow attempt (more info ...) | attempted-user | 2009-0927 | 34169 | ||
| 17472 | SPECIFIC-THREATS Adobe Acrobat JavaScript getIcon method buffer overflow attempt (more info ...) | attempted-user | 2009-0927 | 34169 | ||
| 17482 | WEB-CLIENT Mozilla NNTP URL Handling Buffer Overflow attempt (more info ...) | attempted-user | 2004-1316 | 12131 | ||
| 17487 | WEB-CLIENT Microsoft Internet Explorer Script Engine Stack Exhaustion Denial of Service attempt (more info ...) | attempted-dos | 2006-0753 | 16687 | ||
| 17519 | SPECIFIC-THREATS Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow (more info ...) | attempted-user | 2008-0016 | 31346 | ||
| 17522 | SPECIFIC-THREATS Sun Java Runtime Environment Pack200 Decompression Integer Overflow (more info ...) | attempted-user | 2008-4726 | 31879 | ||
| 17549 | SPECIFIC-THREATS Internet Explorer Error Handling Code Execution (more info ...) | attempted-admin | 2007-3892 | 25916 | ||
| 17554 | SPECIFIC-THREATS Microsoft Internet Explorer DOM object cache management memory corruption attempt (more info ...) | attempted-user | 2007-5344 | 26817 | ||
| 17557 | WEB-ACTIVEX Novell iPrint ActiveX operation parameter overflow (more info ...) | attempted-user | 2008-2908 | 30986 | URL | |
| 17562 | SPECIFIC-THREATS Sun Java Runtime Environment Pack200 Decompression Integer Overflow attempt (more info ...) | misc-attack | 2008-5352 | 32608 | ||
| 17563 | SPECIFIC-THREATS Sun Java Runtime Environment JAR File Processing Stack Buffer Overflow (more info ...) | attempted-user | 2008-5354 | 32608 | ||
| 17566 | SPECIFIC-THREATS Microsoft Internet Explorer 7 Event Handler Memory Corruption (more info ...) | attempted-user | 2009-1530 | 35224 | ||
| 17570 | SPECIFIC-THREATS Mozilla Firefox IFRAME style change handling code execution (more info ...) | attempted-user | 2008-1236 | 28448 | URL | |
| 17580 | SPECIFIC-THREATS Microsoft Internet Explorer span tag memory corruption attempt (more info ...) | attempted-user | 2006-1188 | 17468 | ||
| 17581 | SPECIFIC-THREATS Mozilla Firefox tag order memory corruption attempt (more info ...) | attempted-user | 2006-0749 | 17516 | ||
| 17585 | SPECIFIC-THREATS Internet Explorer possible javascript onunload event memory corruption (more info ...) | attempted-user | 2007-1094 | 22678 | ||
| 17586 | WEB-CLIENT Sun Java Web Start malicious parameter value (more info ...) | attempted-user | 2004-1029 | 11726 | ||
| 17588 | WEB-ACTIVEX Microsoft Internet Explorer Install Engine ActiveX clsid access (more info ...) | attempted-user | 2004-0216 | 11366 | URL | |
| 17589 | WEB-ACTIVEX Microsoft Internet Explorer Install Engine ActiveX clsid unicode access (more info ...) | attempted-user | 2004-0216 | 11366 | URL | |
| 17601 | WEB-CLIENT Mozilla Firefox file type memory corruption attempt (more info ...) | attempted-user | 2008-5016 | 32281 | URL | |
| 17603 | WEB-CLIENT Mozilla Firefox file type memory corruption attempt (more info ...) | attempted-user | 2008-5021 | 32281 | URL | |
| 17604 | SPECIFIC-THREATS Java AWT ConvolveOp memory corruption attempt (more info ...) | attempted-user | 21675 | URL | ||
| 17609 | WEB-MISC Sun Java Web Server Webdav Stack Buffer Overflow attempt (more info ...) | attempted-admin | 2010-0361 | 37874 | ||
| 17613 | WEB-MISC Mozilla Firefox browser engine memory corruption attempt (more info ...) | attempted-user | 2009-1392 | 35326 | ||
| 17622 | SPECIFIC-THREATS Microsoft Internet Explorer object reference memory corruption attempt (more info ...) | attempted-user | 2007-3902 | URL | ||
| 17623 | SPECIFIC-THREATS Sun Java Runtime Environment Type1 Font parsing integer overflow attempt (more info ...) | attempted-user | 2009-1099 | 34240 | ||
| 17624 | SPECIFIC-THREATS Sun Java Runtime Environment Type1 Font parsing integer overflow attempt (more info ...) | attempted-user | 2009-1099 | 34240 | ||
| 17628 | SPECIFIC-THREATS Sun Microsystems Java gif handling memory corruption attempt (more info ...) | attempted-user | 2007-0243 | 22085 | ||
| 17629 | WEB-CLIENT Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (more info ...) | attempted-user | 2005-2706 | 14920 | ||
| 17630 | WEB-CLIENT Mozilla multiple products CSSValue array memory corruption attempt (more info ...) | attempted-user | 2008-2785 | 29802 | ||
| 17631 | WEB-CLIENT Sun Java Web Start JNLP java-vm-args buffer overflow attempt (more info ...) | attempted-user | 2008-3111 | 30148 | ||
| 17642 | WEB-CLIENT Mozilla Firefox ConstructFrame with floating first-letter memory corruption attempt (more info ...) | attempted-user | 2009-2462 | 35765 | ||
| 17644 | SPECIFIC-THREATS Internet Explorer object clone deletion memory corruption attempt (more info ...) | attempted-user | 2009-0075 | URL | ||
| 17645 | WEB-CLIENT Microsoft Internet Explorer CSS strings parsing memory corruption attempt (more info ...) | attempted-user | 2007-0943 | URL | ||
| 17660 | SPECIFIC-THREATS Java Web Start arbitrary command execution attempt (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 17685 | EXPLOITS Internet Explorer invalid pointer memory corruption attempt (more info ...) | attempted-user | 2010-0806 | URL | ||
| 17686 | EXPLOITS Internet Explorer invalid pointer memory corruption attempt (more info ...) | attempted-user | 2010-0806 | URL | ||
| 17687 | EXPLOITS Internet Explorer invalid pointer memory corruption attempt (more info ...) | attempted-user | 2010-0806 | URL | ||
| 17688 | WEB-CLIENT Internet Explorer userdata behavior memory corruption attempt (more info ...) | attempted-user | 2010-0806 | URL | ||
| 17689 | WEB-CLIENT Internet Explorer userdata behavior memory corruption attempt (more info ...) | attempted-user | 2010-0806 | URL | ||
| 17692 | WEB-CLIENT Microsoft Internet Explorer ExecWB security zone bypass attempt (more info ...) | attempted-user | 2008-2259 | 30612 | URL | |
| 17703 | SPECIFIC-THREATS Internet Explorer popup title bar spoofing attempt (more info ...) | misc-activity | 2005-0500 | 12602 | ||
| 17709 | WEB-CLIENT Microsoft Internet Explorer EMBED element memory corruption attempt (more info ...) | attempted-user | 2009-0553 | 34424 | URL | |
| 17719 | SPECIFIC-THREATS Mozilla Firefox ClearTextRun exploit attempt (more info ...) | attempted-user | 2009-1313 | 34743 | ||
| 17720 | WEB-CLIENT Microsoft Internet Explorer static text range overflow attempt (more info ...) | attempted-user | 2008-2255 | URL | ||
| 17726 | SPECIFIC-THREATS Internet Explorer address bar spoofing attempt (more info ...) | misc-activity | 2006-1626 | 17404 | ||
| 17729 | SPECIFIC-THREATS Microsoft Internet Explorer EMBED element memory corruption attempt (more info ...) | attempted-user | 2009-0553 | 34424 | URL | |
| 17747 | EXPLOIT Microsoft Internet Explorer compressed HDMX font processing integer overflow attempt (more info ...) | attempted-admin | 2010-1883 | URL | ||
| 17771 | EXPLOIT Microsoft Internet Explorer cross-domain information disclosure attempt (more info ...) | attempted-user | 2010-3330 | URL | ||
| 17781 | SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | ||
| 17804 | WEB-CLIENT Mozilla Firefox html tag attributes memory corruption (more info ...) | attempted-user | 2010-3765 | |||
| 18062 | WEB-CLIENT Microsoft Internet Explorer CSS style memory corruption attempt (more info ...) | attempted-user | 2010-3962 | URL | ||
| 18077 | SPECIFIC-THREATS Mozilla products CSS rendering out-of-bounds array write attempt (more info ...) | attempted-user | 2006-1739 | URL | ||
| 18078 | SPECIFIC-THREATS Mozilla products CSS rendering out-of-bounds array write attempt (more info ...) | attempted-user | 2006-1739 | URL | ||
| 18102 | WEB-CLIENT Adobe Reader invalid PDF JavaScript extension call (more info ...) | attempted-admin | 2010-4091 | URL | ||
| 18167 | WEB-CLIENT Possible generic javascript heap spray attempt (more info ...) | attempted-user | 35660 | |||
| 18168 | WEB-CLIENT Possible generic javascript heap spray attempt (more info ...) | attempted-user | 35660 | |||
| 18174 | SPECIFIC-THREATS Microsoft Internet Explorer CSS memory corruption attempt (more info ...) | attempted-user | 2004-0842 | 10816 | ||
| 18175 | SPECIFIC-THREATS Microsoft Internet Explorer CSS memory corruption attempt (more info ...) | attempted-user | 2004-0842 | 10816 | ||
| 18186 | SPECIFIC-THREATS Mozilla products -moz-grid and -moz-grid-group display styles code execution attempt (more info ...) | attempted-user | 2006-1738 | 17516 | ||
| 18187 | SPECIFIC-THREATS Mozilla Firefox InstallTrigger.install memory corruption attempt (more info ...) | attempted-user | 2006-1790 | 17516 | ||
| 18196 | WEB-CLIENT Microsoft Internet Explorer CSS importer use-after-free attempt (more info ...) | attempted-user | 2010-3971 | URL | ||
| 18216 | WEB-CLIENT Microsoft Internet Explorer 6 #default#anim attempt (more info ...) | attempted-user | 2010-3343 | URL | ||
| 18217 | SPECIFIC-THREATS Microsoft Internet Explorer 8 select element execution attempt (more info ...) | attempted-user | 2010-3345 | URL | ||
| 18218 | SPECIFIC-THREATS Microsoft Internet Explorer html time manipulation attempt (more info ...) | attempted-user | 2010-3346 | URL | ||
| 18239 | WEB-CLIENT known malicious JavaScript decryption routine (more info ...) | attempted-user | ||||
| 18240 | WEB-CLIENT Microsoft Internet Explorer CSS importer use-after-free attempt (more info ...) | attempted-user | 2010-3971 | URL | ||
| 18244 | WEB-CLIENT Sun Java browswer plugin docbase overflow attempt (more info ...) | attempted-user | 2010-3552 | 44023 | URL | |
| 18245 | SPECIFIC-THREATS Sun Java browswer plugin docbase overflow attempt (more info ...) | attempted-user | 2010-3552 | 44023 | URL | |
| 18250 | SPECIFIC-THREATS Mozilla products EscapeAttributeValue integer overflow attempt (more info ...) | attempted-user | 2006-0297 | 16476 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1667 | WEB-MISC cross site scripting HTML Image tag set to javascript attempt (more info ...) | web-application-attack | 2002-0902 | 4858 | ||
| 1840 | WEB-CLIENT Javascript document.domain attempt (more info ...) | attempted-user | 2002-0815 | 5346 | ||
| 1841 | WEB-CLIENT Javascript URL host spoofing attempt (more info ...) | attempted-user | 5293 | |||
| 1874 | WEB-MISC Oracle Java Process Manager access (more info ...) | web-application-activity | 10851 | |||
| 3534 | WEB-CLIENT Mozilla GIF single packet heap overflow - NETSCAPE2.0 (more info ...) | attempted-user | 2005-0399 | 12881 | 17605 | |
| 3536 | WEB-CLIENT Mozilla GIF multipacket heap overflow - NETSCAPE2.0 (more info ...) | attempted-user | 2005-0399 | 12881 | 17605 | |
| 3679 | WEB-CLIENT Web-client IFRAME src javascript code execution (more info ...) | attempted-user | 2008-2939 | 30560 | 18243 | |
| 3689 | WEB-CLIENT Internet Explorer tRNS overflow attempt (more info ...) | attempted-user | 2005-1211 | 13941 | 18490 | URL |
| 4916 | WEB-CLIENT internet explorer javascript onload document.write obfuscation overflow attempt (more info ...) | attempted-user | 2005-1790 | 13799 | URL | |
| 6502 | WEB-CLIENT Mozilla GIF single packet heap overflow - ANIMEXTS1.0 (more info ...) | attempted-user | 2005-0399 | 12881 | 17605 | |
| 6503 | WEB-CLIENT Mozilla GIF multipacket heap overflow - ANIMEXTS1.0 (more info ...) | attempted-user | 2005-0399 | 12881 | 17605 | |
| 7071 | WEB-MISC encoded cross site scripting HTML Image tag set to javascript attempt (more info ...) | web-application-attack | 2002-0902 | 4858 | ||
| 11000 | ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt (more info ...) | attempted-user | 2007-2126 | 23532 | URL | |
| 11001 | ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt (more info ...) | attempted-user | 2007-2126 | 23532 | URL | |
| 11002 | ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (more info ...) | attempted-user | 2007-2126 | 23532 | URL | |
| 11003 | ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (more info ...) | attempted-user | 2007-2126 | 23532 | URL | |
| 11966 | WEB-CLIENT Microsoft Internet Explorer CSS tag memory corruption attempt (more info ...) | attempted-user | 2007-1750 | 24423 | URL | |
| 12014 | WEB-MISC Internet Explorer navcancl.htm url spoofing attempt (more info ...) | misc-attack | 2007-1499 | 22966 | URL | |
| 12593 | EXPLOIT Firefox Quicktime chrome exploit (more info ...) | attempted-user | 2007-5045 | |||
| 13840 | EXPLOIT Borland Interbase service attach operation buffer overflow (more info ...) | attempted-admin | 2007-5243 | |||
| 13841 | EXPLOIT Borland Interbase create operation buffer overflow (more info ...) | attempted-admin | 2007-5243 | |||
| 13842 | EXPLOIT Borland Interbase operation buffer overflow (more info ...) | attempted-admin | 2007-5243 | |||
| 13974 | WEB-CLIENT Internet Explorer XHTML element memory corruption attempt (more info ...) | attempted-user | 2008-2257 | URL | ||
| 14037 | WEB-ACTIVEX Novell iPrint ActiveX operation or printer-url parameter overflow attempt (more info ...) | attempted-user | 2008-2908 | 29736 | ||
| 15531 | WEB-CLIENT Microsoft Internet Explorer Unexpected method call remote code execution attempt (more info ...) | attempted-user | 2009-1141 | URL | ||
| 15538 | WEB-CLIENT Microsoft Internet Explorer onreadystatechange memory corruption attempt (more info ...) | misc-attack | 2009-1531 | URL | ||
| 15933 | WEB-CLIENT Internet Explorer URL canonicalization address bar spoofing attempt (more info ...) | misc-activity | 2003-1025 | URL | ||
| 16010 | SPECIFIC-THREATS Microsoft Internet Explorer Javascript Page update race condition attempt (more info ...) | misc-activity | 2007-3091 | 24283 | ||
| 16011 | SPECIFIC-THREATS Microsoft Internet Explorer CSS property method handling memory corruption attempt (more info ...) | attempted-user | 2007-0945 | 23769 | ||
| 16155 | WEB-CLIENT Internet Explorer indexing service malformed parameters (more info ...) | attempted-user | 2009-2507 | URL | ||
| 16292 | SPECIFIC-THREATS Mozilla CSS value counter overflow attempt (more info ...) | attempted-user | 2008-2785 | 29802 | URL | |
| 16330 | WEB-CLIENT Microsoft Internet Explorer orphan DOM objects memory corruption attempt (more info ...) | attempted-user | 2009-3674 | URL | ||
| 16378 | WEB-CLIENT Internet Explorer deleted object cells reference memory corruption vulnerability (more info ...) | attempted-user | 2010-0248 | |||
| 16481 | WEB-CLIENT Opera Content-Length header integer overflow attempt (more info ...) | attempted-user | 38519 | URL | ||
| 16507 | WEB-CLIENT Internet Explorer onreadystatechange memory corruption attempt (more info ...) | attempted-user | 2010-0491 | URL | ||
| 16596 | WEB-CLIENT Apple Safari information disclosure and remote code execution attempt (more info ...) | attempted-user | 2010-1939 | URL | ||
| 16631 | SPECIFIC-THREATS Safari image use after remove attempt (more info ...) | attempted-user | 2010-0054 | 38691 | URL | |
| 16632 | SPECIFIC-THREATS Safari image use after reparent attempt (more info ...) | attempted-user | 2010-0054 | 38691 | URL | |
| 17115 | WEB-CLIENT Microsoft Internet Explorer cross domain information disclosure attempt (more info ...) | attempted-user | 2010-1258 | URL | ||
| 17129 | WEB-CLIENT Internet Explorer use-after-free memory corruption attempt (more info ...) | attempted-dos | 2010-2556 | URL | ||
| 17153 | WEB-CLIENT Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 1 (more info ...) | attempted-user | 2010-2755 | 41933 | ||
| 17154 | WEB-CLIENT Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 2 (more info ...) | attempted-user | 2010-2755 | 41933 | ||
| 17216 | WEB-CLIENT Apple Safari TABLE tag with large CELLSPACING attribute exploit attempt (more info ...) | attempted-user | 2006-1986 | 17634 | ||
| 17217 | WEB-CLIENT Apple Safari invalid FRAME tag remote code execution attempt (more info ...) | attempted-user | 2006-1987 | 17634 | ||
| 17218 | WEB-CLIENT Apple Safari LI tag with large VALUE attribute exploit attempt (more info ...) | attempted-user | 2006-1988 | 17634 | ||
| 17303 | WEB-CLIENT Microsoft Internet Explorer clone object memory corruption attempt (more info ...) | attempted-user | 2007-3903 | 26816 | ||
| 17311 | SPECIFIC-THREATS Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt (more info ...) | attempted-user | 2005-4089 | 15660 | ||
| 17312 | SPECIFIC-THREATS Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt (more info ...) | attempted-user | 2005-4089 | 15660 | ||
| 17384 | WEB-CLIENT Microsoft Internet Explorer setRequestHeader overflow attempt (more info ...) | attempted-user | 2008-1544 | 28379 | ||
| 17385 | WEB-CLIENT Microsoft Internet Explorer setRequestHeader overflow attempt (more info ...) | attempted-user | 2008-1544 | 28379 | ||
| 17448 | SPECIFIC-THREATS Microsoft Internet Explorer HTTPS proxy information disclosure vulnerability (more info ...) | misc-attack | 2005-2830 | URL | ||
| 17494 | WEB-CLIENT Microsoft Internet Explorer Long URL Buffer Overflow attempt (more info ...) | attempted-user | 2006-3869 | 19667 | ||
| 17512 | WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt (more info ...) | attempted-user | 2006-1245 | 17131 | ||
| 17513 | WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt (more info ...) | attempted-user | 2006-1245 | 17131 | ||
| 17514 | WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt (more info ...) | attempted-user | 2006-1245 | 17131 | ||
| 17515 | WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt (more info ...) | attempted-user | 2006-1245 | 17131 | ||
| 17516 | WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt (more info ...) | attempted-user | 2006-1245 | 17131 | ||
| 17725 | WEB-CLIENT Opera file URI handling buffer overflow (more info ...) | attempted-user | 2008-5178 | 32323 | ||
| 17776 | WEB-CLIENT Sun Java HsbParser.getSoundBank stack buffer overflow attempt (more info ...) | attempted-user | 2009-3867 | 36881 | ||
| 18132 | SPECIFIC-THREATS malware-associated JavaScript obfuscation function (more info ...) | trojan-activity | URL | |||
| 18170 | SPECIFIC-THREATS Mozilla Firefox and SeaMonkey onUnload event handler memory corruption attempt (more info ...) | attempted-user | 2007-1092 | 22679 | ||
| 18176 | SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (more info ...) | attempted-user | 2006-3113 | 19197 | ||
| 18177 | SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (more info ...) | attempted-user | 2006-3113 | 19197 | ||
| 18178 | SPECIFIC-THREATS Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (more info ...) | attempted-user | 2006-3113 | 19197 | ||
| 18193 | SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt (more info ...) | attempted-user | 2006-3280 | 18682 | ||
| 18194 | SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt (more info ...) | attempted-user | 2006-3280 | 18682 | ||
| 18221 | WEB-CLIENT Internet Explorer malformed table remote code execution attempt (more info ...) | attempted-user | 2010-3962 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 4150 | WEB-ACTIVEX Outlook View OVCtl ActiveX function call access (more info ...) | attempted-user | 2001-0538 | 3026 | URL | |
| 4900 | WEB-ACTIVEX Outlook Progress Ctl ActiveX Object Access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 7005 | WEB-ACTIVEX OutlookExpress.AddressBook ActiveX function call access (more info ...) | attempted-user | ||||
| 8371 | WEB-ACTIVEX Outlook.Application ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 8372 | WEB-ACTIVEX Outlook.Application ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 8422 | WEB-ACTIVEX Outlook View OVCtl ActiveX clsid access (more info ...) | attempted-user | 2001-0538 | 3026 | URL | |
| 8721 | WEB-ACTIVEX Outlook Data Object ActiveX CLSID access (more info ...) | attempted-user | URL | |||
| 8722 | WEB-ACTIVEX Outlook Data Object ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 9668 | WEB-ACTIVEX Outlook Recipient Control ActiveX clsid access (more info ...) | attempted-user | 21649 | |||
| 9669 | WEB-ACTIVEX Outlook Recipient Control ActiveX clsid unicode access (more info ...) | attempted-user | 21649 | |||
| 9670 | WEB-ACTIVEX Outlook Recipient Control ActiveX function call access (more info ...) | attempted-user | 21649 | |||
| 9819 | WEB-ACTIVEX Outlook View OVCtl ActiveX clsid unicode access (more info ...) | attempted-user | 2001-0538 | 3026 | URL | |
| 9847 | WEB-CLIENT Outlook Saved Search download attempt (more info ...) | attempted-user | 2007-0034 | URL | ||
| 11236 | WEB-ACTIVEX OutlookExpress.AddressBook ActiveX clsid access (more info ...) | attempted-user | ||||
| 11237 | WEB-ACTIVEX OutlookExpress.AddressBook ActiveX clsid unicode access (more info ...) | attempted-user | ||||
| 11238 | WEB-ACTIVEX OutlookExpress.AddressBook ActiveX function call unicode access (more info ...) | attempted-user | ||||
| 17296 | WEB-MISC Outlook Web Access XSRF attempt (more info ...) | attempted-user | 2010-3213 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 13573 | WEB-CLIENT Microsoft Outlook arbitrary command line attempt (more info ...) | misc-attack | 2008-0110 | URL | ||
| 15947 | SPECIFIC-THREATS Microsoft Outlook Web Access Cross-Site Scripting attempt (more info ...) | attempted-user | 2005-0563 | 13952 | ||
| 16428 | EXPLOIT Microsoft Outlook Express and Windows Mail NNTP handling buffer overflow attempt (more info ...) | attempted-user | 2007-3897 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3471 | WEB-CLIENT iTunes playlist URL overflow attempt (more info ...) | attempted-user | 2005-0043 | 12238 | ||
| 3473 | WEB-CLIENT RealPlayer SMIL file overflow attempt (more info ...) | attempted-user | 2005-0455 | 12698 | ||
| 4152 | WEB-ACTIVEX Windows Media Player 6.4 ActiveX Object Access (more info ...) | attempted-user | 1999-1110 | 793 | ||
| 4158 | WEB-ACTIVEX Windows Media Player Active Movie ActiveX Object Access (more info ...) | attempted-user | 2000-0400 | 1221 | ||
| 4678 | WEB-CLIENT quicktime movie file transfer (more info ...) | protocol-command-decode | ||||
| 4679 | WEB-CLIENT quicktime movie file component name integer overflow multipacket attempt (more info ...) | attempted-user | 2005-2754 | 15308 | URL | |
| 5710 | WEB-CLIENT Windows Media Player Plugin for Non-IE browsers buffer overflow attempt (more info ...) | attempted-user | 2006-0005 | 16644 | URL | |
| 5711 | WEB-CLIENT Windows Media Player zero length bitmap heap overflow attempt (more info ...) | attempted-admin | 2006-0006 | 16633 | URL | |
| 5712 | WEB-CLIENT Windows Media Player invalid data offset bitmap heap overflow attempt (more info ...) | attempted-admin | 2006-0006 | 16633 | URL | |
| 6368 | SPYWARE-PUT Adware flashtrack media/spoton runtime detection - update request (more info ...) | misc-activity | URL | |||
| 6371 | SPYWARE-PUT Adware flashtrack media/spoton runtime detection - pop up ads (more info ...) | misc-activity | URL | |||
| 6505 | WEB-CLIENT quicktime fpx file SectNumMiniFAT overflow attempt (more info ...) | attempted-user | 2006-1249 | 17074 | ||
| 6506 | WEB-CLIENT quicktime udta atom overflow attempt (more info ...) | attempted-user | 2006-1460 | 17953 | ||
| 6680 | WEB-ACTIVEX Windows Media Transform Effects ActiveX CLSID unicode access (more info ...) | attempted-user | URL | |||
| 6681 | WEB-ACTIVEX Windows Media Transform Effects ActiveX CLSID access (more info ...) | attempted-user | 2006-1303 | URL | ||
| 7142 | SPYWARE-PUT Adware ares flash downloader 2.04 runtime detection (more info ...) | misc-activity | URL | |||
| 7581 | SPYWARE-PUT Hijacker flashbar runtime detection - user-agent (more info ...) | misc-activity | URL | |||
| 7888 | WEB-ACTIVEX AOLFlash.AOLFlash ActiveX CLSID access (more info ...) | attempted-user | ||||
| 7889 | WEB-ACTIVEX AOLFlash.AOLFlash ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 7978 | WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash ActiveX clsid access (more info ...) | attempted-user | 2007-6244 | URL | ||
| 7979 | WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash ActiveX clsid unicode access (more info ...) | attempted-user | 2007-6244 | URL | ||
| 7980 | WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash.9 ActiveX function call access (more info ...) | attempted-user | URL | |||
| 8091 | WEB-CLIENT RealNetworks RealPlayer error message format string vulnerability attempt (more info ...) | attempted-user | 2005-2710 | 14945 | ||
| 8376 | WEB-ACTIVEX QuickTime Object ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8377 | WEB-ACTIVEX RealPlayer Download Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8378 | WEB-ACTIVEX RealPlayer Download Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8381 | WEB-ACTIVEX RealPlayer SMIL Download Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8382 | WEB-ACTIVEX RealPlayer SMIL Download Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8383 | WEB-ACTIVEX RealPlayer RAM Download Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8384 | WEB-ACTIVEX RealPlayer RAM Download Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8385 | WEB-ACTIVEX RealPlayer Playback Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8386 | WEB-ACTIVEX RealPlayer Playback Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8387 | WEB-ACTIVEX RealPlayer RNX Download Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8388 | WEB-ACTIVEX RealPlayer RNX Download Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8389 | WEB-ACTIVEX RealPlayer RMP Download Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8390 | WEB-ACTIVEX RealPlayer RMP Download Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8401 | WEB-ACTIVEX Windows Media Services DRM Storage ActiveX CLSID access (more info ...) | attempted-user | ||||
| 8402 | WEB-ACTIVEX Windows Media Services DRM Storage ActiveX CLSID unicode access (more info ...) | attempted-user | ||||
| 8409 | WEB-ACTIVEX RealPlayer Stream Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8410 | WEB-ACTIVEX RealPlayer Stream Handler ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 9429 | WEB-CLIENT Quicktime Movie link scripting security bypass attempt (more info ...) | attempted-user | 2006-4965 | 20138 | ||
| 9430 | WEB-CLIENT Quicktime Movie link file URI security bypass attempt (more info ...) | attempted-user | 2006-4965 | 20138 | ||
| 9625 | WEB-CLIENT Windows Media Player ASX file ref href buffer overflow attempt (more info ...) | attempted-user | 2006-6134 | 21247 | URL | |
| 9637 | WEB-CLIENT Adobe Download Manger dm.ini stack overflow attempt (more info ...) | attempted-user | 2006-5856 | 21453 | ||
| 9641 | WEB-CLIENT Windows Media Player ASF simple index object parsing buffer overflow attempt (more info ...) | attempted-user | 2006-4702 | URL | ||
| 9642 | WEB-CLIENT Windows Media Player ASF codec list object parsing buffer overflow attempt (more info ...) | attempted-user | 2006-4702 | URL | ||
| 9643 | WEB-CLIENT Windows Media Player ASF marker object parsing buffer overflow attempt (more info ...) | attempted-user | 2006-4702 | URL | ||
| 9671 | WEB-ACTIVEX RealPlayer AutoStream.AutoStream.1 ActiveX clsid access (more info ...) | attempted-user | 2006-6847 | 21802 | ||
| 9672 | WEB-ACTIVEX RealPlayer AutoStream.AutoStream.1 ActiveX clsid unicode access (more info ...) | attempted-user | 2006-6847 | 21802 | ||
| 9673 | WEB-ACTIVEX RealPlayer AutoStream.AutoStream.1 ActiveX function call access (more info ...) | attempted-user | 2006-6847 | 21802 | ||
| 9801 | WEB-CLIENT Windows Media Player or Explorer Malformed RIFF File denial of service attempt (more info ...) | attempted-dos | 2006-6601 | 21612 | URL | |
| 9823 | WEB-CLIENT QuickTime RTSP URI overflow attempt (more info ...) | attempted-user | 2007-0015 | 21829 | URL | |
| 9840 | WEB-CLIENT QuickTime HREF Track Detected (more info ...) | misc-activity | 2007-0059 | URL | ||
| 10192 | WEB-ACTIVEX RealPlayer Ierpplug.dll ActiveX clsid access (more info ...) | attempted-user | 2008-3066 | 26586 | ||
| 10193 | WEB-ACTIVEX RealPlayer Ierpplug.dll ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3066 | 26586 | ||
| 10194 | WEB-ACTIVEX RealPlayer Ierpplug.dll ActiveX function call access (more info ...) | attempted-user | 2008-3066 | 26586 | ||
| 11180 | WEB-CLIENT quicktime movie ftyp buffer underflow (more info ...) | attempted-user | 2007-2296 | 23652 | ||
| 11267 | WEB-CLIENT Adobe Photoshop PNG file handling stack buffer overflow attempt (more info ...) | attempted-user | 2007-2365 | 23698 | ||
| 12183 | EXPLOIT Adobe FLV long string script data buffer overflow (more info ...) | attempted-admin | 2007-3456 | 24856 | ||
| 12219 | WEB-CLIENT SMIL RealPlayer wallclock parsing buffer overflow (more info ...) | attempted-user | 2007-3410 | 24658 | URL | |
| 12742 | EXPLOIT Apple Quicktime UDP RTSP sdp type buffer overflow attempt (more info ...) | attempted-user | 2007-6166 | 26549 | ||
| 12746 | EXPLOIT Apple QuickTime STSD atom overflow attempt (more info ...) | attempted-user | 2007-3750 | 26341 | ||
| 12757 | WEB-CLIENT Apple Quicktime uncompressed PICT stack overflow attempt (more info ...) | attempted-user | 2007-4672 | 26344 | ||
| 12766 | WEB-ACTIVEX RealPlayer RMOC3260.DLL ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 12767 | WEB-ACTIVEX RealPlayer RMOC3260.DLL ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 12768 | WEB-ACTIVEX RealPlayer RMOC3260.DLL ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 12769 | WEB-ACTIVEX RealPlayer RMOC3260.DLL ActiveX function call unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 12775 | SPECIFIC-THREATS obfuscated RealPlayer Ierpplug.dll ActiveX exploit attempt (more info ...) | attempted-user | 2007-5601 | 26586 | ||
| 13216 | WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash ActiveX function call access (more info ...) | attempted-user | 2007-6244 | URL | ||
| 13217 | WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash ActiveX function call unicode access (more info ...) | attempted-user | 2007-6244 | URL | ||
| 13218 | WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash.9 ActiveX function call unicode access (more info ...) | attempted-user | URL | |||
| 13293 | WEB-CLIENT QuickTime panorama atoms buffer overflow attempt (more info ...) | attempted-user | 2007-4675 | 26342 | URL | |
| 13300 | WEB-CLIENT Adobe Flash Player embedded JPG image height overflow attempt (more info ...) | attempted-admin | 2007-6242 | 26951 | ||
| 13301 | WEB-CLIENT Adobe Flash Player embedded JPG image width overflow attempt (more info ...) | attempted-admin | 2007-6242 | 26951 | ||
| 13477 | SPECIFIC-THREATS Adobe PDF collab.collectEmailInfo exploit attempt - compressed (more info ...) | attempted-user | 2008-0655 | 27641 | ||
| 13478 | SPECIFIC-THREATS Adobe PDF collab.collectEmailInfo exploit attempt (more info ...) | attempted-user | 2008-0655 | 27641 | ||
| 13515 | WEB-CLIENT Quicktime user agent (more info ...) | misc-activity | ||||
| 13516 | WEB-CLIENT Quicktime HTTP error response buffer overflow (more info ...) | attempted-user | 2008-0234 | 27225 | ||
| 13520 | EXPLOIT Winamp Ultravox streaming malicious metadata (more info ...) | attempted-user | 2008-0065 | |||
| 13521 | EXPLOIT Winamp Ultravox streaming malicious metadata (more info ...) | attempted-user | 2008-0065 | |||
| 13603 | WEB-ACTIVEX RealPlayer Download Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 13604 | WEB-ACTIVEX RealPlayer Download Handler ActiveX function call unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 13605 | WEB-ACTIVEX RealPlayer RAM Download Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 13606 | WEB-ACTIVEX RealPlayer RAM Download Handler ActiveX function call unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 13607 | WEB-ACTIVEX RealPlayer RMOC3260.DLL Vulnerble Property ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | ||
| 13608 | WEB-ACTIVEX RealPlayer RMOC3260.DLL Vulnerble Property ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | ||
| 13609 | WEB-ACTIVEX RealPlayer RMOC3260.DLL Vulnerble Property ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | ||
| 13610 | WEB-ACTIVEX RealPlayer RMOC3260.DLL Vulnerble Property ActiveX function call unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | ||
| 13820 | WEB-CLIENT Adobe Flash player SWF scene and label data memory corruption attempt (more info ...) | attempted-user | 2007-0071 | 29386 | URL | |
| 13821 | WEB-CLIENT Adobe Flash player SWF scene and label data memory corruption attempt (more info ...) | attempted-user | 2007-0071 | 29386 | URL | |
| 13822 | WEB-CLIENT Adobe Flash player SWF scene and label data memory corruption attempt (more info ...) | attempted-user | 2007-0071 | 29386 | URL | |
| 13897 | EXPLOIT Apple Quicktime crgn atom parsing buffer overflow attempt (more info ...) | attempted-user | 2008-1017 | 28583 | ||
| 13917 | WEB-CLIENT Apple QuickTime MOV file string handling integer overflow attempt (more info ...) | attempted-user | 2005-2753 | 15306 | ||
| 13918 | WEB-CLIENT Apple QuickTime MOV file string handling integer overflow attempt (more info ...) | attempted-user | 2005-2753 | 15306 | ||
| 13920 | WEB-CLIENT Apple Quicktime Obji Atom parsing stack buffer overflow attempt (more info ...) | attempted-user | 2008-1022 | 28583 | ||
| 14042 | WEB-ACTIVEX RealPlayer General Property Page ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14043 | WEB-ACTIVEX RealPlayer General Property Page ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14044 | WEB-ACTIVEX RealPlayer Playback Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14045 | WEB-ACTIVEX RealPlayer Playback Handler ActiveX function call unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14046 | WEB-ACTIVEX RealPlayer RMP Download Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14047 | WEB-ACTIVEX RealPlayer RMP Download Handler ActiveX function call unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14048 | WEB-ACTIVEX RealPlayer RNX Download Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14049 | WEB-ACTIVEX RealPlayer RNX Download Handler ActiveX function call unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14050 | WEB-ACTIVEX RealPlayer SMIL Download Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14051 | WEB-ACTIVEX RealPlayer SMIL Download Handler ActiveX function call unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14052 | WEB-ACTIVEX RealPlayer Stream Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14053 | WEB-ACTIVEX RealPlayer Stream Handler ActiveX function call unicode access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14235 | WEB-ACTIVEX Microsoft Windows Media Services ActiveX clsid access (more info ...) | attempted-user | 30814 | |||
| 14236 | WEB-ACTIVEX Microsoft Windows Media Services ActiveX clsid unicode access (more info ...) | attempted-user | 30814 | |||
| 14237 | WEB-ACTIVEX Microsoft Windows Media Services ActiveX function call access (more info ...) | attempted-user | 30814 | |||
| 14238 | WEB-ACTIVEX Microsoft Windows Media Services ActiveX function call unicode access (more info ...) | attempted-user | 30814 | |||
| 14255 | WEB-ACTIVEX Windows Media Encoder 9 ActiveX clsid access (more info ...) | attempted-user | 2008-3008 | URL | ||
| 14257 | WEB-ACTIVEX Windows Media Encoder 9 ActiveX function call access (more info ...) | attempted-user | 2008-3008 | URL | ||
| 15007 | WEB-ACTIVEX NOS Microsystems / Adobe getPlus Download Manager ActiveX clsid access (more info ...) | attempted-user | 2008-4817 | 32105 | ||
| 15008 | WEB-ACTIVEX NOS Microsystems / Adobe getPlus Download Manager ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4817 | 32105 | ||
| 15013 | WEB-MISC Adobe Portable Document Format file download attempt (more info ...) | misc-activity | ||||
| 15014 | WEB-CLIENT Adobe Reader and Acrobat util.printf buffer overflow attempt (more info ...) | attempted-user | 2008-2992 | |||
| 15357 | WEB-CLIENT Adobe PDF JBIG2 remote code execution attempt (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 15384 | WEB-CLIENT Apple QuickTime pict image poly structure memory corruption attempt (more info ...) | attempted-user | 2009-0010 | 34938 | ||
| 15433 | WEB-CLIENT Winamp MAKI parsing integer overflow attempt (more info ...) | attempted-user | 2009-1831 | 35052 | ||
| 15472 | WEB-CLIENT Nullsoft Winamp pls file player name handling buffer overflow attempt (more info ...) | attempted-user | 2006-0476 | 16410 | ||
| 15478 | SPECIFIC-THREATS Adobe Flash Player invalid object reference code execution attempt (more info ...) | attempted-user | 2009-0520 | 33880 | ||
| 15483 | WEB-MISC Adobe Shockwave Flash file request (more info ...) | misc-activity | ||||
| 15492 | SPECIFIC-THREATS Adobe PDF spell.customDictionaryOpen exploit attempt (more info ...) | attempted-user | 2009-1493 | 34740 | ||
| 15493 | SPECIFIC-THREATS Adobe PDF getAnnots exploit attempt (more info ...) | attempted-user | 2009-1492 | 34736 | ||
| 15517 | WEB-CLIENT AVI DirectShow quicktime parsing overflow attempt (more info ...) | attempted-user | 2009-1537 | 35139 | URL | |
| 15559 | WEB-CLIENT Apple QuickTime Movie File Clipping Region handling heap buffer overflow attempt (more info ...) | attempted-user | 2009-0954 | 35167 | URL | |
| 15562 | WEB-CLIENT Adobe Reader JPX malformed code-block width attempt (more info ...) | attempted-user | 2009-1859 | |||
| 15680 | EXPLOIT Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt (more info ...) | attempted-user | 2009-1539 | URL | ||
| 15682 | WEB-CLIENT Microsoft DirectShow QuickTime file stsc atom parsing heap corruption attempt (more info ...) | attempted-user | 2009-1538 | URL | ||
| 15703 | WEB-CLIENT Apple iTunes ITMS protocol handler stack buffer overflow attempt (more info ...) | attempted-user | 2009-0950 | 35157 | ||
| 15704 | WEB-CLIENT Apple iTunes ITMSS protocol handler stack buffer overflow attempt (more info ...) | attempted-user | 2009-0950 | 35157 | ||
| 15705 | WEB-CLIENT Apple iTunes PCAST protocol handler stack buffer overflow attempt (more info ...) | attempted-user | 2009-0950 | 35157 | ||
| 15706 | WEB-CLIENT Apple iTunes DAAP protocol handler stack buffer overflow attempt (more info ...) | attempted-user | 2009-0950 | 35157 | ||
| 15707 | WEB-CLIENT Apple iTunes ITPC protocol handler stack buffer overflow attempt (more info ...) | attempted-user | 2009-0950 | 35157 | ||
| 15709 | WEB-CLIENT Adobe Acrobat and Adobe Reader FlateDecode integer overflow attempt (more info ...) | attempted-user | 2009-3459 | 36600 | ||
| 15728 | EXPLOIT Possible Adobe PDF ActionScript byte_array heap spray attempt (more info ...) | attempted-user | 2009-1862 | 35759 | URL | |
| 15729 | EXPLOIT Possible Adobe Flash ActionScript byte_array heap spray attempt (more info ...) | attempted-user | 2009-1862 | 35759 | URL | |
| 15867 | WEB-CLIENT Adobe Acrobat PDF font processing memory corruption attempt (more info ...) | attempted-user | 2008-4813 | 32100 | URL | |
| 15869 | WEB-CLIENT Adobe Flash Player ASnative command execution attempet (more info ...) | attempted-user | 2008-5499 | 32896 | ||
| 15909 | WEB-CLIENT Apple QuickTime VR Track Header Atom heap corruption attempt (more info ...) | attempted-user | 2009-0002 | 33384 | URL | |
| 15940 | SPECIFIC-THREATS RealNetworks RealPlayer Multiple Products RA file processing overflow attempt (more info ...) | attempted-user | 2007-2264 | 26214 | ||
| 15993 | SPECIFIC-THREATS Adobe Flash Player ActionScript intrf_count integer overflow attempt (more info ...) | attempted-user | 2009-1869 | 35907 | ||
| 16027 | WEB-CLIENT winamp midi file header overflow attempt (more info ...) | attempted-user | 2006-3228 | 18507 | ||
| 16041 | SPECIFIC-THREATS Apple QuickTime FLIC animation file buffer overflow attempt (more info ...) | attempted-user | 2006-4384 | 19976 | ||
| 16046 | SPECIFIC-THREATS RealNetworks RealPlayer RealMedia file format processing heap corruption attempt (more info ...) | attempted-user | 2007-5081 | 26214 | ||
| 16054 | WEB-CLIENT Quicktime bitmap multiple header overflow (more info ...) | attempted-user | 2006-2238 | 17953 | ||
| 16055 | WEB-CLIENT Apple iTunes AAC file handling integer overflow attempt (more info ...) | attempted-user | 2006-1467 | 18730 | ||
| 16091 | SPECIFIC-THREATS Macromedia Flash Media Server administration service denial of service attempt (more info ...) | attempted-dos | 2005-4216 | 15822 | ||
| 16148 | SPECIFIC-THREATS Apple QuickTime and iTunes heap memory corruption attempt (more info ...) | attempted-user | 2005-4092 | 15732 | ||
| 16156 | WEB-CLIENT Windows Media Player 6.4 marker object memory corruption (more info ...) | attempted-user | 2009-2527 | URL | ||
| 16172 | EXPLOIT Adobe Acrobat Reader U3D line set heap corruption attempt (more info ...) | attempted-user | 2009-2997 | |||
| 16173 | EXPLOIT Adobe Acrobat Reader U3D progressive mesh continuation pointer overwrite attempt (more info ...) | attempted-user | 2009-2998 | |||
| 16174 | EXPLOIT Adobe Acrobat Reader U3D progressive mesh continuation off by one index attempt (more info ...) | attempted-user | 2009-3458 | |||
| 16175 | EXPLOIT Adobe collab.removeStateModel denial of service attempt (more info ...) | attempted-user | 2009-2988 | |||
| 16176 | EXPLOIT Adobe collab.addStateModel remote corruption attempt (more info ...) | attempted-user | 2009-2996 | |||
| 16219 | WEB-CLIENT Adobe Director file format transfer (more info ...) | misc-activity | ||||
| 16220 | WEB-CLIENT Adobe Shockwave director file malformed lcsr block memory corruption attempt (more info ...) | attempted-user | 2009-3466 | URL | ||
| 16223 | WEB-CLIENT Adobe Shockwave tSAC pointer overwrite attempt (more info ...) | attempted-user | 2009-3464 | URL | ||
| 16225 | EXPLOIT Adobe Shockwave arbitrary memory access attempt (more info ...) | attempted-user | 2009-3465 | URL | ||
| 16293 | WEB-CLIENT Adobe Shockwave Flash memory corruption attempt (more info ...) | attempted-user | 2009-3463 | |||
| 16316 | WEB-CLIENT Adobe Flash Player malformed getPropertyLate actioncode attempt (more info ...) | attempted-user | 2009-3797 | |||
| 16320 | WEB-CLIENT Adobe PNG empty sPLT exploit attempt (more info ...) | attempted-user | 2009-2984 | |||
| 16321 | WEB-CLIENT Adobe tiff oversized image length attempt (more info ...) | attempted-user | 2009-2995 | |||
| 16322 | WEB-CLIENT Adobe Reader oversized object width attempt (more info ...) | attempted-user | 2009-2980 | |||
| 16323 | EXPLOIT Adobe JPEG2k uninitialized QCC memory corruption attempt (more info ...) | attempted-user | 2009-2995 | |||
| 16324 | WEB-CLIENT Adobe doc.export arbitrary file write attempt (more info ...) | attempted-user | 2009-2993 | |||
| 16325 | EXPLOIT Adobe JPEG2k uninitialized QCC memory corruption attempt (more info ...) | attempted-user | 2009-2995 | |||
| 16333 | WEB-CLIENT Adobe Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 16334 | SPECIFIC-THREATS Adobe Reader compressed media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | |||
| 16337 | EXPLOIT Adobe Flash directory traversal attempt (more info ...) | attempted-admin | 2009-3792 | 37420 | URL | |
| 16359 | WEB-CLIENT Adobe Illustrator DSC comment overflow attempt (more info ...) | attempted-user | 2009-4195 | 37192 | ||
| 16360 | WEB-CLIENT Apple QuickTime Image Description Atom sign extension memory corruption attempt (more info ...) | attempted-user | 2009-0955 | 35166 | URL | |
| 16370 | WEB-CLIENT Adobe Reader JP2C Region Atom CompNum memory corruption attempt (more info ...) | attempted-user | 2009-3955 | |||
| 16371 | WEB-ACTIVEX NOS Microsystems Adobe atl_getcom ActiveX clsid access (more info ...) | attempted-user | 2009-3958 | 37759 | URL | |
| 16373 | WEB-CLIENT Adobe Acrobat Reader U3D CLODMeshContinuation code execution attempt (more info ...) | attempted-user | 2009-2990 | 36665 | URL | |
| 16490 | SPECIFIC-THREATS Adobe Reader malformed TIFF remote code execution attempt (more info ...) | attempted-user | 2010-0188 | URL | ||
| 16537 | EXPLOIT Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (more info ...) | attempted-user | 2010-0268 | URL | ||
| 16541 | EXPLOIT Microsoft Windows Media Service stack overflow attempt (more info ...) | attempted-admin | 2010-0478 | URL | ||
| 16543 | WEB-CLIENT Microsoft Windows Media Player codec code execution attempt (more info ...) | attempted-user | 2010-0480 | URL | ||
| 16546 | EXPLOIT Adobe Reader/Acrobat Pro CFF font parsing heap overflow attempt (more info ...) | attempted-user | 2010-1241 | |||
| 16561 | EXPLOIT Adobe Photoshop CS4 TIFF file exploit attempt - 1 (more info ...) | attempted-user | 2010-1279 | URL | ||
| 16562 | EXPLOIT Adobe Photoshop CS4 TIFF file exploit attempt - 2 (more info ...) | attempted-user | 2010-1279 | URL | ||
| 16563 | EXPLOIT Adobe Photoshop CS4 TIFF file exploit attempt - 3 (more info ...) | attempted-user | 2010-1279 | URL | ||
| 16564 | EXPLOIT Adobe Photoshop CS4 TIFF file exploit attempt - 4 (more info ...) | attempted-user | 2010-1279 | URL | ||
| 16578 | EXPLOIT Microsoft Windows Media Encoder 9 ActiveX buffer overflow attempt (more info ...) | attempted-user | 2008-3008 | URL | ||
| 16603 | WEB-CLIENT Adobe Reader U3D CLOD integer overflow (more info ...) | attempted-user | 2010-0196 | URL | ||
| 16607 | SPECIFIC-THREATS RealPlayer RAM Download Handler ActiveX exploit attempt (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 16609 | SPECIFIC-THREATS RealPlayer ActiveX Import playlist name buffer overflow attempt (more info ...) | attempted-user | 2007-5601 | 26130 | ||
| 16633 | WEB-CLIENT Adobe PDF File containing Flash use-after-free attack (more info ...) | attempted-user | 2010-1297 | |||
| 16634 | WEB-CLIENT Adobe Flash use-after-free attack (more info ...) | attempted-user | 2010-1297 | |||
| 16663 | WEB-CLIENT Windows Media Player JPG header record mismatch memory corruption attempt (more info ...) | attempted-user | 2010-1880 | URL | ||
| 16664 | SPECIFIC-THREATS Adobe Reader and Acrobat authplay.dll vulnerability exploit attempt (more info ...) | attempted-user | 2010-1297 | 40586 | ||
| 16673 | WEB-CLIENT Adobe Shockwave DIR file PAMI chunk code execution attempt (more info ...) | attempted-user | 2010-1292 | URL | ||
| 16676 | SPECIFIC-THREATS Adobe Reader malformed FlateDecode colors declaration (more info ...) | attempted-user | 2009-3459 | 36600 | ||
| 16677 | WEB-CLIENT Adobe Reader malformed FlateDecode colors declaration (more info ...) | attempted-user | 2009-3459 | 36600 | ||
| 16683 | WEB-MISC Nullsoft Winamp CAF file processing integer overflow attempt (more info ...) | attempted-user | 2009-0186 | |||
| 16801 | EXPLOIT Adobe Reader CoolType.dll remote memory corruption denial of service attempt (more info ...) | attempted-dos | 2010-2204 | 41130 | ||
| 17096 | WEB-ACTIVEX AOL WinAmpX ActiveX clsid access (more info ...) | attempted-user | 35028 | |||
| 17097 | WEB-ACTIVEX AOL WinAmpX ActiveX clsid unicode access (more info ...) | attempted-user | 35028 | |||
| 17098 | SPECIFIC-THREATS AOL IWinAmpActiveX class ConvertFile buffer overflow attempt (more info ...) | attempted-user | 35028 | |||
| 17141 | EXPLOIT Adobe Flash invalid data precision arbitrary code execution exploit attempt (more info ...) | attempted-user | 2010-2216 | URL | ||
| 17142 | EXPLOIT Adobe Flash Player SWF ActionScript exploit attempt (more info ...) | attempted-user | 2010-0209 | URL | ||
| 17143 | WEB-CLIENT Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 1 (more info ...) | attempted-user | 2010-1296 | 40389 | ||
| 17144 | WEB-CLIENT Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 2 (more info ...) | attempted-user | 2010-1296 | 40389 | ||
| 17145 | WEB-CLIENT Adobe Photoshop CS4 ASL file processing buffer overflow attempt (more info ...) | attempted-user | 2010-1296 | 40389 | ||
| 17146 | WEB-CLIENT Adobe Photoshop CS4 GRD file processing buffer overflow attempt (more info ...) | attempted-user | 2010-1296 | 40389 | ||
| 17147 | SPECIFIC-THREATS Adobe Photoshop CS4 ABR file processing buffer overflow attempt (more info ...) | attempted-user | 2010-1296 | 40389 | ||
| 17179 | WEB-CLIENT Adobe Director file pamm record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17180 | WEB-CLIENT Adobe Director file LsCM record exploit attempt (more info ...) | attempted-user | 2010-2864 | |||
| 17181 | WEB-CLIENT Adobe Director file LsCM record exploit attempt (more info ...) | attempted-user | 2010-2864 | |||
| 17182 | WEB-CLIENT Adobe Director file tSAC record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17183 | WEB-CLIENT Adobe Director file tSAC record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17184 | WEB-CLIENT Adobe Director file tSAC record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17185 | WEB-CLIENT Adobe Director file rcsL record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17186 | WEB-CLIENT Adobe Director file rcsL record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17187 | WEB-CLIENT Adobe Director file rcsL record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17188 | WEB-CLIENT Adobe Director file rcsL record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17189 | WEB-CLIENT Adobe Director file rcsL record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17190 | EXPLOIT Adobe Director remote code execution attempt (more info ...) | attempted-user | 2010-2871 | |||
| 17191 | EXPLOIT Adobe Director remote code execution attempt (more info ...) | attempted-user | 2010-2872 | |||
| 17192 | EXPLOIT Adobe Director remote code execution attempt (more info ...) | attempted-user | 2010-2873 | |||
| 17193 | EXPLOIT Adobe Director remote code execution attempt (more info ...) | attempted-user | 2010-2874 | |||
| 17194 | EXPLOIT Adobe Director file tSAC tag exploit attempt (more info ...) | attempted-user | 2010-2875 | |||
| 17195 | EXPLOIT Adobe Director file exploit attempt (more info ...) | attempted-user | 2010-2876 | |||
| 17196 | EXPLOIT Adobe Director file exploit attempt (more info ...) | attempted-user | 2010-2877 | |||
| 17197 | EXPLOIT Adobe Director file exploit attempt (more info ...) | attempted-user | 2010-2879 | |||
| 17198 | EXPLOIT Adobe Director file exploit attempt (more info ...) | attempted-user | 2010-2878 | |||
| 17199 | WEB-CLIENT Adobe Director file file lRTX overflow attempt (more info ...) | attempted-user | 2010-2863 | |||
| 17200 | WEB-CLIENT Adobe Director file LsCM overflow attempt (more info ...) | attempted-user | 2010-2864 | |||
| 17201 | WEB-CLIENT Adobe Director file file LsCM overflow attempt (more info ...) | attempted-user | 2010-2865 | |||
| 17202 | WEB-CLIENT Adobe Director file file Shockwave 3D overflow attempt (more info ...) | attempted-user | 2010-2866 | |||
| 17203 | WEB-CLIENT Adobe Director file file rcsL overflow attempt (more info ...) | attempted-user | 2010-2867 | |||
| 17204 | WEB-CLIENT Adobe Director file file mmap overflow attempt (more info ...) | attempted-user | 2010-2870 | |||
| 17211 | WEB-CLIENT Quicktime marshaled punk remote code execution (more info ...) | attempted-user | 2010-1818 | |||
| 17214 | SPECIFIC-THREATS Adobe Reader and Acrobat libtiff TIFFFetchShortPair stack buffer overflow attempt (more info ...) | attempted-user | 2010-0188 | |||
| 17215 | SPECIFIC-THREATS Adobe Reader and Acrobat libtiff TIFFFetchShortPair stack buffer overflow attempt (more info ...) | attempted-user | 2010-0188 | |||
| 17228 | SPECIFIC-THREATS Microsoft Windows Media Player skin decompression code execution attempt (more info ...) | attempted-user | 2007-3035 | 25307 | ||
| 17233 | SPECIFIC-THREATS Adobe Reader and Acrobat TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | URL | ||
| 17242 | WEB-CLIENT Windows Media Player ASF file arbitrary code execution attempt (more info ...) | attempted-user | 2010-0818 | URL | ||
| 17257 | SPECIFIC-THREATS Adobe Flash Player and Reader remote code execution attempt (more info ...) | attempted-user | 2010-2884 | URL | ||
| 17272 | WEB-CLIENT RealNetworks RealPlayer AVI parsing buffer overflow attempt (more info ...) | attempted-user | 2005-2052 | 13530 | ||
| 17288 | SPECIFIC-THREATS Adobe Acrobat font parsing integer overflow attempt (more info ...) | attempted-user | 2010-2862 | 44203 | ||
| 17290 | WEB-CLIENT Quicktime Plug-In Security Bypass (more info ...) | attempted-user | 2006-4965 | 20138 | ||
| 17334 | SPECIFIC-THREATS RealPlayer SWF Flash File buffer overflow attempt (more info ...) | attempted-user | 2006-0323 | 17202 | ||
| 17351 | WEB-CLIENT Winamp ID3v2 Tag Handling Buffer Overflow attempt (more info ...) | attempted-user | 2005-2310 | 14276 | ||
| 17361 | SPECIFIC-THREATS Adobe Acrobat Reader PDF Catalog Handling denial of service attempt (more info ...) | attempted-user | 2007-0104 | 21910 | URL | |
| 17372 | WEB-CLIENT Apple QuickTime udta atom parsing heap overflow vulnerability (more info ...) | attempted-user | 2007-0714 | 22844 | ||
| 17373 | SPECIFIC-THREATS QuickTime panorama atoms buffer overflow attempt (more info ...) | attempted-user | 2007-4675 | 26342 | URL | |
| 17381 | SPECIFIC-THREATS Apple QuickTime PDAT Atom parsing buffer overflow attempt (more info ...) | attempted-user | 2008-3625 | URL | ||
| 17425 | SPECIFIC-THREATS RealPlayer ActiveX Import playlist name buffer overflow attempt (more info ...) | attempted-user | 2007-5601 | 26130 | ||
| 17461 | SPECIFIC-THREATS RealNetworks RealPlayer zipped skin file buffer overflow attempt (more info ...) | attempted-user | 2005-2630 | 15382 | ||
| 17470 | SPECIFIC-THREATS Apple QuickTime STSD JPEG atom heap corruption attempt (more info ...) | attempted-user | 2009-0007 | 33390 | ||
| 17523 | SPECIFIC-THREATS Apple QuickTime H.264 Movie File Buffer Overflow (more info ...) | attempted-user | 2009-2799 | 36328 | ||
| 17526 | SPECIFIC-THREATS Adobe Acrobat and Adobe Reader U3D RHAdobeMeta Buffer Overflow (more info ...) | attempted-user | 2009-1855 | 35282 | ||
| 17531 | SPECIFIC-THREATS Apple Quicktime MOV File JVTCompEncodeFrame Heap Overflow (more info ...) | attempted-user | 2007-2295 | 23650 | ||
| 17547 | WEB-CLIENT Apple Quicktime SMIL transfer (more info ...) | protocol-command-decode | ||||
| 17548 | WEB-CLIENT Apple Quicktime SMIL File Handling Integer Overflow attempt (more info ...) | attempted-user | 2007-2394 | 24873 | ||
| 17552 | WEB-CLIENT Adobe Pagemaker file request (more info ...) | misc-activity | ||||
| 17553 | SPECIFIC-THREATS Adobe Pagemaker Font Name Buffer Overflow attempt (more info ...) | attempted-user | 2007-5169 | 25989 | ||
| 17561 | SPECIFIC-THREATS RealNetworks RealPlayer IVR Overly Long Filename Code Execution attempt (more info ...) | attempted-user | 2009-0375 | 33652 | ||
| 17606 | SPECIFIC-THREATS Adobe Flash ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 17608 | WEB-CLIENT Apple QuickTime color table atom movie file handling heap corruption attempt (more info ...) | attempted-user | 2007-4677 | 26338 | ||
| 17610 | WEB-CLIENT GStreamer QuickTime file parsing multiple heap overflow attempt (more info ...) | attempted-user | 2009-0398 | 33405 | ||
| 17611 | WEB-CLIENT GStreamer QuickTime file parsing multiple heap overflow attempt (more info ...) | attempted-user | 2009-0398 | 33405 | ||
| 17612 | WEB-CLIENT GStreamer QuickTime file parsing multiple heap overflow attempt (more info ...) | attempted-user | 2009-0398 | 33405 | ||
| 17633 | WEB-CLIENT RealNetworks RealPlayer SWF frame handling buffer overflow attempt (more info ...) | attempted-user | 2007-5400 | 30370 | ||
| 17647 | WEB-CLIENT Adobe Flash Player multimedia file DefineSceneAndFrameLabelData code execution attempt (more info ...) | attempted-user | 2007-0071 | 28695 | URL | |
| 17650 | SPECIFIC-THREATS Adobe Pagemaker Key Strings Stack Buffer Overflow attempt (more info ...) | attempted-admin | 2007-6432 | 31999 | ||
| 17658 | SPECIFIC-THREATS Adobe Flash frame type identifier memory corruption attempt (more info ...) | attempted-user | 2005-2628 | 15332 | ||
| 17666 | WEB-CLIENT RealNetworks RealPlayer invalid chunk size heap overflow attempt (more info ...) | attempted-user | 2005-2922 | 17202 | ||
| 17678 | WEB-CLIENT Adobe BMP image handler buffer overflow attempt (more info ...) | attempted-user | 2008-1765 | 28874 | ||
| 17698 | SPECIFIC-THREATS RealNetworks RealPlayer wav chunk string overflow attempt in email (more info ...) | attempted-user | 2005-0611 | 12697 | ||
| 17700 | WEB-CLIENT RealNetworks RealPlayer wav chunk string overflow attempt (more info ...) | attempted-user | 2005-0611 | 12697 | ||
| 17735 | SPECIFIC-THREATS Adobe Pagemaker Font Name Buffer Overflow attempt (more info ...) | attempted-user | 2007-5169 | 25989 | ||
| 17773 | EXPLOIT Microsoft Windows Media Player Firefox plugin memory corruption attempt (more info ...) | attempted-user | 2010-2745 | URL | ||
| 17803 | WEB-CLIENT Adobe Shockwave Director rcsL chunk memory corruption attempt (more info ...) | attempted-user | 2010-2873 | 42682 | URL | |
| 17806 | SPECIFIC-THREATS Adobe Shockwave Director rcsL chunk remote code execution attempt (more info ...) | attempted-user | 2010-3653 | 44291 | ||
| 17807 | SPECIFIC-THREATS Adobe Shockwave Director rcsL chunk remote code execution attempt (more info ...) | attempted-user | 2010-3653 | 44291 | ||
| 17808 | SPECIFIC-THREATS Adobe Flash authplay.dll memory corruption attempt (more info ...) | attempted-user | 2010-3654 | URL | ||
| 17809 | WEB-CLIENT quicktime movie file transfer (more info ...) | protocol-command-decode | ||||
| 18180 | EXPLOIT Adobe Flash Player ActionScript remote code execution attempt (more info ...) | attempted-user | 2010-3648 | 44684 | URL | |
| 18222 | WEB-CLIENT Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3965 | URL | ||
| 18223 | WEB-CLIENT Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3965 | URL | ||
| 18224 | WEB-CLIENT Microsoft Windows Media Encoder asferrorenu.dll dll-load attempt (more info ...) | attempted-user | 2010-3965 | URL | ||
| 18225 | NETBIOS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3965 | URL | ||
| 18226 | NETBIOS Microsoft Windows Media Encoder swinietenu.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3965 | URL | ||
| 18227 | NETBIOS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3965 | URL | ||
| 18229 | SPECIFIC-THREAT Microsoft FlashPix tile length overflow attempt (more info ...) | attempted-user | 2010-3952 | URL | ||
| 18233 | WEB-CLIENT Microsoft Publisher Adobe Font Driver code execution attempt (more info ...) | attempted-user | 2010-3956 | URL | ||
| 18237 | WEB-CLIENT Flashpix graphics filter fpx32.flt remote code execution attempt (more info ...) | attempted-user | 2010-3951 | URL | ||
| 912182 | POLICY Adobe FLV file transfer (more info ...) | misc-activity |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 2438 | WEB-CLIENT RealPlayer playlist file URL overflow attempt (more info ...) | attempted-user | 2005-0755 | 9579 | ||
| 2439 | WEB-CLIENT RealPlayer playlist http URL overflow attempt (more info ...) | attempted-user | 2005-0755 | 9579 | ||
| 2440 | WEB-CLIENT RealPlayer playlist rtsp URL overflow attempt (more info ...) | attempted-user | 2005-0755 | 9579 | ||
| 2442 | WEB-MISC Quicktime User-Agent buffer overflow attempt (more info ...) | web-application-attack | 2004-0169 | 9735 | ||
| 2550 | EXPLOIT winamp XM module name overflow (more info ...) | attempted-user | URL | |||
| 3088 | WEB-CLIENT winamp .cda file name overflow attempt (more info ...) | attempted-user | 2004-1119 | 11730 | 15817 | |
| 3470 | WEB-CLIENT RealPlayer VIDORV30 header length buffer overflow (more info ...) | attempted-admin | 2004-1481 | 11309 | URL | |
| 4131 | EXPLOIT SHOUTcast URI format string attempt (more info ...) | web-application-attack | 2004-1373 | 12096 | ||
| 4680 | WEB-CLIENT quicktime movie file component name integer overflow attempt (more info ...) | attempted-user | 2005-2754 | 15308 | URL | |
| 8701 | WEB-MISC IceCast header buffer overflow attempt (more info ...) | attempted-admin | 2004-1561 | 11271 | URL | |
| 8702 | EXPLOIT IceCast header buffer overflow attempt (more info ...) | attempted-admin | 2004-1561 | 11271 | URL | |
| 8703 | EXPLOIT IceCast header buffer overflow attempt (more info ...) | attempted-admin | 2004-1561 | 11271 | URL | |
| 9842 | WEB-CLIENT Adobe Acrobat Plugin Universal cross-site scripting attempt (more info ...) | misc-attack | 2007-0045 | URL | ||
| 12663 | WEB-ACTIVEX RealPlayer Ierpplug.dll ActiveX function call unicode access (more info ...) | attempted-user | 2008-3066 | 26586 | ||
| 12707 | WEB-CLIENT RealNetworks RealPlayer lyrics heap overflow attempt (more info ...) | attempted-user | 2007-5080 | 26214 | ||
| 12741 | EXPLOIT Apple Quicktime TCP RTSP sdp type buffer overflow attempt (more info ...) | attempted-user | 2007-6166 | 26549 | ||
| 13919 | WEB-CLIENT Apple QuickTime MOV file string handling integer overflow attempt (more info ...) | attempted-user | 2005-2753 | 15306 | ||
| 14256 | WEB-ACTIVEX Windows Media Encoder 9 ActiveX clsid unicode access (more info ...) | attempted-user | 2008-3008 | URL | ||
| 14258 | WEB-ACTIVEX Windows Media Encoder 9 ActiveX function call unicode access (more info ...) | attempted-user | 2008-3008 | URL | ||
| 15914 | WEB-CLIENT Microsoft Windows Media sample duration header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 15915 | WEB-CLIENT Microsoft Windows Media Timecode header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 15916 | WEB-CLIENT Microsoft Windows Media file name header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 15917 | WEB-CLIENT Microsoft Windows Media content type header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 15918 | WEB-CLIENT Microsoft Windows Media pixel aspect ratio header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 15919 | WEB-CLIENT Microsoft Windows Media encryption sample ID header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 16315 | WEB-MISC Adobe Flash PlugIn check if file exists attempt (more info ...) | misc-activity | 2009-3951 | |||
| 16331 | WEB-CLIENT Adobe Flash Player JPEG parsing heap overflow attempt (more info ...) | attempted-user | 2009-3794 | |||
| 16338 | WEB-CLIENT Microsoft Windows Media extended stream properties object RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 16372 | WEB-ACTIVEX NOS Microsystems Adobe atl_getcom ActiveX clsid unicode access (more info ...) | attempted-user | 2009-3958 | 37759 | URL | |
| 16544 | WEB-CLIENT Adobe Reader Linux malformed U3D mesh deceleration block exploit attempt (more info ...) | attempted-admin | 2010-0196 | |||
| 16545 | WEB-CLIENT Adobe Reader malformed Richmedia annotation exploit attempt (more info ...) | attempted-admin | 2010-0197 | |||
| 17223 | SPECIFIC-THREATS Adobe Flash Player navigateToURL cross-site scripting attempt (more info ...) | misc-activity | 2007-6244 | 26960 | ||
| 17457 | WEB-CLIENT Macromedia Flash ActionDefineFunction memory access vulnerability exploit attempt (more info ...) | attempted-user | 2005-2628 | 15334 | ||
| 17529 | SPECIFIC-THREATS Adobe RoboHelp Server Arbitrary File Upload and Execute (more info ...) | attempted-user | 2009-1855 | 35282 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 9380 | SPECIFIC-THREATS jitux msn messenger propagation detection (more info ...) | trojan-activity | URL | |||
| 13292 | EXPLOIT Skype skype4com URI handler memory corruption attempt (more info ...) | attempted-user | 2007-5989 | 26748 | ||
| 15939 | SPECIFIC-THREATS MSN Messenger IRC bot calling home attempt (more info ...) | trojan-activity | URL | |||
| 16718 | EXPLOIT Skype URI handler input validation exploit attempt (more info ...) | misc-attack | 38699 | URL | ||
| 17674 | WEB-ACTIVEX Skype Extras Manager ActiveX clsid access (more info ...) | attempted-user | 2009-4741 | 36459 | ||
| 17675 | WEB-ACTIVEX Skype Extras Manager ActiveX clsid unicode access (more info ...) | attempted-user | 2009-4741 | 36459 | ||
| 17676 | WEB-ACTIVEX Skype Extras Manager ActiveX function call access (more info ...) | attempted-user | 2009-4741 | 36459 | ||
| 17677 | WEB-ACTIVEX Skype Extras Manager ActiveX function call unicode access (more info ...) | attempted-user | 2009-4741 | 36459 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3085 | EXPLOIT AIM goaway message buffer overflow attempt (more info ...) | misc-attack | 2004-0636 | 10889 | ||
| 3130 | EXPLOIT MSN Messenger png overflow (more info ...) | attempted-user | 2004-0957 | 10872 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 6128 | BACKDOOR dkangel runtime detection - icmp echo reply client-to-server (more info ...) | trojan-activity | URL | |||
| 10107 | BACKDOOR icmp cmd 1.0 runtime detection - pslist (more info ...) | trojan-activity | URL | |||
| 10108 | BACKDOOR icmp cmd 1.0 runtime detection - pskill (more info ...) | trojan-activity | URL | |||
| 10452 | BACKDOOR only 1 rat runtime detection - icmp request (more info ...) | trojan-activity | URL | |||
| 13288 | BAD-TRAFFIC Windows remote kernel tcp/ip icmp vulnerability exploit attempt (more info ...) | attempted-admin | 2007-0066 | URL | ||
| 16405 | ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Prefix Information stack buffer overflow attempt (more info ...) | attempted-admin | 2010-0239 | URL | ||
| 18249 | ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Route Information stack buffer overflow attempt (more info ...) | attempted-admin | 2010-0241 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 222 | DDOS tfn2k icmp possible communication (more info ...) | attempted-dos | 2000-0138 | |||
| 272 | DOS IGMP dos attack (more info ...) | attempted-dos | 1999-0918 | 514 | URL | |
| 465 | ICMP ISS Pinger (more info ...) | attempted-recon | ||||
| 467 | ICMP Nemesis v1.1 Echo (more info ...) | attempted-recon | ||||
| 476 | ICMP webtrends scanner (more info ...) | attempted-recon | ||||
| 480 | ICMP PING speedera (more info ...) | misc-activity | ||||
| 481 | ICMP TJPingPro1.1Build 2 Windows (more info ...) | misc-activity | ||||
| 482 | ICMP PING WhatsupGold Windows (more info ...) | misc-activity | ||||
| 484 | ICMP PING Sniffer Pro/NetXRay network scan (more info ...) | misc-activity | ||||
| 1813 | ICMP digital island bandwidth query (more info ...) | misc-activity | ||||
| 2462 | EXPLOIT IGMP IGAP account overflow attempt (more info ...) | attempted-admin | 2004-0367 | 9952 | ||
| 2463 | EXPLOIT IGMP IGAP message overflow attempt (more info ...) | attempted-admin | 2004-0367 | 9952 | ||
| 3626 | ICMP PATH MTU denial of service attempt (more info ...) | attempted-dos | 2004-1060 | 13124 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 494 | ATTACK-RESPONSES command completed (more info ...) | bad-unknown | 1806 | |||
| 497 | ATTACK-RESPONSES file copied ok (more info ...) | bad-unknown | 2000-0884 | 1806 | ||
| 498 | ATTACK-RESPONSES id check returned root (more info ...) | bad-unknown | ||||
| 1001 | WEB-MISC carbo.dll access (more info ...) | attempted-recon | 1999-1069 | 2126 | ||
| 1464 | ATTACK-RESPONSES oracle one hour install (more info ...) | bad-unknown | 10737 | |||
| 2278 | WEB-MISC client negative Content-Length attempt (more info ...) | misc-attack | 2006-2162 | 9576 | ||
| 2412 | ATTACK-RESPONSES successful cross site scripting forced download attempt (more info ...) | successful-user | ||||
| 2430 | NNTP newgroup overflow attempt (more info ...) | attempted-admin | 2004-0045 | 9382 | 11984 | |
| 2431 | NNTP rmgroup overflow attempt (more info ...) | attempted-admin | 2004-0045 | 9382 | 11984 | |
| 2520 | WEB-MISC SSLv3 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 2521 | WEB-MISC SSLv3 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 2585 | WEB-MISC nessus 2.x 404 probe (more info ...) | attempted-recon | 10386 | |||
| 2656 | WEB-MISC SSLv2 Client_Hello Challenge Length overflow attempt (more info ...) | attempted-admin | 2004-0826 | 11015 | ||
| 2658 | WEB-MISC SSLv2 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 2659 | WEB-MISC SSLv2 Client_Hello with pad request (more info ...) | protocol-command-decode | ||||
| 2660 | WEB-MISC SSLv2 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 2661 | WEB-MISC TLSv1 Client_Hello request (more info ...) | protocol-command-decode | ||||
| 2662 | WEB-MISC TLSv1 Server_Hello request (more info ...) | protocol-command-decode | ||||
| 2705 | WEB-CLIENT JPEG parser heap overflow attempt (more info ...) | attempted-user | 2004-0200 | 11173 | URL | |
| 3009 | BACKDOOR NetBus Pro 2.0 connection request (more info ...) | misc-activity | ||||
| 3010 | BACKDOOR RUX the Tick get windows directory attempt (more info ...) | misc-activity | ||||
| 3011 | BACKDOOR RUX the Tick get system directory attempt (more info ...) | misc-activity | ||||
| 3012 | BACKDOOR RUX the Tick upload/execute arbitrary file attempt (more info ...) | misc-activity | ||||
| 3013 | BACKDOOR Asylum 0.1 connection request (more info ...) | misc-activity | ||||
| 3014 | BACKDOOR Asylum 0.1 connection established (more info ...) | misc-activity | ||||
| 3015 | BACKDOOR Insane Network 4.0 connection established (more info ...) | misc-activity | ||||
| 3016 | BACKDOOR Insane Network 4.0 connection established port 63536 (more info ...) | misc-activity | ||||
| 3059 | WEB-MISC TLSv1 Client_Hello via SSLv2 handshake request (more info ...) | protocol-command-decode | ||||
| 3063 | BACKDOOR Vampire 1.2 connection request (more info ...) | misc-activity | ||||
| 3064 | BACKDOOR Vampire 1.2 connection confirmation (more info ...) | misc-activity | ||||
| 3081 | BACKDOOR Y3KRAT 1.5 Connect (more info ...) | misc-activity | ||||
| 3082 | BACKDOOR Y3KRAT 1.5 Connect Client Response (more info ...) | misc-activity | ||||
| 3083 | BACKDOOR Y3KRAT 1.5 Connection confirmation (more info ...) | misc-activity | ||||
| 3132 | WEB-CLIENT PNG large image width download attempt (more info ...) | attempted-user | 2007-5503 | 11523 | URL | |
| 3133 | WEB-CLIENT PNG large image height download attempt (more info ...) | attempted-user | 2007-5503 | 11523 | URL | |
| 3148 | WEB-CLIENT winhelp clsid attempt (more info ...) | attempted-user | 2004-1043 | 5874 | URL | |
| 3155 | BACKDOOR BackOrifice 2000 Inbound Traffic (more info ...) | trojan-activity | ||||
| 3535 | WEB-CLIENT GIF transfer (more info ...) | protocol-command-decode | ||||
| 3551 | WEB-CLIENT .hta download attempt (more info ...) | not-suspicious | ||||
| 3632 | WEB-CLIENT Bitmap width integer overflow attempt (more info ...) | attempted-admin | 2008-3015 | 11171 | URL | |
| 3633 | WEB-CLIENT bitmap transfer (more info ...) | protocol-command-decode | ||||
| 3634 | WEB-CLIENT Bitmap width integer overflow multipacket attempt (more info ...) | attempted-admin | 2008-3015 | 11171 | URL | |
| 3635 | BACKDOOR Amanda 2.0 connection established (more info ...) | trojan-activity | ||||
| 3636 | BACKDOOR Crazzy Net 5.0 connection established (more info ...) | trojan-activity | ||||
| 3683 | WEB-CLIENT spoofed MIME-Type auto-execution attempt (more info ...) | attempted-admin | 2001-0154 | 2524 | URL | |
| 3819 | WEB-CLIENT multipacket CHM file transfer start (more info ...) | protocol-command-decode | ||||
| 3821 | WEB-CLIENT CHM file transfer attempt (more info ...) | attempted-user | 2005-1208 | 13953 | 18482 | URL |
| 3822 | WEB-MISC Real Player realtext long URI request (more info ...) | protocol-command-decode | ||||
| 4132 | WEB-CLIENT msdds clsid attempt (more info ...) | attempted-user | 2005-2127 | 14594 | URL | |
| 4133 | WEB-CLIENT devenum clsid attempt (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 4134 | WEB-CLIENT blnmgr clsid attempt (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 4140 | DOS tcpdump tcp LDP print zero length message denial of service attempt (more info ...) | attempted-dos | 2005-1279 | 13389 | URL | |
| 4141 | DOS tcpdump udp LDP print zero length message denial of service attempt (more info ...) | attempted-dos | 2005-1279 | 13389 | URL | |
| 4143 | EXPLOIT lpd receive printer job cascade adaptor protocol request (more info ...) | protocol-command-decode | ||||
| 4194 | WEB-CLIENT multipacket CBO CBL CBM file transfer start (more info ...) | protocol-command-decode | ||||
| 4195 | WEB-CLIENT multipacket CBO CBL CBM file transfer attempt (more info ...) | attempted-user | 2006-3448 | 13944 | 18492 | URL |
| 4643 | WEB-CLIENT malformed windows shortcut file buffer overflow attempt (more info ...) | attempted-user | 2005-2122 | 15070 | URL | |
| 4644 | WEB-CLIENT malformed windows shortcut file with comment buffer overflow attempt (more info ...) | attempted-user | 2005-2122 | 15070 | URL | |
| 5319 | WEB-CLIENT Metasploit Windows picture and fax viewer wmf arbitrary code execution attempt (more info ...) | web-application-attack | 2005-4560 | 16074 | URL | |
| 5713 | WEB-CLIENT Windows Metafile invalid header size integer overflow (more info ...) | attempted-admin | 2006-0020 | 16516 | URL | |
| 5742 | SPYWARE-PUT Keylogger activitylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 5743 | SPYWARE-PUT Hijacker actualnames runtime detection - plugin list (more info ...) | misc-activity | URL | |||
| 5745 | SPYWARE-PUT Hijacker adultlinks runtime detection - redirect (more info ...) | misc-activity | URL | |||
| 5746 | SPYWARE-PUT Hijacker adultlinks runtime detection - load url (more info ...) | misc-activity | URL | |||
| 5747 | SPYWARE-PUT Hijacker adultlinks runtime detection - log hits (more info ...) | misc-activity | URL | |||
| 5748 | SPYWARE-PUT Hijacker adultlinks runtime detection - ads (more info ...) | misc-activity | URL | |||
| 5750 | SPYWARE-PUT Adware dogpile runtime detection (more info ...) | misc-activity | URL | |||
| 5751 | SPYWARE-PUT Adware exactsearch runtime detection - switch search engine 1 (more info ...) | misc-activity | URL | |||
| 5752 | SPYWARE-PUT Adware exactsearch runtime detection - switch search engine 2 (more info ...) | misc-activity | URL | |||
| 5753 | SPYWARE-PUT Adware exactsearch runtime detection - topsearches (more info ...) | misc-activity | URL | |||
| 5754 | SPYWARE-PUT Hijacker ezcybersearch runtime detection - ie auto search hijack (more info ...) | misc-activity | URL | |||
| 5755 | SPYWARE-PUT Hijacker ezcybersearch runtime detection - check update (more info ...) | misc-activity | URL | |||
| 5756 | SPYWARE-PUT Hijacker ezcybersearch runtime detection - add coolsites to ie favorites (more info ...) | misc-activity | URL | |||
| 5757 | SPYWARE-PUT Hijacker ezcybersearch runtime detection - check toolbar setting (more info ...) | misc-activity | URL | |||
| 5758 | SPYWARE-PUT Hijacker ezcybersearch runtime detection - download fastclick pop-under code (more info ...) | misc-activity | URL | |||
| 5759 | SPYWARE-PUT Keylogger fearlesskeyspy runtime detection (more info ...) | successful-recon-limited | URL | |||
| 5761 | SPYWARE-PUT Trickler bearshare runtime detection - ads popup (more info ...) | misc-activity | URL | |||
| 5762 | SPYWARE-PUT Trickler bearshare runtime detection - p2p information request (more info ...) | misc-activity | URL | |||
| 5763 | SPYWARE-PUT Trickler bearshare runtime detection - chat request (more info ...) | misc-activity | URL | |||
| 5765 | SPYWARE-PUT Hijacker begin2search runtime detection - ico query (more info ...) | misc-activity | URL | |||
| 5766 | SPYWARE-PUT Hijacker begin2search runtime detection - install spyware trafficsector (more info ...) | misc-activity | URL | |||
| 5767 | SPYWARE-PUT Hijacker begin2search runtime detection - download unauthorized code (more info ...) | misc-activity | URL | |||
| 5768 | SPYWARE-PUT Hijacker begin2search runtime detection - pass information (more info ...) | misc-activity | URL | |||
| 5769 | SPYWARE-PUT Hijacker begin2search runtime detection - play bingo ads (more info ...) | misc-activity | URL | |||
| 5770 | SPYWARE-PUT Snoopware casinoonnet runtime detection (more info ...) | successful-recon-limited | URL | |||
| 5771 | SPYWARE-PUT Screen-Scraper farsighter runtime detection - initial connection (more info ...) | successful-recon-limited | URL | |||
| 5773 | SPYWARE-PUT Adware forbes runtime detection (more info ...) | misc-activity | URL | |||
| 5774 | SPYWARE-PUT Hijacker freescratch runtime detection - get card (more info ...) | misc-activity | URL | |||
| 5775 | SPYWARE-PUT Hijacker freescratch runtime detection - scratch card (more info ...) | misc-activity | URL | |||
| 5776 | SPYWARE-PUT Trickler grokster runtime detection (more info ...) | misc-activity | URL | |||
| 5777 | SPYWARE-PUT Keylogger gurl watcher runtime detection (more info ...) | successful-recon-limited | URL | |||
| 5778 | SPYWARE-PUT Keylogger runtime detection - hwpe windows activity logs (more info ...) | successful-recon-limited | URL | |||
| 5779 | SPYWARE-PUT Keylogger runtime detection - hwpe shell file logs (more info ...) | successful-recon-limited | URL | |||
| 5781 | SPYWARE-PUT Keylogger runtime detection - hwae windows activity logs (more info ...) | successful-recon-limited | URL | |||
| 5783 | SPYWARE-PUT Keylogger runtime detection - hwae keystrokes log (more info ...) | successful-recon-limited | URL | |||
| 5784 | SPYWARE-PUT Keylogger runtime detection - hwae urls browsed log (more info ...) | successful-recon-limited | URL | |||
| 5785 | SPYWARE-PUT Adware hithopper runtime detection - get xml setting (more info ...) | misc-activity | URL | |||
| 5786 | SPYWARE-PUT Adware hithopper runtime detection - redirect (more info ...) | misc-activity | URL | |||
| 5787 | SPYWARE-PUT Adware hithopper runtime detection - search (more info ...) | misc-activity | URL | |||
| 5788 | SPYWARE-PUT Adware hithopper runtime detection - click toolbar buttons (more info ...) | misc-activity | URL | |||
| 5789 | SPYWARE-PUT keylogger pc actmon pro runtime detection - http (more info ...) | successful-recon-limited | URL | |||
| 5791 | SPYWARE-PUT Dialer pluginaccess runtime detection - get pin (more info ...) | misc-activity | URL | |||
| 5792 | SPYWARE-PUT Dialer pluginaccess runtime detection - active proxy (more info ...) | misc-activity | URL | |||
| 5793 | SPYWARE-PUT Dialer pluginaccess runtime detection - redirect (more info ...) | misc-activity | URL | |||
| 5794 | SPYWARE-PUT Hijacker coolwebsearch.aboutblank variant runtime detection (more info ...) | misc-activity | URL | |||
| 5795 | SPYWARE-PUT Adware ist powerscan runtime detection (more info ...) | misc-activity | URL | |||
| 5796 | SPYWARE-PUT Adware keenvalue runtime detection (more info ...) | misc-activity | URL | |||
| 5800 | SPYWARE-PUT Trackware myway speedbar runtime detection - request config (more info ...) | successful-recon-limited | URL | |||
| 5801 | SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 1 (more info ...) | successful-recon-limited | URL | |||
| 5803 | SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - collect information (more info ...) | successful-recon-limited | URL | |||
| 5805 | SPYWARE-PUT Trackware myway speedbar runtime detection - switch engines (more info ...) | successful-recon-limited | URL | |||
| 5807 | SPYWARE-PUT Hijacker shopathomeselect runtime detection (more info ...) | misc-activity | URL | |||
| 5808 | SPYWARE-PUT Hijacker shop at home search merchant redirect check (more info ...) | misc-activity | ||||
| 5809 | SPYWARE-PUT Hijacker shop at home select merchant redirect in progress (more info ...) | misc-activity | ||||
| 5810 | SPYWARE-PUT Hijacker shop at home select installation in progress (more info ...) | misc-activity | ||||
| 5811 | SPYWARE-PUT shop at home select installation in progress - clsid detected (more info ...) | misc-activity | URL | |||
| 5812 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - email notification (more info ...) | misc-activity | URL | |||
| 5813 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - create redirection (more info ...) | misc-activity | ||||
| 5814 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - create redirection (more info ...) | misc-activity | URL | |||
| 5815 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory redirection (more info ...) | misc-activity | ||||
| 5816 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory redirection (more info ...) | misc-activity | URL | |||
| 5817 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (more info ...) | misc-activity | ||||
| 5818 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (more info ...) | misc-activity | ||||
| 5819 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (more info ...) | misc-activity | URL | |||
| 5820 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory log (more info ...) | misc-activity | ||||
| 5821 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory log (more info ...) | misc-activity | URL | |||
| 5822 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - view netstat (more info ...) | misc-activity | ||||
| 5823 | SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - view netstat (more info ...) | misc-activity | URL | |||
| 5824 | SPYWARE-PUT Dialer stripplayer runtime detection (more info ...) | misc-activity | URL | |||
| 5825 | SPYWARE-PUT Adware broadcasturban tuner runtime detection - start tuner (more info ...) | misc-activity | URL | |||
| 5826 | SPYWARE-PUT Adware broadcasturban tuner runtime detection - pass user info to server (more info ...) | misc-activity | URL | |||
| 5827 | SPYWARE-PUT Adware broadcasturban tuner runtime detection - get gateway (more info ...) | misc-activity | URL | |||
| 5828 | SPYWARE-PUT Adware broadcasturban tuner runtime detection - connect to station (more info ...) | misc-activity | URL | |||
| 5829 | SPYWARE-PUT Trickler clipgenie runtime detection (more info ...) | misc-activity | URL | |||
| 5835 | SPYWARE-PUT Adware gamespy_arcade runtime detection (more info ...) | misc-activity | URL | |||
| 5836 | SPYWARE-PUT Trickler nictech.bm2 runtime detection (more info ...) | misc-activity | URL | |||
| 5837 | SPYWARE-PUT Trackware ucmore runtime detection - track activity (more info ...) | successful-recon-limited | URL | |||
| 5838 | SPYWARE-PUT Trackware ucmore runtime detection - get sponsor/ad links (more info ...) | successful-recon-limited | URL | |||
| 5839 | SPYWARE-PUT Trackware ucmore runtime detection - click sponsor/ad link (more info ...) | successful-recon-limited | URL | |||
| 5840 | SPYWARE-PUT Hijacker sep runtime detection (more info ...) | misc-activity | URL | |||
| 5841 | SPYWARE-PUT Trickler minibug runtime detection - retrieve weather information (more info ...) | misc-activity | URL | |||
| 5842 | SPYWARE-PUT Trickler minibug runtime detection - ads (more info ...) | misc-activity | URL | |||
| 5843 | SPYWARE-PUT Hijacker surfsidekick runtime detection - hijack ie auto search (more info ...) | misc-activity | URL | |||
| 5844 | SPYWARE-PUT Hijacker surfsidekick runtime detection - post request (more info ...) | misc-activity | URL | |||
| 5845 | SPYWARE-PUT Hijacker surfsidekick runtime detection - update request (more info ...) | misc-activity | URL | |||
| 5846 | SPYWARE-PUT Trickler VX2/DLmax/BestOffers/Aurora runtime detection (more info ...) | misc-activity | URL | |||
| 5847 | SPYWARE-PUT Adware warez_p2p runtime detection - p2p client home (more info ...) | misc-activity | URL | |||
| 5849 | SPYWARE-PUT Adware warez_p2p runtime detection - update request (more info ...) | misc-activity | URL | |||
| 5850 | SPYWARE-PUT Adware warez_p2p runtime detection - check update (more info ...) | misc-activity | URL | |||
| 5851 | SPYWARE-PUT Adware warez_p2p runtime detection - .txt .dat and .lst requests (more info ...) | misc-activity | URL | |||
| 5852 | SPYWARE-PUT Adware warez_p2p runtime detection - cache.dat request (more info ...) | misc-activity | URL | |||
| 5853 | SPYWARE-PUT Adware warez_p2p runtime detection - download ads (more info ...) | misc-activity | URL | |||
| 5854 | SPYWARE-PUT Adware warez_p2p runtime detection - pass user information (more info ...) | misc-activity | URL | |||
| 5855 | SPYWARE-PUT Hijacker funbuddyicons runtime detection - request config (more info ...) | misc-activity | URL | |||
| 5857 | SPYWARE-PUT Hijacker funbuddyicons runtime detection - mysaconfg request (more info ...) | misc-activity | URL | |||
| 5858 | SPYWARE-PUT Adware praizetoolbar runtime detection (more info ...) | misc-activity | URL | |||
| 5859 | SPYWARE-PUT Hijacker daosearch runtime detection - information request (more info ...) | misc-activity | URL | |||
| 5860 | SPYWARE-PUT Hijacker daosearch runtime detection - search hijack (more info ...) | misc-activity | URL | |||
| 5861 | SPYWARE-PUT Hijacker isearch runtime detection - toolbar information request (more info ...) | misc-activity | URL | |||
| 5862 | SPYWARE-PUT Hijacker isearch runtime detection - search hijack 1 (more info ...) | misc-activity | URL | |||
| 5863 | SPYWARE-PUT Hijacker isearch runtime detection - search hijack 2 (more info ...) | misc-activity | URL | |||
| 5864 | SPYWARE-PUT Hijacker isearch runtime detection - search in toolbar (more info ...) | misc-activity | URL | |||
| 5865 | SPYWARE-PUT Adware zapspot runtime detection - pop up ads (more info ...) | misc-activity | URL | |||
| 5866 | SPYWARE-PUT Hijacker couponbar runtime detection - download new coupon offers and links (more info ...) | misc-activity | URL | |||
| 5867 | SPYWARE-PUT Hijacker couponbar runtime detection - get updates to toolbar buttons (more info ...) | misc-activity | URL | |||
| 5868 | SPYWARE-PUT Hijacker couponbar runtime detection - view coupon offers (more info ...) | misc-activity | URL | |||
| 5871 | SPYWARE-PUT Trickler VX2/ABetterInternet transponder thinstaller runtime detection - post information (more info ...) | misc-activity | URL | |||
| 5872 | SPYWARE-PUT Snoopware hyperlinker runtime detection (more info ...) | successful-recon-limited | URL | |||
| 5873 | SPYWARE-PUT Snoopware pc acme pro runtime detection (more info ...) | successful-recon-limited | URL | |||
| 5874 | SPYWARE-PUT Snoopware pc acme pro runtime detection (more info ...) | successful-recon-limited | URL | |||
| 5875 | SPYWARE-PUT Hacker-Tool eraser runtime detection - detonate (more info ...) | misc-activity | URL | |||
| 5876 | SPYWARE-PUT Hacker-Tool eraser runtime detection - disinfect (more info ...) | misc-activity | URL | |||
| 5882 | SPYWARE-PUT Keylogger spyagent runtime detect - alert notification (more info ...) | successful-recon-limited | URL | |||
| 5883 | SPYWARE-PUT Other-Technologies saria 1.0 runtime detection - send user information (more info ...) | misc-activity | URL | |||
| 5884 | SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - check toolbar & category info (more info ...) | misc-activity | URL | |||
| 5885 | SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - ie autosearch & search assistant hijack (more info ...) | misc-activity | URL | |||
| 5886 | SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - pass info to server (more info ...) | misc-activity | URL | |||
| 5887 | SPYWARE-PUT Hijacker shopnav runtime detection - ie search assistant hijack (more info ...) | misc-activity | URL | |||
| 5888 | SPYWARE-PUT Hijacker shopnav runtime detection - ie auto search hijack (more info ...) | misc-activity | URL | |||
| 5889 | SPYWARE-PUT Hijacker shopnav runtime detection - collect information (more info ...) | misc-activity | URL | |||
| 5890 | SPYWARE-PUT Hijacker shopnav runtime detection - self-update request 1 (more info ...) | misc-activity | URL | |||
| 5891 | SPYWARE-PUT Hijacker shopnav runtime detection - self-update request 2 (more info ...) | misc-activity | URL | |||
| 5894 | SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - smb (more info ...) | misc-activity | URL | |||
| 5895 | SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - tcp port 407 (more info ...) | misc-activity | ||||
| 5896 | SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - tcp port 407 (more info ...) | misc-activity | URL | |||
| 5897 | SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - udp port 407 (more info ...) | misc-activity | URL | |||
| 5898 | SPYWARE-PUT Trackware adtools runtime detection - track user activity (more info ...) | successful-recon-limited | URL | |||
| 5899 | SPYWARE-PUT Trackware adtools-screenmate runtime detection - generate desktop alert (more info ...) | successful-recon-limited | URL | |||
| 5900 | SPYWARE-PUT Trackware adtools-communicator runtime detection - collect information (more info ...) | successful-recon-limited | URL | |||
| 5901 | SPYWARE-PUT Trackware adtools-communicator runtime detection - download self-update (more info ...) | successful-recon-limited | URL | |||
| 5903 | SPYWARE-PUT Adware download accelerator plus runtime detection - get ads (more info ...) | misc-activity | URL | |||
| 5904 | SPYWARE-PUT Adware download accelerator plus runtime detection - download files (more info ...) | misc-activity | URL | |||
| 5905 | SPYWARE-PUT Adware download accelerator plus runtime detection - games center request (more info ...) | misc-activity | URL | |||
| 5906 | SPYWARE-PUT Adware download accelerator plus runtime detection - update (more info ...) | misc-activity | URL | |||
| 5907 | SPYWARE-PUT Trackware e2give runtime detection - check update (more info ...) | successful-recon-limited | URL | |||
| 5908 | SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 1 (more info ...) | successful-recon-limited | URL | |||
| 5909 | SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 2 (more info ...) | successful-recon-limited | URL | |||
| 5910 | SPYWARE-PUT Trackware casalemedia runtime detection (more info ...) | successful-recon-limited | URL | |||
| 5911 | SPYWARE-PUT Adware smartpops runtime detection (more info ...) | misc-activity | URL | |||
| 5913 | SPYWARE-PUT Trickler smasoft webdownloader runtime detection (more info ...) | misc-activity | URL | |||
| 5914 | SPYWARE-PUT Hijacker locatorstoolbar runtime detection - configuration download (more info ...) | misc-activity | URL | |||
| 5915 | SPYWARE-PUT Hijacker locatorstoolbar runtime detection - autosearch hijack (more info ...) | misc-activity | URL | |||
| 5916 | SPYWARE-PUT Hijacker locatorstoolbar runtime detection - sidebar search (more info ...) | misc-activity | URL | |||
| 5917 | SPYWARE-PUT Hijacker locatorstoolbar runtime detection - toolbar search (more info ...) | misc-activity | URL | |||
| 5918 | SPYWARE-PUT Hijacker painter runtime detection - ping 'alive' signal (more info ...) | misc-activity | URL | |||
| 5919 | SPYWARE-PUT Hijacker painter runtime detection - redirect to klikvipsearch (more info ...) | misc-activity | URL | |||
| 5920 | SPYWARE-PUT Hijacker painter runtime detection - redirect yahoo search through online-casino-searcher (more info ...) | misc-activity | URL | |||
| 5921 | SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - send user url request (more info ...) | successful-recon-limited | URL | |||
| 5922 | SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - display advertisement news (more info ...) | successful-recon-limited | URL | |||
| 5923 | SPYWARE-PUT Adware active shopper runtime detection - side search request (more info ...) | misc-activity | URL | |||
| 5924 | SPYWARE-PUT Adware active shopper runtime detection - redirect (more info ...) | misc-activity | URL | |||
| 5925 | SPYWARE-PUT Adware active shopper runtime detection - check (more info ...) | misc-activity | URL | |||
| 5926 | SPYWARE-PUT Adware active shopper runtime detection - collect information (more info ...) | misc-activity | URL | |||
| 5927 | SPYWARE-PUT Adware cashbar runtime detection - .smx requests (more info ...) | misc-activity | URL | |||
| 5928 | SPYWARE-PUT Adware cashbar runtime detection - ads request (more info ...) | misc-activity | URL | |||
| 5929 | SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 1 (more info ...) | misc-activity | URL | |||
| 5930 | SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 2 (more info ...) | misc-activity | URL | |||
| 5932 | SPYWARE-PUT Adware cashbar runtime detection - stats track (more info ...) | misc-activity | URL | |||
| 5933 | SPYWARE-PUT Hijacker dropspam runtime detection - search request 1 (more info ...) | misc-activity | URL | |||
| 5934 | SPYWARE-PUT Hijacker dropspam runtime detection - search request 2 (more info ...) | misc-activity | URL | |||
| 5935 | SPYWARE-PUT Hijacker dropspam runtime detection - search request 3 (more info ...) | misc-activity | URL | |||
| 5936 | SPYWARE-PUT Hijacker dropspam runtime detection - side search (more info ...) | misc-activity | URL | |||
| 5937 | SPYWARE-PUT Hijacker dropspam runtime detection - pass information to its controlling server (more info ...) | misc-activity | URL | |||
| 5938 | SPYWARE-PUT Hijacker dropspam runtime detection - third party information collection (more info ...) | misc-activity | URL | |||
| 5939 | SPYWARE-PUT Trackware supreme toolbar runtime detection - get cfg (more info ...) | successful-recon-limited | URL | |||
| 5940 | SPYWARE-PUT Trackware supreme toolbar runtime detection - search request (more info ...) | successful-recon-limited | URL | |||
| 5941 | SPYWARE-PUT Trackware supreme toolbar runtime detection - track (more info ...) | successful-recon-limited | URL | |||
| 5942 | SPYWARE-PUT Trackware supreme toolbar runtime detection - pass information to its controlling server (more info ...) | successful-recon-limited | URL | |||
| 5943 | SPYWARE-PUT Trackware supreme toolbar runtime detection - third party information collection (more info ...) | successful-recon-limited | URL | |||
| 5944 | SPYWARE-PUT Adware free access bar runtime detection 1 (more info ...) | misc-activity | URL | |||
| 5946 | SPYWARE-PUT Adware weirdontheweb runtime detection - monitor user web activity (more info ...) | misc-activity | URL | |||
| 5947 | SPYWARE-PUT Adware weirdontheweb runtime detection - log url (more info ...) | misc-activity | URL | |||
| 5948 | SPYWARE-PUT Adware weirdontheweb runtime detection - update notifier (more info ...) | misc-activity | URL | |||
| 5949 | SPYWARE-PUT Trackware iggsey toolbar detection - simpleticker.htm request (more info ...) | successful-recon-limited | URL | |||
| 5950 | SPYWARE-PUT Trackware iggsey toolbar detection - pass information to server (more info ...) | successful-recon-limited | URL | |||
| 5951 | SPYWARE-PUT Trackware iggsey toolbar detection - search request (more info ...) | successful-recon-limited | URL | |||
| 5952 | SPYWARE-PUT Hijacker 123mania runtime detection - autosearch hijacking (more info ...) | misc-activity | URL | |||
| 5953 | SPYWARE-PUT Hijacker 123mania runtime detection - sidesearch hijacking (more info ...) | misc-activity | URL | |||
| 5954 | SPYWARE-PUT Trackware browserpal runtime detection - post user info to server (more info ...) | successful-recon-limited | URL | |||
| 5955 | SPYWARE-PUT Trackware browserpal runtime detection - adblocker function (more info ...) | successful-recon-limited | URL | |||
| 5956 | SPYWARE-PUT Hacker-Tool ghostvoice 1.02 icq notification of server installation (more info ...) | misc-activity | URL | |||
| 5957 | SPYWARE-PUT Hacker-Tool ghostvoice 1.02 runtime detection (more info ...) | misc-activity | ||||
| 5960 | SPYWARE-PUT Hijacker raxsearch detection - pop-up raxsearch window (more info ...) | misc-activity | URL | |||
| 5961 | SPYWARE-PUT Hijacker searchfast detection - news ticker (more info ...) | misc-activity | URL | |||
| 5963 | SPYWARE-PUT Hijacker searchfast detection - search request (more info ...) | misc-activity | URL | |||
| 5964 | SPYWARE-PUT Hijacker searchfast detection - track user activity & get 'relates links' of the toolbar (more info ...) | misc-activity | URL | |||
| 5965 | SPYWARE-PUT Hijacker searchfast detection - get toolbar cfg (more info ...) | misc-activity | URL | |||
| 5966 | SPYWARE-PUT trackware searchinweb detection - search request (more info ...) | successful-recon-limited | URL | |||
| 5967 | SPYWARE-PUT trackware searchinweb detection - click result links (more info ...) | successful-recon-limited | URL | |||
| 5968 | SPYWARE-PUT trackware searchinweb detection - redirect (more info ...) | successful-recon-limited | URL | |||
| 5969 | SPYWARE-PUT trackware searchinweb detection - collect information (more info ...) | successful-recon-limited | URL | |||
| 5970 | SPYWARE-PUT hijacker smart finder detection - keys update (more info ...) | misc-activity | URL | |||
| 5971 | SPYWARE-PUT hijacker smart finder detection - track hits (more info ...) | misc-activity | URL | |||
| 5972 | SPYWARE-PUT hijacker smart finder detection - ie autosearch hijack 1 (more info ...) | misc-activity | URL | |||
| 5973 | SPYWARE-PUT hijacker smart finder detection - search engines hijack (more info ...) | misc-activity | URL | |||
| 5974 | SPYWARE-PUT hijacker smart finder detection - pop-up ads (more info ...) | misc-activity | URL | |||
| 5975 | SPYWARE-PUT hijacker topfive searchassistant detection - search request (more info ...) | misc-activity | URL | |||
| 5976 | SPYWARE-PUT hijacker topfive searchassistant detection - side search (more info ...) | misc-activity | URL | |||
| 5977 | SPYWARE-PUT hijacker topfive searchassistant detection - post user information to server (more info ...) | misc-activity | URL | |||
| 5978 | SPYWARE-PUT hijacker topfive searchassistant detection - update (more info ...) | misc-activity | URL | |||
| 5979 | SPYWARE-PUT Trackware anwb toolbar runtime detection - track user ip address (more info ...) | successful-recon-limited | URL | |||
| 5980 | SPYWARE-PUT Trackware anwb toolbar runtime detection - display advertisement (more info ...) | successful-recon-limited | URL | |||
| 5981 | SPYWARE-PUT Hijacker seeqtoolbar runtime detection - autosearch hijack or search in toolbar (more info ...) | misc-activity | URL | |||
| 5982 | SPYWARE-PUT Hijacker seeqtoolbar runtime detection - email login page (more info ...) | misc-activity | URL | |||
| 5983 | SPYWARE-PUT Adware powerstrip runtime detection (more info ...) | misc-activity | URL | |||
| 5984 | SPYWARE-PUT Trackware push toolbar installtime detection - user information collect (more info ...) | successful-recon-limited | URL | |||
| 5985 | SPYWARE-PUT Trackware push toolbar runtime detection - toolbar information request (more info ...) | successful-recon-limited | URL | |||
| 5986 | SPYWARE-PUT Trickler teomasearchbar runtime detection (more info ...) | misc-activity | URL | |||
| 5987 | SPYWARE-PUT Hijacker wishbone runtime detection (more info ...) | misc-activity | URL | |||
| 5988 | SPYWARE-PUT Trackware windupdates-mediagateway runtime detection - post data (more info ...) | successful-recon-limited | URL | |||
| 5989 | SPYWARE-PUT Adware broadcastpc runtime detection - get config (more info ...) | misc-activity | URL | |||
| 5990 | SPYWARE-PUT Adware broadcastpc runtime detection - get up-to-date movie/tv/ad information (more info ...) | misc-activity | URL | |||
| 5991 | SPYWARE-PUT Hijacker getmirar runtime detection - search request (more info ...) | misc-activity | URL | |||
| 5993 | SPYWARE-PUT Hijacker getmirar runtime detection - track activity (more info ...) | misc-activity | URL | |||
| 5994 | SPYWARE-PUT Hijacker getmirar runtime detection - click related button (more info ...) | misc-activity | URL | |||
| 5995 | SPYWARE-PUT Adware offeragent runtime detection - information checking (more info ...) | misc-activity | URL | |||
| 5996 | SPYWARE-PUT Adware offeragent runtime detection - ads request (more info ...) | misc-activity | URL | |||
| 6012 | BACKDOOR coolcat runtime connection detection - tcp 1 (more info ...) | trojan-activity | URL | |||
| 6013 | BACKDOOR coolcat runtime connection detection - tcp 2 (more info ...) | trojan-activity | URL | |||
| 6015 | BACKDOOR dsk lite 1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6016 | BACKDOOR dsk lite 1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6018 | BACKDOOR dsk lite 1.0 runtime detection - icq notification (more info ...) | trojan-activity | URL | |||
| 6021 | BACKDOOR silent spy 2.10 command response port 4225 (more info ...) | trojan-activity | URL | |||
| 6022 | BACKDOOR silent spy 2.10 command response port 4226 (more info ...) | trojan-activity | URL | |||
| 6023 | BACKDOOR silent spy 2.10 runtime detection - icq notification (more info ...) | trojan-activity | URL | |||
| 6024 | BACKDOOR nuclear rat v6_21 runtime detection (more info ...) | trojan-activity | URL | |||
| 6026 | BACKDOOR dimbus 1.0 runtime detection - get pc info (more info ...) | trojan-activity | URL | |||
| 6028 | BACKDOOR cyberpaky runtime detection (more info ...) | trojan-activity | URL | |||
| 6029 | BACKDOOR fkwp 2.0 runtime detection - icq notification (more info ...) | trojan-activity | URL | |||
| 6035 | BACKDOOR minicommand runtime detection - initial connection server-to-client (more info ...) | trojan-activity | URL | |||
| 6037 | BACKDOOR netbus 1.7 runtime detection - email notification (more info ...) | trojan-activity | URL | |||
| 6039 | BACKDOOR fade 1.0 runtime detection - notification (more info ...) | trojan-activity | URL | |||
| 6040 | BACKDOOR fade 1.0 runtime detection - enable keylogger (more info ...) | trojan-activity | URL | |||
| 6044 | BACKDOOR fear 0.2 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6045 | BACKDOOR fear 0.2 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6046 | BACKDOOR fear 0.2 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6047 | BACKDOOR fun factory runtime detection - connect (more info ...) | trojan-activity | URL | |||
| 6048 | BACKDOOR fun factory runtime detection - connect (more info ...) | trojan-activity | URL | |||
| 6049 | BACKDOOR fun factory runtime detection - upload (more info ...) | trojan-activity | URL | |||
| 6050 | BACKDOOR fun factory runtime detection - upload (more info ...) | trojan-activity | URL | |||
| 6051 | BACKDOOR fun factory runtime detection - set volume (more info ...) | trojan-activity | URL | |||
| 6052 | BACKDOOR fun factory runtime detection - set volume (more info ...) | trojan-activity | URL | |||
| 6053 | BACKDOOR fun factory runtime detection - do script remotely (more info ...) | trojan-activity | URL | |||
| 6054 | BACKDOOR fun factory runtime detection - do script remotely (more info ...) | trojan-activity | URL | |||
| 6055 | BACKDOOR bifrose 1.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 6056 | BACKDOOR bifrose 1.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 6058 | BACKDOOR neurotickat1.3 runtime detection - icq notification (more info ...) | trojan-activity | URL | |||
| 6060 | BACKDOOR neurotickat1.3 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6061 | BACKDOOR neurotickat1.3 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6062 | BACKDOOR neurotickat1.3 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6063 | BACKDOOR schwindler 1.82 runtime detection (more info ...) | trojan-activity | URL | |||
| 6064 | BACKDOOR schwindler 1.82 runtime detection (more info ...) | trojan-activity | URL | |||
| 6066 | BACKDOOR optixlite 1.0 runtime detection - connection success server-to-client (more info ...) | trojan-activity | URL | |||
| 6069 | BACKDOOR optixlite 1.0 runtime detection - icq notification (more info ...) | trojan-activity | URL | |||
| 6070 | BACKDOOR freak 1.0 runtime detection - irc notification (more info ...) | trojan-activity | URL | |||
| 6071 | BACKDOOR freak 1.0 runtime detection - icq notification (more info ...) | trojan-activity | URL | |||
| 6073 | BACKDOOR freak 1.0 runtime detection - initial connection server-to-client (more info ...) | trojan-activity | URL | |||
| 6074 | BACKDOOR xhx 1.6 runtime detection - initial connection client-to-server (more info ...) | trojan-activity | URL | |||
| 6075 | BACKDOOR xhx 1.6 runtime detection - initial connection server-to-client (more info ...) | trojan-activity | URL | |||
| 6076 | BACKDOOR amiboide uploader runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 6077 | BACKDOOR autospy runtime detection - get information (more info ...) | trojan-activity | ||||
| 6078 | BACKDOOR autospy runtime detection - get information (more info ...) | trojan-activity | URL | |||
| 6079 | BACKDOOR autospy runtime detection - show autospy (more info ...) | trojan-activity | ||||
| 6080 | BACKDOOR autospy runtime detection - show autospy (more info ...) | trojan-activity | URL | |||
| 6081 | BACKDOOR autospy runtime detection - show nude pic (more info ...) | trojan-activity | ||||
| 6082 | BACKDOOR autospy runtime detection - show nude pic (more info ...) | trojan-activity | URL | |||
| 6083 | BACKDOOR autospy runtime detection - hide taskbar (more info ...) | trojan-activity | ||||
| 6084 | BACKDOOR autospy runtime detection - hide taskbar (more info ...) | trojan-activity | URL | |||
| 6085 | BACKDOOR autospy runtime detection - make directory (more info ...) | trojan-activity | ||||
| 6086 | BACKDOOR autospy runtime detection - make directory (more info ...) | trojan-activity | URL | |||
| 6087 | BACKDOOR a trojan 2.0 runtime detection (more info ...) | trojan-activity | ||||
| 6088 | BACKDOOR a trojan 2.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 6089 | BACKDOOR a trojan 2.0 runtime detection (more info ...) | trojan-activity | ||||
| 6090 | BACKDOOR a trojan 2.0 runtime detection - get memory info (more info ...) | trojan-activity | URL | |||
| 6091 | BACKDOOR a trojan 2.0 runtime detection (more info ...) | trojan-activity | ||||
| 6092 | BACKDOOR a trojan 2.0 runtime detection - get harddisk info (more info ...) | trojan-activity | URL | |||
| 6093 | BACKDOOR a trojan 2.0 runtime detection (more info ...) | trojan-activity | ||||
| 6094 | BACKDOOR a trojan 2.0 runtime detection - get drive info (more info ...) | trojan-activity | URL | |||
| 6095 | BACKDOOR a trojan 2.0 runtime detection (more info ...) | trojan-activity | ||||
| 6096 | BACKDOOR a trojan 2.0 runtime detection - get system info (more info ...) | trojan-activity | URL | |||
| 6097 | BACKDOOR alvgus 2000 runtime detection (more info ...) | trojan-activity | ||||
| 6098 | BACKDOOR alvgus 2000 runtime detection - check server (more info ...) | trojan-activity | URL | |||
| 6099 | BACKDOOR alvgus 2000 runtime detection (more info ...) | trojan-activity | ||||
| 6100 | BACKDOOR alvgus 2000 runtime detection - view content of directory (more info ...) | trojan-activity | URL | |||
| 6101 | BACKDOOR alvgus 2000 runtime detection (more info ...) | trojan-activity | ||||
| 6102 | BACKDOOR alvgus 2000 runtime detection - execute command (more info ...) | trojan-activity | URL | |||
| 6103 | BACKDOOR alvgus 2000 runtime detection (more info ...) | trojan-activity | ||||
| 6104 | BACKDOOR alvgus 2000 runtime detection - upload file (more info ...) | trojan-activity | URL | |||
| 6105 | BACKDOOR alvgus 2000 runtime detection (more info ...) | trojan-activity | ||||
| 6106 | BACKDOOR alvgus 2000 runtime detection - download file (more info ...) | trojan-activity | URL | |||
| 6107 | BACKDOOR backage 3.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 6108 | BACKDOOR dagger v1.1.40 runtime detection (more info ...) | trojan-activity | URL | |||
| 6109 | BACKDOOR dagger v1.1.40 runtime detection (more info ...) | trojan-activity | URL | |||
| 6110 | BACKDOOR forced entry v1.1 beta runtime detection (more info ...) | trojan-activity | URL | |||
| 6111 | BACKDOOR optix 1.32 runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 6112 | BACKDOOR optix 1.32 runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 6113 | BACKDOOR optix 1.32 runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 6114 | BACKDOOR optix 1.32 runtime detection - email notification (more info ...) | trojan-activity | URL | |||
| 6115 | BACKDOOR optix 1.32 runtime detection - icq notification (more info ...) | trojan-activity | URL | |||
| 6116 | BACKDOOR fore v1.0 beta runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 6117 | BACKDOOR fore v1.0 beta runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 6118 | BACKDOOR net runner runtime detection - initial connection client-to-server (more info ...) | trojan-activity | URL | |||
| 6119 | BACKDOOR net runner runtime detection - initial connection server-to-client (more info ...) | trojan-activity | URL | |||
| 6120 | BACKDOOR net runner runtime detection - download file client-to-server (more info ...) | trojan-activity | URL | |||
| 6121 | BACKDOOR net runner runtime detection - download file server-to-client (more info ...) | trojan-activity | URL | |||
| 6122 | BACKDOOR millenium v1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6123 | BACKDOOR ambush 1.0 runtime detection - ping client-to-server (more info ...) | trojan-activity | URL | |||
| 6124 | BACKDOOR ambush 1.0 runtime detection - ping server-to-client (more info ...) | trojan-activity | URL | |||
| 6127 | BACKDOOR dkangel runtime detection - udp client-to-server (more info ...) | trojan-activity | URL | |||
| 6129 | BACKDOOR chupacabra 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 6130 | BACKDOOR chupacabra 1.0 runtime detection - get computer name (more info ...) | trojan-activity | URL | |||
| 6131 | BACKDOOR chupacabra 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 6132 | BACKDOOR chupacabra 1.0 runtime detection - get user name (more info ...) | trojan-activity | URL | |||
| 6133 | BACKDOOR chupacabra 1.0 runtime detection - send messages (more info ...) | trojan-activity | URL | |||
| 6134 | BACKDOOR chupacabra 1.0 runtime detection - delete file (more info ...) | trojan-activity | URL | |||
| 6136 | BACKDOOR clindestine 1.0 runtime detection - capture big screen (more info ...) | trojan-activity | URL | |||
| 6137 | BACKDOOR clindestine 1.0 runtime detection - capture small screen (more info ...) | trojan-activity | URL | |||
| 6138 | BACKDOOR clindestine 1.0 runtime detection - get computer info (more info ...) | trojan-activity | URL | |||
| 6139 | BACKDOOR clindestine 1.0 runtime detection - get system directory (more info ...) | trojan-activity | URL | |||
| 6143 | BACKDOOR dark connection inside v1.2 runtime detection (more info ...) | trojan-activity | URL | |||
| 6144 | BACKDOOR mantis runtime detection - sent notify option client-to-server 1 (more info ...) | trojan-activity | URL | |||
| 6145 | BACKDOOR mantis runtime detection - sent notify option server-to-client (more info ...) | trojan-activity | URL | |||
| 6146 | BACKDOOR mantis runtime detection - sent notify option client-to-server 2 (more info ...) | trojan-activity | URL | |||
| 6147 | BACKDOOR mantis runtime detection - go to address client-to-server (more info ...) | trojan-activity | URL | |||
| 6148 | BACKDOOR mantis runtime detection - go to address server-to-client (more info ...) | trojan-activity | URL | |||
| 6149 | BACKDOOR netcontrol v1.0.8 runtime detection (more info ...) | trojan-activity | URL | |||
| 6150 | BACKDOOR netcontrol v1.0.8 runtime detection (more info ...) | trojan-activity | URL | |||
| 6151 | BACKDOOR back attack v1.4 runtime detection (more info ...) | trojan-activity | URL | |||
| 6152 | BACKDOOR dirtxt runtime detection - chdir client-to-server (more info ...) | trojan-activity | URL | |||
| 6153 | BACKDOOR dirtxt runtime detection - chdir server-to-client (more info ...) | trojan-activity | URL | |||
| 6154 | BACKDOOR dirtxt runtime detection - info client-to-server (more info ...) | trojan-activity | URL | |||
| 6155 | BACKDOOR dirtxt runtime detection - info server-to-client (more info ...) | trojan-activity | URL | |||
| 6156 | BACKDOOR dirtxt runtime detection - view client-to-server (more info ...) | trojan-activity | URL | |||
| 6157 | BACKDOOR dirtxt runtime detection - view server-to-client (more info ...) | trojan-activity | URL | |||
| 6159 | BACKDOOR delirium of disorder runtime detection - enable keylogger (more info ...) | trojan-activity | URL | |||
| 6160 | BACKDOOR delirium of disorder runtime detection - stop keylogger (more info ...) | trojan-activity | URL | |||
| 6161 | BACKDOOR furax 1.0 b2 runtime detection (more info ...) | trojan-activity | URL | |||
| 6164 | BACKDOOR psyrat 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6165 | BACKDOOR psyrat 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6166 | BACKDOOR unicorn runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6167 | BACKDOOR unicorn runtime detection - set wallpaper client-to-server (more info ...) | trojan-activity | URL | |||
| 6168 | BACKDOOR unicorn runtime detection - set wallpaper server-to-client (more info ...) | trojan-activity | URL | |||
| 6169 | BACKDOOR digital rootbeer runtime detection (more info ...) | trojan-activity | URL | |||
| 6170 | BACKDOOR digital rootbeer runtime detection (more info ...) | trojan-activity | URL | |||
| 6171 | BACKDOOR cookie monster 0.24 runtime detection (more info ...) | trojan-activity | ||||
| 6172 | BACKDOOR cookie monster 0.24 runtime detection - get version info (more info ...) | trojan-activity | URL | |||
| 6173 | BACKDOOR cookie monster 0.24 runtime detection (more info ...) | trojan-activity | ||||
| 6174 | BACKDOOR cookie monster 0.24 runtime detection - file explorer (more info ...) | trojan-activity | URL | |||
| 6175 | BACKDOOR cookie monster 0.24 runtime detection - kill kernel (more info ...) | trojan-activity | URL | |||
| 6176 | BACKDOOR guptachar 2.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6177 | BACKDOOR ultimate destruction runtime detection - kill process client-to-server (more info ...) | trojan-activity | URL | |||
| 6178 | BACKDOOR ultimate destruction runtime detection - kill windows client-to-server (more info ...) | trojan-activity | URL | |||
| 6179 | BACKDOOR bladerunner 0.80 runtime detection (more info ...) | trojan-activity | URL | |||
| 6180 | BACKDOOR netraider 0.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6181 | BACKDOOR netraider 0.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6183 | SPYWARE-PUT Adware 180Search assistant runtime detection - tracked event URL (more info ...) | misc-activity | URL | |||
| 6184 | SPYWARE-PUT Adware 180Search assistant runtime detection - config upload (more info ...) | misc-activity | URL | |||
| 6186 | SPYWARE-PUT Other-Technologies SpywareStrike Runtime Detection (more info ...) | misc-activity | URL | |||
| 6187 | SPYWARE-PUT Adware ISTBar runtime detection - scripts (more info ...) | misc-activity | URL | |||
| 6188 | SPYWARE-PUT Adware ISTBar runtime detection - bar (more info ...) | misc-activity | URL | |||
| 6189 | SPYWARE-PUT Trackware try2find detection (more info ...) | successful-recon-limited | URL | |||
| 6190 | SPYWARE-PUT Keylogger eblaster 5.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6191 | SPYWARE-PUT Trackware onetoolbar runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6193 | SPYWARE-PUT Adware seekmo runtime detection - pop up ads (more info ...) | misc-activity | URL | |||
| 6194 | SPYWARE-PUT Adware seekmo runtime detection - config upload (more info ...) | misc-activity | URL | |||
| 6195 | SPYWARE-PUT Adware seekmo runtime detection - download .cab (more info ...) | misc-activity | URL | |||
| 6196 | SPYWARE-PUT Hijacker smart shopper runtime detection - services requests (more info ...) | misc-activity | URL | |||
| 6197 | SPYWARE-PUT Hijacker smart shopper runtime detection - track/upgrade/report activities (more info ...) | misc-activity | URL | |||
| 6198 | SPYWARE-PUT Trackware squaretrade side bar runtime detection - collect user information (more info ...) | successful-recon-limited | URL | |||
| 6199 | SPYWARE-PUT Hijacker smart search runtime detection - hijack/ads (more info ...) | misc-activity | URL | |||
| 6200 | SPYWARE-PUT Hijacker smart search runtime detection - get settings (more info ...) | misc-activity | URL | |||
| 6201 | SPYWARE-PUT Adware twaintec runtime detection (more info ...) | misc-activity | URL | |||
| 6202 | SPYWARE-PUT Trickler farmmext installtime/update request (more info ...) | misc-activity | URL | |||
| 6203 | SPYWARE-PUT Trickler farmmext runtime detection - drk.syn request (more info ...) | misc-activity | URL | |||
| 6204 | SPYWARE-PUT Trickler farmmext runtime detection - track activity (more info ...) | misc-activity | URL | |||
| 6205 | SPYWARE-PUT Hacker-Tool freak 88 das runtime detection (more info ...) | misc-activity | URL | |||
| 6206 | SPYWARE-PUT Hacker-Tool sin stealer 1.1 runtime detection (more info ...) | misc-activity | URL | |||
| 6209 | SPYWARE-PUT Adware deskwizz/zquest runtime detection - get config information / ad banner (more info ...) | misc-activity | URL | |||
| 6211 | SPYWARE-PUT Adware deskwizz runtime detection - pop-up ad request (more info ...) | misc-activity | URL | |||
| 6212 | SPYWARE-PUT Adware commonname runtime detection (more info ...) | misc-activity | URL | |||
| 6213 | SPYWARE-PUT Hijacker 7fasst runtime detection - auto requests (more info ...) | misc-activity | URL | |||
| 6214 | SPYWARE-PUT Hijacker 7fasst runtime detection - search (more info ...) | misc-activity | URL | |||
| 6215 | SPYWARE-PUT Hijacker 7fasst runtime detection - track (more info ...) | misc-activity | URL | |||
| 6216 | SPYWARE-PUT Adware aornum/iwon copilot runtime detection - config (more info ...) | misc-activity | URL | |||
| 6218 | SPYWARE-PUT Adware aornum/iwon copilot runtime detection - ads (more info ...) | misc-activity | URL | |||
| 6219 | SPYWARE-PUT Adware bonzibuddy runtime detection (more info ...) | misc-activity | URL | |||
| 6220 | SPYWARE-PUT Keylogger boss everyware runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6221 | SPYWARE-PUT Keylogger computerspy runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6222 | SPYWARE-PUT Adware delfin media viewer runtime detection - contact server (more info ...) | misc-activity | URL | |||
| 6223 | SPYWARE-PUT Adware delfin media viewer runtime detection - retrieve schedule (more info ...) | misc-activity | URL | |||
| 6224 | SPYWARE-PUT Hijacker ieplugin runtime detection - search (more info ...) | misc-activity | URL | |||
| 6230 | SPYWARE-PUT Hijacker i-lookup runtime detection (more info ...) | misc-activity | URL | |||
| 6232 | SPYWARE-PUT Adware mirar runtime detection - thumbnail (more info ...) | misc-activity | URL | |||
| 6233 | SPYWARE-PUT Adware mirar runtime detection - delayed (more info ...) | misc-activity | URL | |||
| 6234 | SPYWARE-PUT Adware mirar runtime detection - ads (more info ...) | misc-activity | URL | |||
| 6236 | SPYWARE-PUT Adware lop runtime detection - pass info to server (more info ...) | misc-activity | URL | |||
| 6237 | SPYWARE-PUT Adware lop runtime detection - check update request (more info ...) | misc-activity | URL | |||
| 6238 | SPYWARE-PUT Adware lop runtime detection - collect info request 1 (more info ...) | misc-activity | URL | |||
| 6239 | SPYWARE-PUT Adware lop runtime detection - collect info request 2 (more info ...) | misc-activity | URL | |||
| 6240 | SPYWARE-PUT Adware lop runtime detection - pop up ads (more info ...) | misc-activity | URL | |||
| 6241 | SPYWARE-PUT Adware lop runtime detection - ie autosearch hijack (more info ...) | misc-activity | URL | |||
| 6242 | SPYWARE-PUT Hijacker coolwebsearch.cameup runtime detection (more info ...) | misc-activity | URL | |||
| 6243 | SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - home page hijack (more info ...) | misc-activity | URL | |||
| 6244 | SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - ie auto search hijack (more info ...) | misc-activity | URL | |||
| 6245 | SPYWARE-PUT Hijacker coolwebsearch startpage runtime detection (more info ...) | misc-activity | URL | |||
| 6246 | SPYWARE-PUT Hijacker exact navisearch runtime detection - search hijack (more info ...) | misc-activity | URL | |||
| 6247 | SPYWARE-PUT Adware ezula toptext runtime detection - help redirect (more info ...) | misc-activity | URL | |||
| 6248 | SPYWARE-PUT Adware ezula toptext runtime detection - popup (more info ...) | misc-activity | URL | |||
| 6249 | SPYWARE-PUT Adware ezula toptext runtime detection - redirect (more info ...) | misc-activity | URL | |||
| 6250 | SPYWARE-PUT Adware hotbar runtime detection - hotbar user-agent (more info ...) | misc-activity | URL | |||
| 6251 | SPYWARE-PUT Adware hotbar runtime detection - hostie user-agent (more info ...) | misc-activity | URL | |||
| 6252 | SPYWARE-PUT Trackware quicksearch toolbar runtime detection - search request (more info ...) | successful-recon-limited | URL | |||
| 6253 | SPYWARE-PUT Trackware quicksearch toolbar runtime detection - log user ativity (more info ...) | successful-recon-limited | URL | |||
| 6254 | SPYWARE-PUT Trackware quicksearch toolbar runtime detection - redirect (more info ...) | successful-recon-limited | URL | |||
| 6255 | SPYWARE-PUT Trackware quicksearch toolbar runtime detection - update (more info ...) | successful-recon-limited | URL | |||
| 6256 | SPYWARE-PUT Adware searchsquire installtime/auto-update (more info ...) | misc-activity | URL | |||
| 6257 | SPYWARE-PUT Adware searchsquire runtime detection - testgeonew query (more info ...) | misc-activity | URL | |||
| 6258 | SPYWARE-PUT Adware searchsquire runtime detection - get engine file (more info ...) | misc-activity | URL | |||
| 6259 | SPYWARE-PUT Adware searchsquire runtime detection - search forward (more info ...) | misc-activity | URL | |||
| 6260 | SPYWARE-PUT Adware overpro runtime detection (more info ...) | misc-activity | URL | |||
| 6261 | SPYWARE-PUT Trickler slinkyslate toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 6263 | SPYWARE-PUT Hijacker gigatech superbar runtime detection - collect information (more info ...) | misc-activity | URL | |||
| 6264 | SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - movie (more info ...) | misc-activity | URL | |||
| 6265 | SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - engine (more info ...) | misc-activity | URL | |||
| 6266 | SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - check update (more info ...) | misc-activity | URL | |||
| 6267 | SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - get update (more info ...) | misc-activity | URL | |||
| 6268 | SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - download exe (more info ...) | misc-activity | URL | |||
| 6269 | SPYWARE-PUT Hijacker gigatech superbar runtime detection - track event (more info ...) | misc-activity | URL | |||
| 6270 | SPYWARE-PUT Hijacker topicks runtime detection (more info ...) | misc-activity | URL | |||
| 6271 | SPYWARE-PUT Trickler bundleware runtime detection (more info ...) | misc-activity | URL | |||
| 6274 | SPYWARE-PUT Trickler clickalchemy runtime detection (more info ...) | misc-activity | URL | |||
| 6275 | SPYWARE-PUT Hijacker incredifind runtime detection - cookie (more info ...) | misc-activity | URL | |||
| 6279 | SPYWARE-PUT Hijacker sidefind runtime detection (more info ...) | misc-activity | URL | |||
| 6280 | SPYWARE-PUT Hijacker sidefind runtime detection - cookie (more info ...) | misc-activity | URL | |||
| 6281 | SPYWARE-PUT Hijacker yoursitebar runtime detection (more info ...) | misc-activity | URL | |||
| 6282 | SPYWARE-PUT Hijacker customtoolbar runtime detection (more info ...) | misc-activity | URL | |||
| 6283 | SPYWARE-PUT Hijacker websearch runtime detection - sitereview (more info ...) | misc-activity | URL | |||
| 6284 | SPYWARE-PUT Hijacker websearch runtime detection - webstat (more info ...) | misc-activity | URL | |||
| 6285 | BACKDOOR antilamer 1.1 runtime detection - set flowbit (more info ...) | trojan-activity | URL | |||
| 6286 | BACKDOOR antilamer 1.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 6287 | BACKDOOR fictional daemon 4.4 runtime detection - telent (more info ...) | trojan-activity | URL | |||
| 6289 | BACKDOOR netspy runtime detection - command pattern client-to-server (more info ...) | trojan-activity | URL | |||
| 6290 | BACKDOOR netspy runtime detection - command pattern server-to-client (more info ...) | trojan-activity | URL | |||
| 6291 | BACKDOOR justjoke v2.6 runtime detection (more info ...) | trojan-activity | URL | |||
| 6292 | BACKDOOR joker ddos v1.0.1 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6293 | BACKDOOR joker ddos v1.0.1 runtime detection - bomb - initial flowbit (more info ...) | trojan-activity | URL | |||
| 6294 | BACKDOOR joker ddos v1.0.1 runtime detection - bomb - second flowbit (more info ...) | trojan-activity | URL | |||
| 6295 | BACKDOOR joker ddos v1.0.1 runtime detection - bomb (more info ...) | trojan-activity | URL | |||
| 6296 | BACKDOOR insurrection 1.1.0 runtime detection - icq notification 1 (more info ...) | trojan-activity | URL | |||
| 6297 | BACKDOOR insurrection 1.1.0 runtime detection - icq notification 2 (more info ...) | trojan-activity | URL | |||
| 6298 | BACKDOOR insurrection 1.1.0 runtime detection - reverse connection (more info ...) | trojan-activity | URL | |||
| 6299 | BACKDOOR insurrection 1.1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6300 | BACKDOOR cia 1.3 runtime detection - icq notification (more info ...) | trojan-activity | URL | |||
| 6302 | BACKDOOR cia runtime detection - initial connection - set flowbit (more info ...) | trojan-activity | URL | |||
| 6303 | BACKDOOR cia runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6304 | BACKDOOR softwar shadowthief runtime detection - initial connection - set flowbit (more info ...) | trojan-activity | URL | |||
| 6305 | BACKDOOR softwar shadowthief runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6306 | BACKDOOR shit heep runtime detection (more info ...) | trojan-activity | URL | |||
| 6307 | BACKDOOR lamespy runtime detection - initial connection - set flowbit (more info ...) | trojan-activity | URL | |||
| 6308 | BACKDOOR lamespy runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6312 | BACKDOOR net demon runtime detection - message send (more info ...) | trojan-activity | URL | |||
| 6313 | BACKDOOR net demon runtime detection - message response (more info ...) | trojan-activity | URL | |||
| 6314 | BACKDOOR net demon runtime detection - open browser request (more info ...) | trojan-activity | URL | |||
| 6315 | BACKDOOR net demon runtime detection - open browser response (more info ...) | trojan-activity | URL | |||
| 6316 | BACKDOOR net demon runtime detection - file manager request (more info ...) | trojan-activity | URL | |||
| 6317 | BACKDOOR net demon runtime detection - file manager response (more info ...) | trojan-activity | URL | |||
| 6318 | BACKDOOR rtb666 runtime detection (more info ...) | trojan-activity | URL | |||
| 6320 | BACKDOOR ptakks2.1 runtime detection - keepalive (more info ...) | trojan-activity | URL | |||
| 6321 | BACKDOOR ptakks2.1 runtime detection - keepalive acknowledgement (more info ...) | trojan-activity | URL | |||
| 6322 | BACKDOOR ptakks2.1 runtime detection - command pattern (more info ...) | trojan-activity | URL | |||
| 6323 | BACKDOOR 3xBackdoor runtime detection - set flowbit (more info ...) | trojan-activity | URL | |||
| 6324 | BACKDOOR 3xBackdoor runtime detection (more info ...) | trojan-activity | URL | |||
| 6325 | BACKDOOR fucktrojan 1.2 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6326 | BACKDOOR fucktrojan 1.2 runtime detection - flood (more info ...) | trojan-activity | ||||
| 6327 | BACKDOOR fucktrojan 1.2 runtime detection - flood (more info ...) | trojan-activity | URL | |||
| 6328 | BACKDOOR commando runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6329 | BACKDOOR commando runtime detection - chat client-to-server (more info ...) | trojan-activity | URL | |||
| 6330 | BACKDOOR commando runtime detection - chat server-to-client (more info ...) | trojan-activity | URL | |||
| 6331 | BACKDOOR globalkiller1.0 runtime detection - notification (more info ...) | trojan-activity | URL | |||
| 6332 | BACKDOOR globalkiller1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6333 | BACKDOOR wincrash 2.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6334 | BACKDOOR backlash runtime detection (more info ...) | trojan-activity | URL | |||
| 6335 | BACKDOOR buttman v0.9p runtime detection - remote control - set flowbit (more info ...) | trojan-activity | URL | |||
| 6336 | BACKDOOR buttman v0.9p runtime detection - remote control (more info ...) | trojan-activity | URL | |||
| 6337 | BACKDOOR hatredfriend file manage command - set flowbit (more info ...) | trojan-activity | URL | |||
| 6338 | BACKDOOR hatredfriend file manage command (more info ...) | trojan-activity | URL | |||
| 6339 | BACKDOOR hatredfriend email notification detection (more info ...) | trojan-activity | URL | |||
| 6340 | SPYWARE-PUT Keylogger handy keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6341 | SPYWARE-PUT Hijacker spediabar user-agent string detected (more info ...) | misc-activity | URL | |||
| 6342 | SPYWARE-PUT Hijacker spediabar runtime detection - info check (more info ...) | misc-activity | URL | |||
| 6343 | SPYWARE-PUT Adware targetsaver runtime detection (more info ...) | misc-activity | URL | |||
| 6344 | SPYWARE-PUT Adware excite search bar runtime detection - config (more info ...) | misc-activity | URL | |||
| 6345 | SPYWARE-PUT Adware excite search bar runtime detection - search (more info ...) | misc-activity | URL | |||
| 6346 | SPYWARE-PUT Adware stationripper update detection (more info ...) | misc-activity | URL | |||
| 6347 | SPYWARE-PUT Adware stationripper ad display detection (more info ...) | misc-activity | URL | |||
| 6348 | SPYWARE-PUT Snoopware zenosearch runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6349 | SPYWARE-PUT Hijacker richfind update detection (more info ...) | misc-activity | URL | |||
| 6350 | SPYWARE-PUT Hijacker richfind auto search redirect detection (more info ...) | misc-activity | URL | |||
| 6351 | SPYWARE-PUT Hijacker adblock update detection (more info ...) | misc-activity | URL | |||
| 6352 | SPYWARE-PUT Hijacker adblock auto search redirect detection (more info ...) | misc-activity | URL | |||
| 6353 | SPYWARE-PUT Hijacker adblock ie search assistant redirect detection (more info ...) | misc-activity | URL | |||
| 6354 | SPYWARE-PUT Trickler wsearch runtime detection - auto update (more info ...) | misc-activity | URL | |||
| 6355 | SPYWARE-PUT Trickler wsearch runtime detection - mp3 search (more info ...) | misc-activity | URL | |||
| 6356 | SPYWARE-PUT Trickler wsearch runtime detection - desktop search (more info ...) | misc-activity | URL | |||
| 6357 | SPYWARE-PUT Hijacker need2find initial configuration detection (more info ...) | misc-activity | URL | |||
| 6358 | SPYWARE-PUT Hijacker need2find search query detection (more info ...) | misc-activity | URL | |||
| 6359 | SPYWARE-PUT Adware altnet runtime detection - initial retrieval (more info ...) | misc-activity | URL | |||
| 6360 | SPYWARE-PUT Adware altnet runtime detection - update (more info ...) | misc-activity | URL | |||
| 6361 | SPYWARE-PUT Adware altnet runtime detection - status report (more info ...) | misc-activity | URL | |||
| 6362 | SPYWARE-PUT Hijacker microgaming runtime detection (more info ...) | misc-activity | URL | |||
| 6363 | SPYWARE-PUT adware surfaccuracy runtime detection (more info ...) | misc-activity | URL | |||
| 6364 | SPYWARE-PUT Hijacker imeshbar runtime detection (more info ...) | misc-activity | URL | |||
| 6365 | SPYWARE-PUT Other-Technologies sony rootkit runtime detection (more info ...) | misc-activity | URL | |||
| 6366 | SPYWARE-PUT Trickler eacceleration downloadreceiver user-agent string detected (more info ...) | misc-activity | URL | |||
| 6367 | SPYWARE-PUT Trickler eacceleration downloadreceiver runtime detection - stop-sign ads (more info ...) | misc-activity | URL | |||
| 6372 | SPYWARE-PUT Trickler spyblocs eblocs detection - get wsliveup.dat (more info ...) | misc-activity | URL | |||
| 6373 | SPYWARE-PUT Trickler spyblocs eblocs detection - stbarpat.dat (more info ...) | misc-activity | URL | |||
| 6374 | SPYWARE-PUT Trickler spyblocs eblocs detection - get spyblpat.dat/spyblini.ini (more info ...) | misc-activity | URL | |||
| 6375 | SPYWARE-PUT Trickler spyblocs.eblocs detection - register request (more info ...) | misc-activity | URL | |||
| 6376 | SPYWARE-PUT Hijacker girafa toolbar - toolbar update (more info ...) | misc-activity | URL | |||
| 6377 | SPYWARE-PUT Hijacker girafa toolbar - browser hijack (more info ...) | misc-activity | URL | |||
| 6378 | SPYWARE-PUT Hijacker adbars runtime detection - homepage hijack (more info ...) | misc-activity | URL | |||
| 6379 | SPYWARE-PUT Hijacker adbars runtime detection - search in toolbar (more info ...) | misc-activity | URL | |||
| 6380 | SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - toolbar information retrieve (more info ...) | misc-activity | URL | |||
| 6381 | SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - search in toolbar (more info ...) | misc-activity | URL | |||
| 6382 | SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - url hook (more info ...) | misc-activity | URL | |||
| 6383 | SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - tcp connection setup (more info ...) | successful-recon-limited | URL | |||
| 6385 | SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - agent status monitoring (more info ...) | successful-recon-limited | URL | |||
| 6386 | SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - agent up notification (more info ...) | successful-recon-limited | URL | |||
| 6387 | SPYWARE-PUT Hijacker internet optimizer runtime detection - autosearch hijack (more info ...) | misc-activity | URL | |||
| 6388 | SPYWARE-PUT Hijacker internet optimizer runtime detection - error page hijack (more info ...) | misc-activity | URL | |||
| 6389 | SPYWARE-PUT Adware esyndicate runtime detection - postinstall request (more info ...) | misc-activity | URL | |||
| 6390 | SPYWARE-PUT Adware esyndicate runtime detection - ads popup (more info ...) | misc-activity | ||||
| 6391 | SPYWARE-PUT Adware esyndicate runtime detection - ads popup (more info ...) | misc-activity | URL | |||
| 6392 | SPYWARE-PUT Hijacker zeropopup runtime detection (more info ...) | misc-activity | URL | |||
| 6394 | SPYWARE-PUT Hijacker adstart runtime detection (more info ...) | misc-activity | URL | |||
| 6395 | BACKDOOR a-311 death runtime detection - initial connection server-to-client (more info ...) | trojan-activity | URL | |||
| 6396 | BACKDOOR a-311 death user-agent string detected (more info ...) | trojan-activity | URL | |||
| 6398 | BACKDOOR http rat runtime detection - http (more info ...) | trojan-activity | URL | |||
| 6399 | BACKDOOR rad 1.2.3 runtime detection (more info ...) | trojan-activity | URL | |||
| 6400 | BACKDOOR snowdoor runtime detection client-to-server (more info ...) | trojan-activity | URL | |||
| 6401 | BACKDOOR snowdoor runtime detection server-to-client (more info ...) | trojan-activity | URL | |||
| 6402 | BACKDOOR netangel connection client-to-server (more info ...) | trojan-activity | URL | |||
| 6469 | EXPLOIT RealVNC connection attempt (more info ...) | protocol-command-decode | ||||
| 6470 | EXPLOIT RealVNC authentication types without None type sent attempt (more info ...) | protocol-command-decode | ||||
| 6472 | BACKDOOR bugs runtime detection - file manager client-to-server (more info ...) | trojan-activity | URL | |||
| 6473 | BACKDOOR bugs runtime detection - file manager server-to-client (more info ...) | trojan-activity | URL | |||
| 6474 | BACKDOOR w32.loosky.gen@mm runtime detection - notification (more info ...) | trojan-activity | URL | |||
| 6475 | BACKDOOR badrat 1.1 runtime detection - flowbit set (more info ...) | trojan-activity | URL | |||
| 6476 | BACKDOOR badrat 1.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 6478 | SPYWARE-PUT Trackware searchingall toolbar runtime detection - send user url request (more info ...) | successful-recon-limited | URL | |||
| 6479 | SPYWARE-PUT Snoopware totalvelocity zsearch runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6480 | SPYWARE-PUT Hijacker cws.cameup runtime detection - home page (more info ...) | misc-activity | URL | |||
| 6481 | SPYWARE-PUT Hijacker cws.cameup runtime detection - search (more info ...) | misc-activity | URL | |||
| 6482 | SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - get info (more info ...) | misc-activity | URL | |||
| 6483 | SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - home page hijacker (more info ...) | misc-activity | URL | |||
| 6484 | SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - search (more info ...) | misc-activity | URL | |||
| 6487 | SPYWARE-PUT Adware searchnugget toolbar runtime detection - check updates (more info ...) | misc-activity | URL | |||
| 6488 | SPYWARE-PUT Adware searchnugget toolbar runtime detection - redirect mistyped urls (more info ...) | misc-activity | URL | |||
| 6489 | SPYWARE-PUT Hijacker analyze IE runtime detection - default page hijacker (more info ...) | misc-activity | URL | |||
| 6490 | SPYWARE-PUT Dialer yeaknet runtime detection - home page hijacker (more info ...) | misc-activity | URL | |||
| 6491 | SPYWARE-PUT Dialer yeaknet runtime detection - post-installation (more info ...) | misc-activity | URL | |||
| 6492 | SPYWARE-PUT Trickler Backdoor-BAC.gen.e runtime detection - notification (more info ...) | misc-activity | URL | |||
| 6493 | SPYWARE-PUT Trickler Backdoor-BAC.gen.e runtime detection - post data (more info ...) | misc-activity | URL | |||
| 6494 | SPYWARE-PUT Adware yourenhancement runtime detection (more info ...) | misc-activity | URL | |||
| 6495 | SPYWARE-PUT Hijacker troj_spywad.x runtime detection (more info ...) | misc-activity | URL | |||
| 6496 | SPYWARE-PUT Adware adpowerzone runtime detection (more info ...) | misc-activity | URL | |||
| 6497 | BACKDOOR exploiter 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6498 | BACKDOOR exploiter 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6499 | BACKDOOR omerta 1.3 runtime detection (more info ...) | trojan-activity | URL | |||
| 6688 | WEB-CLIENT PNG file transfer (more info ...) | protocol-command-decode | ||||
| 6691 | WEB-CLIENT Malformed PNG detected sBIT overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 6693 | WEB-CLIENT Malformed PNG detected bKGD overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 6694 | WEB-CLIENT Malformed PNG detected hIST overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 6695 | WEB-CLIENT Malformed PNG detected tRNS overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 6696 | WEB-CLIENT Malformed PNG detected pHYs overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 6698 | WEB-CLIENT Malformed PNG detected tIME overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 7022 | WEB-CLIENT windows explorer invalid url file overflow attempt (more info ...) | denial-of-service | 2006-3351 | 18838 | ||
| 7049 | SPYWARE-PUT Hijacker extreme biz runtime detection - uniq1 (more info ...) | misc-activity | URL | |||
| 7050 | SPYWARE-PUT Hijacker freecruise toolbar runtime detection (more info ...) | misc-activity | ||||
| 7051 | SPYWARE-PUT Trickler generic downloader.g runtime detection - spyware injection (more info ...) | misc-activity | URL | |||
| 7052 | SPYWARE-PUT Trickler generic downloader.g runtime detection - adv (more info ...) | misc-activity | URL | |||
| 7053 | SPYWARE-PUT Adware webredir runtime detection (more info ...) | misc-activity | URL | |||
| 7054 | SPYWARE-PUT Trickler download arq variant runtime detection (more info ...) | misc-activity | URL | |||
| 7055 | SPYWARE-PUT Hijacker vip01 biz runtime detection - adv (more info ...) | misc-activity | URL | |||
| 7057 | BACKDOOR charon runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7058 | BACKDOOR charon runtime detection - download file flowbit 1 (more info ...) | trojan-activity | URL | |||
| 7059 | BACKDOOR charon runtime detection - download file/log flowbit 2 (more info ...) | trojan-activity | URL | |||
| 7060 | BACKDOOR charon runtime detection - download file/log (more info ...) | trojan-activity | URL | |||
| 7061 | BACKDOOR charon runtime detection - download log flowbit 1 (more info ...) | trojan-activity | URL | |||
| 7064 | BACKDOOR cybernetic 1.62 runtime detection - email notification (more info ...) | trojan-activity | URL | |||
| 7065 | BACKDOOR cybernetic 1.62 runtime detection - reverse connection flowbit 1 (more info ...) | trojan-activity | URL | |||
| 7066 | BACKDOOR cybernetic 1.62 runtime detection - reverse connection flowbit 1 (more info ...) | trojan-activity | URL | |||
| 7067 | BACKDOOR cybernetic 1.62 runtime detection - reverse connection (more info ...) | trojan-activity | URL | |||
| 7068 | BACKDOOR delta source 0.5 beta runtime detection - ping (more info ...) | trojan-activity | URL | |||
| 7069 | BACKDOOR delta source 0.5 beta runtime detection - pc info (more info ...) | trojan-activity | URL | |||
| 7072 | BACKDOOR fraggle rock 2.0 lite runtime detection - pc info (more info ...) | trojan-activity | URL | |||
| 7073 | BACKDOOR w32.dumaru.gen@mm runtime detection - notification (more info ...) | trojan-activity | URL | |||
| 7074 | BACKDOOR w32.dumaru.gen@mm runtime detection - cmd (more info ...) | trojan-activity | URL | |||
| 7075 | BACKDOOR bandook 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 7077 | BACKDOOR minimo v0.6 runtime detection - icq notification (more info ...) | trojan-activity | ||||
| 7078 | BACKDOOR up and run v1.0 beta runtime detection flowbit 1 (more info ...) | trojan-activity | URL | |||
| 7079 | BACKDOOR up and run v1.0 beta runtime detection flowbit 2 (more info ...) | trojan-activity | URL | |||
| 7080 | BACKDOOR up and run v1.0 beta runtime detection flowbit 3 (more info ...) | trojan-activity | URL | |||
| 7081 | BACKDOOR up and run v1.0 beta runtime detection (more info ...) | trojan-activity | URL | |||
| 7082 | BACKDOOR mosucker3.0 runtime detection - client-to-server (more info ...) | trojan-activity | URL | |||
| 7084 | BACKDOOR erazer v1.1 runtime detection - sin notification (more info ...) | trojan-activity | URL | |||
| 7085 | BACKDOOR erazer v1.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 7086 | BACKDOOR erazer v1.1 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 7091 | BACKDOOR serveme runtime detection (more info ...) | trojan-activity | URL | |||
| 7096 | BACKDOOR remote hack 1.5 runtime detection - logon (more info ...) | trojan-activity | URL | |||
| 7097 | BACKDOOR remote hack 1.5 runtime detection - execute file (more info ...) | trojan-activity | URL | |||
| 7099 | BACKDOOR remote hack 1.5 runtime detection - start keylogger (more info ...) | trojan-activity | URL | |||
| 7101 | BACKDOOR gwboy 0.92 runtime detection (more info ...) | trojan-activity | URL | |||
| 7103 | BACKDOOR gwboy 0.92 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 7104 | BACKDOOR aol admin runtime detection (more info ...) | trojan-activity | URL | |||
| 7105 | BACKDOOR aol admin runtime detection (more info ...) | trojan-activity | URL | |||
| 7106 | BACKDOOR girlfriend runtime detection (more info ...) | trojan-activity | URL | |||
| 7108 | BACKDOOR undetected runtime detection (more info ...) | trojan-activity | URL | |||
| 7111 | BACKDOOR fearless lite 1.01 runtime detection (more info ...) | trojan-activity | URL | |||
| 7112 | BACKDOOR fearless lite 1.01 runtime detection (more info ...) | trojan-activity | URL | |||
| 7113 | BACKDOOR donalddick v1.5b3 runtime detection (more info ...) | trojan-activity | URL | |||
| 7114 | BACKDOOR donalddick v1.5b3 runtime detection (more info ...) | trojan-activity | URL | |||
| 7115 | BACKDOOR ghost 2.3 runtime detection (more info ...) | trojan-activity | URL | |||
| 7116 | BACKDOOR y3k 1.2 runtime detection - icq notification (more info ...) | trojan-activity | URL | |||
| 7118 | BACKDOOR y3k 1.2 runtime detection - user-agent string detected (more info ...) | trojan-activity | URL | |||
| 7119 | BACKDOOR y3k 1.2 runtime detection (more info ...) | trojan-activity | URL | |||
| 7120 | BACKDOOR y3k 1.2 runtime detection - init connection 1 (more info ...) | trojan-activity | URL | |||
| 7121 | BACKDOOR y3k 1.2 runtime detection (more info ...) | trojan-activity | URL | |||
| 7122 | BACKDOOR y3k 1.2 runtime detection - init connection 2 (more info ...) | trojan-activity | URL | |||
| 7123 | SPYWARE-PUT Other-Technologies alfacleaner runtime detection - update (more info ...) | misc-activity | URL | |||
| 7124 | SPYWARE-PUT Other-Technologies alfacleaner runtime detection - buy (more info ...) | misc-activity | URL | |||
| 7125 | SPYWARE-PUT Hijacker traffbest biz runtime detection - adv (more info ...) | misc-activity | URL | |||
| 7126 | SPYWARE-PUT Hijacker trojan proxy atiup runtime detection - notification (more info ...) | misc-activity | URL | |||
| 7127 | SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - tracking (more info ...) | misc-activity | URL | |||
| 7128 | SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 1 (more info ...) | misc-activity | URL | |||
| 7129 | SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 2 (more info ...) | misc-activity | URL | |||
| 7130 | SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - search assissant hijacking (more info ...) | misc-activity | URL | |||
| 7135 | SPYWARE-PUT Hijacker dsrch runtime detection - config info retrieval (more info ...) | misc-activity | URL | |||
| 7136 | SPYWARE-PUT Hijacker dsrch runtime detection - search assistant redirect (more info ...) | misc-activity | URL | |||
| 7137 | SPYWARE-PUT Hijacker dsrch runtime detection - side search redirect (more info ...) | misc-activity | URL | |||
| 7138 | SPYWARE-PUT Other-Technologies clicktrojan runtime detection - version check (more info ...) | misc-activity | URL | |||
| 7139 | SPYWARE-PUT Other-Technologies clicktrojan runtime detection - fake search query (more info ...) | misc-activity | URL | |||
| 7140 | SPYWARE-PUT Adware pay-per-click runtime detection - configuration (more info ...) | misc-activity | URL | |||
| 7141 | SPYWARE-PUT Adware pay-per-click runtime detection - update (more info ...) | misc-activity | URL | |||
| 7143 | SPYWARE-PUT Adware digink.com runtime detection (more info ...) | misc-activity | URL | |||
| 7144 | SPYWARE-PUT Hijacker cool search runtime detection (more info ...) | misc-activity | URL | |||
| 7145 | SPYWARE-PUT Other-Technologies spam maxy runtime detection (more info ...) | misc-activity | URL | |||
| 7146 | SPYWARE-PUT Hacker-Tool sars notifier runtime detection - sin notification (more info ...) | misc-activity | URL | |||
| 7147 | SPYWARE-PUT Hacker-Tool sars notifier runtime detection - icq notification (more info ...) | misc-activity | URL | |||
| 7150 | SPYWARE-PUT Hacker-Tool sars notifier runtime detection - irc notification (more info ...) | misc-activity | URL | |||
| 7151 | SPYWARE-PUT Hacker-Tool sars notifier runtime detection - net send notification (more info ...) | misc-activity | URL | |||
| 7152 | SPYWARE-PUT Hijacker cnsmin 3721 runtime detection - installation (more info ...) | misc-activity | URL | |||
| 7153 | SPYWARE-PUT Hijacker cnsmin 3721 runtime detection - hijacking (more info ...) | misc-activity | URL | |||
| 7154 | SPYWARE-PUT Keylogger active keylogger home runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7155 | SPYWARE-PUT Trickler jubster runtime detection (more info ...) | misc-activity | URL | |||
| 7156 | SPYWARE-PUT Keylogger win-spy runtime detection - email delivery (more info ...) | successful-recon-limited | URL | |||
| 7157 | SPYWARE-PUT Keylogger win-spy runtime detection - remote conn client-to-server (more info ...) | successful-recon-limited | URL | |||
| 7158 | SPYWARE-PUT Keylogger win-spy runtime detection - remote conn server-to-client (more info ...) | successful-recon-limited | URL | |||
| 7159 | SPYWARE-PUT Keylogger win-spy runtime detection - upload file client-to-server (more info ...) | successful-recon-limited | URL | |||
| 7160 | SPYWARE-PUT Keylogger win-spy runtime detection - upload file server-to-client (more info ...) | successful-recon-limited | URL | |||
| 7161 | SPYWARE-PUT Keylogger win-spy runtime detection - download file client-to-server (more info ...) | successful-recon-limited | URL | |||
| 7162 | SPYWARE-PUT Keylogger win-spy runtime detection - download file server-to-client (more info ...) | successful-recon-limited | URL | |||
| 7163 | SPYWARE-PUT Keylogger win-spy runtime detection - execute file client-to-server (more info ...) | successful-recon-limited | URL | |||
| 7164 | SPYWARE-PUT Keylogger win-spy runtime detection - execute file server-to-client (more info ...) | successful-recon-limited | URL | |||
| 7175 | SPYWARE-PUT Keylogger ab system spy runtime detection - log retrieve (more info ...) | successful-recon-limited | URL | |||
| 7176 | SPYWARE-PUT Keylogger ab system spy runtime detection - log retrieve (more info ...) | successful-recon-limited | URL | |||
| 7177 | SPYWARE-PUT Keylogger ab system spy runtime detection - info send through email (more info ...) | successful-recon-limited | URL | |||
| 7178 | SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - init connection (more info ...) | successful-recon-limited | ||||
| 7179 | SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - init connection (more info ...) | successful-recon-limited | ||||
| 7180 | SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - init connection (more info ...) | successful-recon-limited | URL | |||
| 7183 | SPYWARE-PUT Snoopware barok runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7186 | SPYWARE-PUT Keylogger kgb Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7187 | SPYWARE-PUT Trackware shopathome user-agent detected (more info ...) | successful-recon-limited | URL | |||
| 7188 | SPYWARE-PUT Hijacker shop at home select - merchant redirect in progress (more info ...) | successful-recon-limited | URL | |||
| 7189 | SPYWARE-PUT Trackware shopathome runtime detection - setcookie request (more info ...) | successful-recon-limited | URL | |||
| 7190 | SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - host retrieval (more info ...) | misc-activity | URL | |||
| 7191 | SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - url retrieval (more info ...) | misc-activity | URL | |||
| 7192 | SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - sponsor selection (more info ...) | misc-activity | URL | |||
| 7193 | SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - startup access (more info ...) | misc-activity | URL | |||
| 7194 | SPYWARE-PUT Hijacker shopprreports runtime detection - services requests (more info ...) | misc-activity | URL | |||
| 7195 | SPYWARE-PUT Hijacker shopprreports runtime detection - track/upgrade/report activities (more info ...) | misc-activity | URL | |||
| 7506 | SPYWARE-PUT Hacker-Tool coma runtime detection - init connection - flowbit set (more info ...) | misc-activity | ||||
| 7507 | SPYWARE-PUT Hacker-Tool coma runtime detection - init connection (more info ...) | misc-activity | URL | |||
| 7508 | SPYWARE-PUT Hacker-Tool coma runtime detection - ping - flowbit set (more info ...) | misc-activity | ||||
| 7509 | SPYWARE-PUT Hacker-Tool coma runtime detection - ping (more info ...) | misc-activity | URL | |||
| 7510 | SPYWARE-PUT Trickler edonkey2000 runtime detection - version verification (more info ...) | misc-activity | URL | |||
| 7511 | SPYWARE-PUT Trickler edonkey2000 runtime detection - get ads page (more info ...) | misc-activity | URL | |||
| 7512 | SPYWARE-PUT Keylogger watchdog runtime detection - init connection - flowbit set (more info ...) | successful-recon-limited | URL | |||
| 7513 | SPYWARE-PUT Keylogger watchdog runtime detection - init connection (more info ...) | successful-recon-limited | URL | |||
| 7514 | SPYWARE-PUT Keylogger watchdog runtime detection - send out info to server periodically (more info ...) | successful-recon-limited | URL | |||
| 7515 | SPYWARE-PUT Keylogger watchdog runtime detection - remote monitoring (more info ...) | successful-recon-limited | URL | |||
| 7516 | SPYWARE-PUT Trickler hmtoolbar runtime detection (more info ...) | misc-activity | URL | |||
| 7518 | SPYWARE-PUT Trackware earthlink toolbar runtime detection - get up-to-date news info (more info ...) | successful-recon-limited | URL | |||
| 7519 | SPYWARE-PUT Trackware earthlink toolbar runtime detection - track activity (more info ...) | successful-recon-limited | URL | |||
| 7520 | SPYWARE-PUT Trackware earthlink toolbar runtime detection - ie autosearch hijack (more info ...) | successful-recon-limited | URL | |||
| 7521 | SPYWARE-PUT Trackware earthlink toolbar runtime detection - search toolbar request 1 (more info ...) | successful-recon-limited | URL | |||
| 7522 | SPYWARE-PUT Trackware earthlink toolbar runtime detection - search toolbar request 2 (more info ...) | successful-recon-limited | URL | |||
| 7523 | SPYWARE-PUT Trackware earthlink toolbar runtime detection - click news button links (more info ...) | successful-recon-limited | URL | |||
| 7525 | SPYWARE-PUT Trackware hotblox toolbar runtime detection - barad.asp request (more info ...) | successful-recon-limited | URL | |||
| 7526 | SPYWARE-PUT Trackware hotblox toolbar runtime detection - stat counter (more info ...) | successful-recon-limited | URL | |||
| 7527 | SPYWARE-PUT Trackware hotblox toolbar runtime detection - toolbar find function (more info ...) | successful-recon-limited | URL | |||
| 7528 | SPYWARE-PUT Trackware hotblox toolbar runtime detection - ie autosearch hijack (more info ...) | successful-recon-limited | URL | |||
| 7529 | SPYWARE-PUT Snoopware halflife jacker runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7530 | SPYWARE-PUT Trickler mediaseek.pl client runtime detection - trickler (more info ...) | misc-activity | URL | |||
| 7531 | SPYWARE-PUT Trickler mediaseek.pl client runtime detection - login (more info ...) | misc-activity | URL | |||
| 7532 | SPYWARE-PUT Adware piolet runtime detection - user-agent (more info ...) | misc-activity | URL | |||
| 7533 | SPYWARE-PUT Adware piolet runtime detection - ads request (more info ...) | misc-activity | URL | |||
| 7534 | SPYWARE-PUT Hijacker clearsearch variant runtime detection - ie hijacking (more info ...) | misc-activity | URL | |||
| 7535 | SPYWARE-PUT Hijacker clearsearch variant runtime detection - pass information (more info ...) | misc-activity | URL | |||
| 7536 | SPYWARE-PUT Hijacker clearsearch variant runtime detection - popup (more info ...) | misc-activity | URL | |||
| 7537 | SPYWARE-PUT Trackware arrow search runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7539 | SPYWARE-PUT Keylogger eye spy pro 1.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7541 | SPYWARE-PUT Keylogger starlogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7542 | SPYWARE-PUT Hacker-Tool mini oblivion runtime detection - successful init connection (more info ...) | misc-activity | URL | |||
| 7543 | SPYWARE-PUT Hijacker 2020search runtime detection (more info ...) | misc-activity | URL | |||
| 7544 | SPYWARE-PUT Keylogger PerfectKeylogger runtime detection - flowbit set 1 (more info ...) | successful-recon-limited | URL | |||
| 7545 | SPYWARE-PUT Keylogger PerfectKeylogger runtime detection - flowbit set 2 (more info ...) | successful-recon-limited | URL | |||
| 7546 | SPYWARE-PUT Keylogger PerfectKeylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7547 | SPYWARE-PUT Keylogger activity monitor 3.8 runtime detection - agent status monitoring (more info ...) | successful-recon-limited | URL | |||
| 7548 | SPYWARE-PUT Keylogger activity monitor 3.8 runtime detection - agent up notification (more info ...) | successful-recon-limited | URL | |||
| 7549 | SPYWARE-PUT Keylogger activity monitor 3.8 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7550 | SPYWARE-PUT Adware adroar runtime detection (more info ...) | misc-activity | URL | |||
| 7553 | SPYWARE-PUT Adware hxdl runtime detection - hxlogonly user-agent (more info ...) | misc-activity | URL | |||
| 7554 | SPYWARE-PUT Adware hxdl runtime detection - hxdownload user-agent (more info ...) | misc-activity | URL | |||
| 7556 | SPYWARE-PUT Hijacker blazefind runtime detection - search bar (more info ...) | misc-activity | URL | |||
| 7557 | SPYWARE-PUT Trackware purityscan runtime detection - start up (more info ...) | successful-recon-limited | URL | |||
| 7558 | SPYWARE-PUT Trackware purityscan runtime detection - installation notify (more info ...) | successful-recon-limited | URL | |||
| 7559 | SPYWARE-PUT Trackware purityscan runtime detection - track user activity and status (more info ...) | successful-recon-limited | URL | |||
| 7560 | SPYWARE-PUT Trackware purityscan runtime detection - self update (more info ...) | successful-recon-limited | URL | |||
| 7561 | SPYWARE-PUT Trackware purityscan runtime detection - opt out of interstitial advertising (more info ...) | successful-recon-limited | URL | |||
| 7562 | SPYWARE-PUT Adware morpheus runtime detection - ad 1 (more info ...) | misc-activity | URL | |||
| 7563 | SPYWARE-PUT Adware morpheus runtime detection - ad 2 (more info ...) | misc-activity | URL | |||
| 7564 | SPYWARE-PUT Hijacker startnow runtime detection (more info ...) | misc-activity | URL | |||
| 7565 | SPYWARE-PUT Hijacker adshooter.searchforit runtime detection - search engine (more info ...) | misc-activity | URL | |||
| 7566 | SPYWARE-PUT Hijacker adshooter.searchforit runtime detection - redirector (more info ...) | misc-activity | URL | |||
| 7568 | SPYWARE-PUT Trackware webhancer runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7569 | SPYWARE-PUT Adware lordofsearch runtime detection (more info ...) | misc-activity | URL | |||
| 7570 | SPYWARE-PUT Hijacker linkspider search bar runtime detection - ads (more info ...) | misc-activity | URL | |||
| 7571 | SPYWARE-PUT Hijacker linkspider search bar runtime detection - toolbar search (more info ...) | misc-activity | URL | |||
| 7572 | SPYWARE-PUT Trickler album galaxy runtime detection - startup data (more info ...) | misc-activity | URL | |||
| 7573 | SPYWARE-PUT Trickler album galaxy runtime detection - p2p gnutella (more info ...) | misc-activity | URL | |||
| 7574 | SPYWARE-PUT Keylogger proagent 2.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7575 | SPYWARE-PUT Hijacker starware toolbar runtime detection - weather request (more info ...) | misc-activity | URL | |||
| 7576 | SPYWARE-PUT Hijacker starware toolbar runtime detection - hijack ie browser (more info ...) | misc-activity | URL | |||
| 7577 | SPYWARE-PUT Hijacker starware toolbar runtime detection - collect information (more info ...) | misc-activity | URL | |||
| 7578 | SPYWARE-PUT Hijacker starware toolbar runtime detection - reference (more info ...) | misc-activity | URL | |||
| 7579 | SPYWARE-PUT Hijacker starware toolbar runtime detection - smileys (more info ...) | misc-activity | URL | |||
| 7580 | SPYWARE-PUT Hijacker starware toolbar runtime detection - update (more info ...) | misc-activity | URL | |||
| 7582 | SPYWARE-PUT Trickler pcast runtime detection - update checking (more info ...) | misc-activity | URL | |||
| 7583 | SPYWARE-PUT Hacker-Tool clandestine runtime detection - flowbit set big (more info ...) | misc-activity | URL | |||
| 7584 | SPYWARE-PUT Hacker-Tool clandestine runtime detection - flowbit set open (more info ...) | misc-activity | URL | |||
| 7585 | SPYWARE-PUT Hacker-Tool clandestine runtime detection - flowbit set image (more info ...) | misc-activity | URL | |||
| 7586 | SPYWARE-PUT Hacker-Tool clandestine runtime detection - image transferred (more info ...) | misc-activity | URL | |||
| 7587 | SPYWARE-PUT Trickler urlblaze runtime detection - software information request (more info ...) | misc-activity | URL | |||
| 7588 | SPYWARE-PUT Trickler urlblaze runtime detection - files search or download (more info ...) | misc-activity | URL | |||
| 7589 | SPYWARE-PUT Trickler urlblaze runtime detection - irc notification (more info ...) | misc-activity | URL | |||
| 7590 | SPYWARE-PUT Hijacker swbar runtime detection (more info ...) | misc-activity | URL | |||
| 7591 | SPYWARE-PUT Keylogger keylogger pro runtime detection - flowbit set (more info ...) | successful-recon-limited | ||||
| 7592 | SPYWARE-PUT Keylogger keylogger pro runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7593 | SPYWARE-PUT Trackware trellian toolbarbrowser runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7594 | SPYWARE-PUT Adware comedy planet runtime detection - ads (more info ...) | misc-activity | URL | |||
| 7595 | SPYWARE-PUT Adware comedy planet runtime detection - collect user information (more info ...) | misc-activity | URL | |||
| 7596 | SPYWARE-PUT Keylogger spy lantern keylogger runtime detection - flowbit set (more info ...) | successful-recon-limited | URL | |||
| 7597 | SPYWARE-PUT Keylogger spy lantern keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7598 | SPYWARE-PUT Snoopware 2-seek runtime detection - search in toolbar (more info ...) | successful-recon-limited | URL | |||
| 7599 | SPYWARE-PUT Snoopware 2-seek runtime detection - user info collection (more info ...) | successful-recon-limited | URL | |||
| 7600 | SPYWARE-PUT Hijacker adtraffic runtime detection - notfound website search hijack and redirection (more info ...) | misc-activity | URL | |||
| 7601 | SPYWARE-PUT Snoopware big brother v3.5.1 runtime detection - connect to keyserver (more info ...) | successful-recon-limited | URL | |||
| 7602 | SPYWARE-PUT Snoopware big brother v3.5.1 runtime detection - connect to receiver - flowbit set (more info ...) | successful-recon-limited | URL | |||
| 7603 | SPYWARE-PUT Snoopware big brother v3.5.1 runtime detection - connect to receiver (more info ...) | successful-recon-limited | URL | |||
| 7604 | BACKDOOR katux 2.0 runtime detection - screen capture - flowbit set (more info ...) | trojan-activity | ||||
| 7605 | BACKDOOR katux 2.0 runtime detection - screen capture (more info ...) | trojan-activity | URL | |||
| 7606 | BACKDOOR katux 2.0 runtime detection - get system info - flowbit set (more info ...) | trojan-activity | ||||
| 7607 | BACKDOOR katux 2.0 runtime detection - get system info (more info ...) | trojan-activity | URL | |||
| 7608 | BACKDOOR katux 2.0 runtime detection - chat - flowbit set (more info ...) | trojan-activity | ||||
| 7609 | BACKDOOR katux 2.0 runtime detection - chat (more info ...) | trojan-activity | URL | |||
| 7620 | BACKDOOR remote control 1.7 runtime detection - connection request flowbit 1 (more info ...) | trojan-activity | ||||
| 7621 | BACKDOOR remote control 1.7 runtime detection - connection request - flowbit 2 (more info ...) | trojan-activity | ||||
| 7622 | BACKDOOR remote control 1.7 runtime detection - connection request - flowbit 3 (more info ...) | trojan-activity | ||||
| 7623 | BACKDOOR remote control 1.7 runtime detection - connection request (more info ...) | trojan-activity | URL | |||
| 7624 | BACKDOOR remote control 1.7 runtime detection - data communication (more info ...) | trojan-activity | URL | |||
| 7625 | BACKDOOR skyrat show runtime detection - initial connection - flowbit 1 (more info ...) | trojan-activity | ||||
| 7626 | BACKDOOR skyrat show runtime detection - initial connection - flowbit 2 (more info ...) | trojan-activity | ||||
| 7627 | BACKDOOR skyrat show runtime detection - initial connection - flowbit 3 (more info ...) | trojan-activity | ||||
| 7628 | BACKDOOR skyrat show runtime detection - initial connection - flowbit 4 (more info ...) | trojan-activity | ||||
| 7629 | BACKDOOR skyrat show runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7630 | BACKDOOR helios 3.1 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7631 | BACKDOOR hornet 1.0 runtime detection - fetch system info - flowbit set (more info ...) | trojan-activity | URL | |||
| 7632 | BACKDOOR hornet 1.0 runtime detection - fetch system info (more info ...) | trojan-activity | URL | |||
| 7633 | BACKDOOR hornet 1.0 runtime detection - irc connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7634 | BACKDOOR hornet 1.0 runtime detection - irc connection (more info ...) | trojan-activity | URL | |||
| 7635 | BACKDOOR hornet 1.0 runtime detection - fetch process list - flowbit set (more info ...) | trojan-activity | URL | |||
| 7636 | BACKDOOR hornet 1.0 runtime detection - fetch processes list (more info ...) | trojan-activity | URL | |||
| 7637 | BACKDOOR hornet 1.0 runtime detection - icq notification (more info ...) | trojan-activity | URL | |||
| 7638 | BACKDOOR ncph runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7640 | BACKDOOR air runtime detection - webmail notification (more info ...) | trojan-activity | URL | |||
| 7641 | BACKDOOR am remote client runtime detection - client-to-server (more info ...) | trojan-activity | URL | |||
| 7642 | BACKDOOR am remote client runtime detection - server-to-client (more info ...) | trojan-activity | URL | |||
| 7644 | BACKDOOR ullysse runtime detection - client-to-server (more info ...) | trojan-activity | URL | |||
| 7645 | BACKDOOR snipernet 2.1 runtime detection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7646 | BACKDOOR snipernet 2.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 7648 | BACKDOOR minicom lite runtime detection - client-to-server (more info ...) | trojan-activity | URL | |||
| 7650 | BACKDOOR small uploader 1.01 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | ||||
| 7658 | BACKDOOR jodeitor 1.1 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7659 | BACKDOOR lan filtrator 1.1 runtime detection - sin notification (more info ...) | trojan-activity | URL | |||
| 7660 | BACKDOOR lan filtrator 1.1 runtime detection - initial connection request - flowbit set (more info ...) | trojan-activity | ||||
| 7661 | BACKDOOR lan filtrator 1.1 runtime detection - initial connection request (more info ...) | trojan-activity | URL | |||
| 7662 | BACKDOOR snid x2 v1.2 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | ||||
| 7663 | BACKDOOR snid x2 v1.2 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7664 | BACKDOOR screen control 1.0 runtime detection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7665 | BACKDOOR screen control 1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7667 | BACKDOOR screen control 1.0 runtime detection - capture on port 2208 (more info ...) | trojan-activity | URL | |||
| 7668 | BACKDOOR screen control 1.0 runtime detection - capture on port 2213 - flowbit set (more info ...) | trojan-activity | URL | |||
| 7669 | BACKDOOR screen control 1.0 runtime detection - capture on port 2213 (more info ...) | trojan-activity | URL | |||
| 7670 | BACKDOOR digital upload runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7671 | BACKDOOR digital upload runtime detection - chat (more info ...) | trojan-activity | URL | |||
| 7672 | BACKDOOR remoter runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7673 | BACKDOOR remote havoc runtime detection - flowbit set 1 (more info ...) | trojan-activity | URL | |||
| 7674 | BACKDOOR remote havoc runtime detection - flowbit set 2 (more info ...) | trojan-activity | URL | |||
| 7675 | BACKDOOR remote havoc runtime detection (more info ...) | trojan-activity | URL | |||
| 7676 | BACKDOOR cool remote control or crackdown runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7677 | BACKDOOR cool remote control or crackdown runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7678 | BACKDOOR cool remote control 1.12 runtime detection - upload file - flowbit set (more info ...) | trojan-activity | URL | |||
| 7679 | BACKDOOR cool remote control 1.12 runtime detection - upload file (more info ...) | trojan-activity | URL | |||
| 7680 | BACKDOOR cool remote control 1.12 runtime detection - download file - flowbit set (more info ...) | trojan-activity | URL | |||
| 7681 | BACKDOOR cool remote control 1.12 runtime detection - download file (more info ...) | trojan-activity | URL | |||
| 7682 | BACKDOOR acid head 1.00 runtime detection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7683 | BACKDOOR acid head 1.00 runtime detection (more info ...) | trojan-activity | URL | |||
| 7684 | BACKDOOR hrat 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 7685 | BACKDOOR illusion runtime detection - get remote info client-to-server (more info ...) | trojan-activity | URL | |||
| 7686 | BACKDOOR illusion runtime detection - get remote info server-to-client (more info ...) | trojan-activity | URL | |||
| 7687 | BACKDOOR illusion runtime detection - file browser client-to-server (more info ...) | trojan-activity | URL | |||
| 7688 | BACKDOOR illusion runtime detection - file browser server-to-client (more info ...) | trojan-activity | URL | |||
| 7689 | BACKDOOR evade runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7690 | BACKDOOR evade runtime detection - file manager - flowbit set (more info ...) | trojan-activity | URL | |||
| 7691 | BACKDOOR evade runtime detection - file manager (more info ...) | trojan-activity | URL | |||
| 7692 | BACKDOOR exception 1.0 runtime detection - notification (more info ...) | trojan-activity | URL | |||
| 7695 | BACKDOOR hanky panky 1.1 runtime detection - initial connection - flowbit set 1 (more info ...) | trojan-activity | URL | |||
| 7696 | BACKDOOR hanky panky 1.1 runtime detection - initial connection - flowbit set 2 (more info ...) | trojan-activity | URL | |||
| 7698 | BACKDOOR brain wiper runtime detection - launch application - flowbit set (more info ...) | trojan-activity | URL | |||
| 7699 | BACKDOOR brain wiper runtime detection - launch application (more info ...) | trojan-activity | URL | |||
| 7700 | BACKDOOR brain wiper runtime detection - chat - flowbit set (more info ...) | trojan-activity | URL | |||
| 7701 | BACKDOOR brain wiper runtime detection - chat (more info ...) | trojan-activity | URL | |||
| 7702 | BACKDOOR roach 1.0 runtime detection - remote control actions - flowbit set (more info ...) | trojan-activity | ||||
| 7703 | BACKDOOR roach 1.0 runtime detection - remote control actions (more info ...) | trojan-activity | URL | |||
| 7704 | BACKDOOR roach 1.0 server installation notification - email (more info ...) | trojan-activity | URL | |||
| 7705 | BACKDOOR omniquad instant remote control runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | ||||
| 7706 | BACKDOOR omniquad instant remote control runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7707 | BACKDOOR omniquad instant remote control runtime detection - file transfer setup (more info ...) | trojan-activity | URL | |||
| 7708 | BACKDOOR fear1.5/aciddrop1.0 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7709 | BACKDOOR fear1.5/aciddrop1.0 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7710 | BACKDOOR fear1.5/aciddrop1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7711 | BACKDOOR amitis runtime command detection attacker to victim (more info ...) | trojan-activity | URL | |||
| 7712 | BACKDOOR amitis runtime detection victim to attacker (more info ...) | trojan-activity | URL | |||
| 7713 | BACKDOOR amitis v1.3 runtime detection - email notification (more info ...) | trojan-activity | URL | |||
| 7714 | BACKDOOR netdevil runtime detection - flowbit set 1 (more info ...) | trojan-activity | URL | |||
| 7715 | BACKDOOR netdevil runtime detection - flowbit set 2 (more info ...) | trojan-activity | URL | |||
| 7716 | BACKDOOR netdevil runtime detection (more info ...) | trojan-activity | URL | |||
| 7717 | BACKDOOR snake trojan runtime detection (more info ...) | trojan-activity | URL | |||
| 7718 | BACKDOOR dameware mini remote control runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7719 | BACKDOOR dameware mini remote control runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7721 | BACKDOOR prorat 1.9 initial connection detection (more info ...) | trojan-activity | URL | |||
| 7724 | BACKDOOR reversable ver1.0 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | ||||
| 7726 | BACKDOOR reversable ver1.0 runtime detection - execute command - flowbit set (more info ...) | trojan-activity | ||||
| 7727 | BACKDOOR reversable ver1.0 runtime detection - execute command (more info ...) | trojan-activity | URL | |||
| 7728 | BACKDOOR radmin runtime detection - client-to-server (more info ...) | trojan-activity | URL | |||
| 7729 | BACKDOOR radmin runtime detection - server-to-client (more info ...) | trojan-activity | URL | |||
| 7730 | BACKDOOR outbreak_0.2.7 runtime detection - reverse connection (more info ...) | trojan-activity | URL | |||
| 7731 | BACKDOOR outbreak_0.2.7 runtime detection - ring server-to-client (more info ...) | trojan-activity | URL | |||
| 7732 | BACKDOOR outbreak_0.2.7 runtime detection - ring client-to-server (more info ...) | trojan-activity | URL | |||
| 7733 | BACKDOOR outbreak_0.2.7 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7734 | BACKDOOR bionet 4.05 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7738 | BACKDOOR alexmessomalex runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7739 | BACKDOOR alexmessomalex runtime detection - grab (more info ...) | trojan-activity | URL | |||
| 7740 | BACKDOOR nova 1.0 runtime detection - initial connection with pwd set - flowbit set (more info ...) | trojan-activity | URL | |||
| 7744 | BACKDOOR phoenix 2.1 runtime detection - flowbit set (more info ...) | trojan-activity | ||||
| 7745 | BACKDOOR phoenix 2.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 7746 | BACKDOOR bobo 1.0 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | ||||
| 7747 | BACKDOOR bobo 1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7748 | BACKDOOR bobo 1.0 runtime detection - send message - flowbit set (more info ...) | trojan-activity | ||||
| 7749 | BACKDOOR bobo 1.0 runtime detection - send message (more info ...) | trojan-activity | URL | |||
| 7750 | BACKDOOR buschtrommel 1.22 runtime detection - initial connection - flowbit set 1 (more info ...) | trojan-activity | ||||
| 7751 | BACKDOOR buschtrommel 1.22 runtime detection - initial connection - flowbit set 2 (more info ...) | trojan-activity | ||||
| 7752 | BACKDOOR buschtrommel 1.22 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7753 | BACKDOOR buschtrommel 1.22 runtime detection - spy function - flowbit set 1 (more info ...) | trojan-activity | ||||
| 7754 | BACKDOOR buschtrommel 1.22 runtime detection - spy function - flowbit set 2 (more info ...) | trojan-activity | ||||
| 7755 | BACKDOOR buschtrommel 1.22 runtime detection - spy function (more info ...) | trojan-activity | URL | |||
| 7758 | BACKDOOR glacier runtime detection - initial connection and directory browse (more info ...) | trojan-activity | URL | |||
| 7759 | BACKDOOR glacier runtime detection - screen capture (more info ...) | trojan-activity | URL | |||
| 7760 | BACKDOOR netthief runtime detection (more info ...) | trojan-activity | URL | |||
| 7763 | BACKDOOR nt remote controller 2000 runtime detection - services client-to-server (more info ...) | trojan-activity | URL | |||
| 7764 | BACKDOOR nt remote controller 2000 runtime detection - sysinfo client-to-server (more info ...) | trojan-activity | URL | |||
| 7765 | BACKDOOR nt remote controller 2000 runtime detection - sysinfo server-to-client (more info ...) | trojan-activity | URL | |||
| 7766 | BACKDOOR nt remote controller 2000 runtime detection - foldermonitor client-to-server (more info ...) | trojan-activity | URL | |||
| 7767 | BACKDOOR nt remote controller 2000 runtime detection - foldermonitor server-to-client (more info ...) | trojan-activity | URL | |||
| 7770 | BACKDOOR messiah 4.0 runtime detection - get server info - flowbit set (more info ...) | trojan-activity | ||||
| 7771 | BACKDOOR messiah 4.0 runtime detection - get server info (more info ...) | trojan-activity | URL | |||
| 7772 | BACKDOOR messiah 4.0 runtime detection - enable keylogger - flowbit set (more info ...) | trojan-activity | ||||
| 7773 | BACKDOOR messiah 4.0 runtime detection - enable keylogger (more info ...) | trojan-activity | URL | |||
| 7774 | BACKDOOR messiah 4.0 runtime detection - screen capture - flowbit set (more info ...) | trojan-activity | ||||
| 7775 | BACKDOOR messiah 4.0 runtime detection - screen capture (more info ...) | trojan-activity | URL | |||
| 7776 | BACKDOOR messiah 4.0 runtime detection - get drives - flowbit set (more info ...) | trojan-activity | ||||
| 7777 | BACKDOOR messiah 4.0 runtime detection - get drives (more info ...) | trojan-activity | URL | |||
| 7778 | BACKDOOR elfrat runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7782 | BACKDOOR netdevil runtime detection - file manager - flowbit set (more info ...) | trojan-activity | URL | |||
| 7783 | BACKDOOR netdevil runtime detection - file manager (more info ...) | trojan-activity | URL | |||
| 7791 | BACKDOOR remote anything 5.11.22 runtime detection - victim response (more info ...) | trojan-activity | URL | |||
| 7792 | BACKDOOR remote anything 5.11.22 runtime detection - chat with victim (more info ...) | trojan-activity | URL | |||
| 7793 | BACKDOOR remote anything 5.11.22 runtime detection - chat with attacker (more info ...) | trojan-activity | URL | |||
| 7794 | BACKDOOR fraggle rock 2.0 lite runtime detection - pc info - flowbit set (more info ...) | trojan-activity | URL | |||
| 7795 | BACKDOOR incommand 1.7 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 7796 | BACKDOOR incommand 1.7 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 7797 | BACKDOOR incommand 1.7 runtime detection - file manage 1 (more info ...) | trojan-activity | ||||
| 7798 | BACKDOOR incommand 1.7 runtime detection - file manage 1 (more info ...) | trojan-activity | URL | |||
| 7799 | BACKDOOR incommand 1.7 runtime detection - file manage 2 (more info ...) | trojan-activity | ||||
| 7800 | BACKDOOR incommand 1.7 runtime detection - file manage 2 (more info ...) | trojan-activity | URL | |||
| 7801 | BACKDOOR portal of doom runtime detection - udp cts (more info ...) | trojan-activity | URL | |||
| 7802 | BACKDOOR portal of doom runtime detection - udp stc (more info ...) | trojan-activity | URL | |||
| 7803 | BACKDOOR war trojan ver1.0 runtime detection - send messages (more info ...) | trojan-activity | URL | |||
| 7804 | BACKDOOR war trojan ver1.0 runtime detection - disable ctrl+alt+del (more info ...) | trojan-activity | URL | |||
| 7805 | BACKDOOR war trojan ver1.0 runtime detection - ie hijacker (more info ...) | trojan-activity | URL | |||
| 7806 | BACKDOOR fatal wound 1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7807 | BACKDOOR fatal wound 1.0 runtime detection - execute file (more info ...) | trojan-activity | URL | |||
| 7808 | BACKDOOR fatal wound 1.0 runtime detection - upload (more info ...) | trojan-activity | URL | |||
| 7809 | BACKDOOR fatal wound 1.0 runtime detection - upload (more info ...) | trojan-activity | URL | |||
| 7811 | BACKDOOR abacab runtime detection - telnet initial (more info ...) | trojan-activity | URL | |||
| 7812 | BACKDOOR abacab runtime detection - banner (more info ...) | trojan-activity | URL | |||
| 7813 | BACKDOOR darkmoon initial connection detection - cts (more info ...) | trojan-activity | URL | |||
| 7814 | BACKDOOR darkmoon initial connection detection - stc (more info ...) | trojan-activity | URL | |||
| 7815 | BACKDOOR darkmoon reverse connection detection - stc (more info ...) | trojan-activity | URL | |||
| 7816 | BACKDOOR darkmoon reverse connection detection - cts (more info ...) | trojan-activity | URL | |||
| 7817 | BACKDOOR infector v1.0 runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 7818 | BACKDOOR infector v1.0 runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 7822 | BACKDOOR xbkdr runtime detection (more info ...) | trojan-activity | URL | |||
| 7823 | SPYWARE-PUT Adware whenu runtime detection - datachunksgz (more info ...) | misc-activity | URL | |||
| 7824 | SPYWARE-PUT Trickler whenu.clocksync runtime detection (more info ...) | misc-activity | URL | |||
| 7825 | SPYWARE-PUT Adware whenu.savenow runtime detection (more info ...) | misc-activity | URL | |||
| 7826 | SPYWARE-PUT Trickler whenu.weathercast runtime detection - check (more info ...) | misc-activity | URL | |||
| 7827 | SPYWARE-PUT Adware whenu runtime detection - search request 1 (more info ...) | misc-activity | URL | |||
| 7828 | SPYWARE-PUT Adware whenu runtime detection - search request 2 (more info ...) | misc-activity | URL | |||
| 7829 | SPYWARE-PUT Adware gator user-agent detected (more info ...) | misc-activity | URL | |||
| 7830 | SPYWARE-PUT Botnet dacryptic runtime detection (more info ...) | trojan-activity | URL | |||
| 7831 | SPYWARE-PUT Adware downloadplus runtime detection (more info ...) | misc-activity | URL | |||
| 7834 | SPYWARE-PUT Hacker-Tool nettracker runtime detection - report browsing (more info ...) | misc-activity | ||||
| 7835 | SPYWARE-PUT Hacker-Tool nettracker runtime detection - report browsing (more info ...) | misc-activity | URL | |||
| 7836 | SPYWARE-PUT Hacker-Tool nettracker runtime detection - report send through email (more info ...) | misc-activity | URL | |||
| 7837 | SPYWARE-PUT Keylogger spyoutside runtime detection - email delivery (more info ...) | successful-recon-limited | URL | |||
| 7838 | SPYWARE-PUT Adware smiley central runtime detection (more info ...) | misc-activity | URL | |||
| 7839 | SPYWARE-PUT Hijacker rx toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 7840 | SPYWARE-PUT Hijacker instafinder initial configuration detection (more info ...) | misc-activity | URL | |||
| 7841 | SPYWARE-PUT Hijacker instafinder error redirect detection (more info ...) | misc-activity | URL | |||
| 7842 | SPYWARE-PUT Hacker-Tool davps runtime detection (more info ...) | misc-activity | URL | |||
| 7843 | SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - search engine hijack (more info ...) | misc-activity | URL | |||
| 7844 | SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - post data (more info ...) | misc-activity | URL | |||
| 7845 | SPYWARE-PUT Keylogger clogger 1.0 runtime detection (more info ...) | successful-recon-limited | ||||
| 7846 | SPYWARE-PUT Keylogger clogger 1.0 runtime detection (more info ...) | successful-recon-limited | ||||
| 7847 | SPYWARE-PUT Keylogger clogger 1.0 runtime detection - send log through email (more info ...) | successful-recon-limited | URL | |||
| 7848 | SPYWARE-PUT Hijacker netguide runtime detection (more info ...) | misc-activity | URL | |||
| 7849 | SPYWARE-PUT Trickler maxsearch runtime detection - toolbar download (more info ...) | misc-activity | URL | |||
| 7850 | SPYWARE-PUT Trickler maxsearch runtime detection - retrieve command (more info ...) | misc-activity | URL | |||
| 7851 | SPYWARE-PUT Trickler maxsearch runtime detection - ack (more info ...) | misc-activity | URL | |||
| 7852 | SPYWARE-PUT Trickler maxsearch runtime detection - advertisement (more info ...) | misc-activity | URL | |||
| 7853 | SPYWARE-PUT Adware web-nexus runtime detection - ad url 1 (more info ...) | misc-activity | URL | |||
| 7854 | SPYWARE-PUT Adware web-nexus runtime detection - config retrieval (more info ...) | misc-activity | URL | |||
| 7855 | SPYWARE-PUT Adware web-nexus runtime detection - ad url 2 (more info ...) | misc-activity | URL | |||
| 7857 | SPYWARE-PUT Keylogger EliteKeylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 8056 | DOS ISC DHCP server 2 client_id length denial of service attempt (more info ...) | attempted-dos | 2006-3122 | URL | ||
| 8071 | SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - search hijack (more info ...) | misc-activity | URL | |||
| 8072 | SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - surf monitor (more info ...) | misc-activity | URL | |||
| 8073 | SPYWARE-PUT Adware zango toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 8074 | BACKDOOR mithril runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 8075 | BACKDOOR mithril runtime detection - get system information (more info ...) | trojan-activity | URL | |||
| 8076 | BACKDOOR mithril runtime detection - get system information (more info ...) | trojan-activity | URL | |||
| 8077 | BACKDOOR mithril runtime detection - get process list (more info ...) | trojan-activity | URL | |||
| 8078 | BACKDOOR mithril runtime detection - get process list (more info ...) | trojan-activity | URL | |||
| 8079 | BACKDOOR x2a runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 8080 | BACKDOOR x2a runtime detection - client update (more info ...) | trojan-activity | URL | |||
| 8350 | WEB-CLIENT pub file download (more info ...) | misc-activity | 2006-0001 | 19951 | URL | |
| 8352 | SPYWARE-PUT Adware desktopmedia runtime detection - ads popup (more info ...) | misc-activity | URL | |||
| 8353 | SPYWARE-PUT Adware desktopmedia runtime detection - auto update (more info ...) | misc-activity | URL | |||
| 8354 | SPYWARE-PUT Adware desktopmedia runtime detection - surf monitoring (more info ...) | misc-activity | URL | |||
| 8355 | SPYWARE-PUT Keylogger spybuddy 3.72 runtime detection (more info ...) | successful-recon-limited | ||||
| 8356 | SPYWARE-PUT Keylogger spybuddy 3.72 runtime detection - send log out through email (more info ...) | successful-recon-limited | URL | |||
| 8357 | SPYWARE-PUT Keylogger spybuddy 3.72 runtime detection - send alert out through email (more info ...) | successful-recon-limited | URL | |||
| 8359 | SPYWARE-PUT Hijacker yok supersearch runtime detection - target website display (more info ...) | misc-activity | URL | |||
| 8360 | SPYWARE-PUT Hijacker yok supersearch runtime detection - search info collect (more info ...) | misc-activity | URL | |||
| 8361 | BACKDOOR black curse 4.0 runtime detection - inverse init connection (more info ...) | trojan-activity | URL | |||
| 8362 | BACKDOOR black curse 4.0 runtime detection - normal init connection (more info ...) | trojan-activity | URL | |||
| 8416 | WEB-CLIENT VML fill method overflow attempt (more info ...) | attempted-user | 2006-4868 | 20096 | URL | |
| 8445 | WEB-CLIENT RTF file with embedded object package download attempt (more info ...) | misc-activity | 2006-4692 | URL | ||
| 8461 | SPYWARE-PUT Trackware duduaccelerator runtime detection - send userinfo (more info ...) | successful-recon-limited | URL | |||
| 8462 | SPYWARE-PUT Trackware duduaccelerator runtime detection - trace info downloaded (more info ...) | successful-recon-limited | URL | |||
| 8463 | SPYWARE-PUT Trackware duduaccelerator runtime detection - trace login info (more info ...) | successful-recon-limited | URL | |||
| 8464 | SPYWARE-PUT Adware henbang runtime detection (more info ...) | misc-activity | URL | |||
| 8465 | SPYWARE-PUT Keylogger netobserve runtime detection - email notification (more info ...) | successful-recon-limited | URL | |||
| 8466 | SPYWARE-PUT Keylogger netobserve runtime detection - email notification (more info ...) | successful-recon-limited | URL | |||
| 8467 | SPYWARE-PUT Keylogger netobserve runtime detection - remote login response (more info ...) | successful-recon-limited | URL | |||
| 8468 | SPYWARE-PUT Hijacker accoona runtime detection - collect info (more info ...) | misc-activity | URL | |||
| 8469 | SPYWARE-PUT Hijacker accoona runtime detection - open sidebar search url (more info ...) | misc-activity | URL | |||
| 8542 | SPYWARE-PUT Trackware deluxecommunications runtime detection - collect info (more info ...) | successful-recon-limited | URL | |||
| 8543 | SPYWARE-PUT Trackware deluxecommunications runtime detection - display popup ads (more info ...) | successful-recon-limited | URL | |||
| 8545 | SPYWARE-PUT Adware roogoo runtime detection - surfing monitor (more info ...) | misc-activity | URL | |||
| 8546 | SPYWARE-PUT Adware roogoo runtime detection - show ads (more info ...) | misc-activity | URL | |||
| 8547 | BACKDOOR zzmm 2.0 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 8548 | BACKDOOR zzmm 2.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 8549 | BACKDOOR zxshell runtime detection - setting information retrieve (more info ...) | trojan-activity | URL | |||
| 8730 | DOS record route rr denial of service attempt (more info ...) | attempted-dos | 2001-0752 | 870 | ||
| 9339 | SPECIFIC-THREATS klez.g web propagation detection (more info ...) | trojan-activity | URL | |||
| 9340 | SPECIFIC-THREATS klez.i web propagation detection (more info ...) | trojan-activity | URL | |||
| 9346 | SPECIFIC-THREATS klez.b web propagation detection (more info ...) | trojan-activity | URL | |||
| 9347 | SPECIFIC-THREATS klez.b netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9351 | SPECIFIC-THREATS lovgate.a netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9353 | SPECIFIC-THREATS deborm.x netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9354 | SPECIFIC-THREATS deborm.y netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9355 | SPECIFIC-THREATS deborm.u netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9356 | SPECIFIC-THREATS deborm.q netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9357 | SPECIFIC-THREATS deborm.r netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9363 | SPECIFIC-THREATS klez.d web propagation detection (more info ...) | trojan-activity | URL | |||
| 9364 | SPECIFIC-THREATS klez.e web propagation detection (more info ...) | trojan-activity | URL | |||
| 9387 | SPECIFIC-THREATS klez.j web propagation detection (more info ...) | trojan-activity | URL | |||
| 9390 | SPECIFIC-THREATS deborm.d netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9395 | SPECIFIC-THREATS deborm.j netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9396 | SPECIFIC-THREATS deborm.t netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9401 | SPECIFIC-THREATS gokar http propagation detectiot (more info ...) | trojan-activity | URL | |||
| 9407 | SPECIFIC-THREATS lovgate.b netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9412 | SPECIFIC-THREATS sinmsn.b msn propagation detection (more info ...) | trojan-activity | URL | |||
| 9418 | BOTNET-CNC bagle.a http notification detection (more info ...) | trojan-activity | URL | |||
| 9419 | SPECIFIC-THREATS sasser attempt (more info ...) | trojan-activity | 2003-0533 | 10108 | 12205 | URL |
| 9420 | SPECIFIC-THREATS korgo attempt (more info ...) | trojan-activity | 2003-0533 | 10108 | 12205 | URL |
| 9421 | SPECIFIC-THREATS zotob attempt (more info ...) | trojan-activity | 2005-1983 | 14513 | URL | |
| 9422 | SPECIFIC-THREATS msblast attempt (more info ...) | trojan-activity | 2003-0352 | 8205 | URL | |
| 9423 | SPECIFIC-THREATS lovegate attempt (more info ...) | trojan-activity | 2003-0352 | 8205 | URL | |
| 9424 | SPECIFIC-THREATS /winnt/explorer.exe unicode klez infection attempt attempt (more info ...) | trojan-activity | ||||
| 9425 | SPECIFIC-THREATS netsky attachment (more info ...) | trojan-activity | ||||
| 9426 | SPECIFIC-THREATS mydoom.ap attachment (more info ...) | trojan-activity | ||||
| 9434 | WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (more info ...) | attempted-user | 2006-5567 | 20744 | URL | |
| 9619 | WEB-CLIENT Gnu gv buffer overflow attempt (more info ...) | attempted-user | 2006-5864 | 20978 | ||
| 9639 | WEB-CLIENT Windows Address Book download attempt (more info ...) | attempted-user | 2006-2386 | URL | ||
| 9644 | SPYWARE-PUT Adware imnames runtime detection (more info ...) | misc-activity | URL | |||
| 9646 | SPYWARE-PUT Hijacker sogou runtime detection - search through sogou toolbar (more info ...) | misc-activity | URL | |||
| 9647 | SPYWARE-PUT Keylogger system surveillance pro runtime detection (more info ...) | successful-recon-limited | URL | |||
| 9648 | SPYWARE-PUT Keylogger emailspypro runtime detection (more info ...) | successful-recon-limited | URL | |||
| 9649 | SPYWARE-PUT Keylogger ghost Keylogger runtime detection - flowbit set (more info ...) | successful-recon-limited | URL | |||
| 9650 | SPYWARE-PUT Keylogger ghost Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 9651 | SPYWARE-PUT Hijacker ricercadoppia runtime detection (more info ...) | misc-activity | URL | |||
| 9652 | SPYWARE-PUT Hijacker oemji bar runtime detection (more info ...) | misc-activity | URL | |||
| 9654 | BACKDOOR apofis 1.0 runtime detection - remote controlling (more info ...) | trojan-activity | ||||
| 9655 | BACKDOOR apofis 1.0 runtime detection - remote controlling (more info ...) | trojan-activity | URL | |||
| 9656 | BACKDOOR bersek 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 9657 | BACKDOOR bersek 1.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 9658 | BACKDOOR bersek 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 9659 | BACKDOOR bersek 1.0 runtime detection - file manage (more info ...) | trojan-activity | URL | |||
| 9660 | BACKDOOR bersek 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 9661 | BACKDOOR bersek 1.0 runtime detection - show processes (more info ...) | trojan-activity | URL | |||
| 9662 | BACKDOOR bersek 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 9663 | BACKDOOR bersek 1.0 runtime detection - start remote shell (more info ...) | trojan-activity | URL | |||
| 9664 | BACKDOOR crossbow 1.12 runtime detection (more info ...) | trojan-activity | ||||
| 9665 | BACKDOOR crossbow 1.12 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 9666 | BACKDOOR superra runtime detection - success init connection (more info ...) | trojan-activity | ||||
| 9667 | BACKDOOR superra runtime detection - issue remote control command (more info ...) | trojan-activity | ||||
| 9830 | SPYWARE-PUT Keylogger supreme spy runtime detection (more info ...) | successful-recon-limited | URL | |||
| 9831 | SPYWARE-PUT Adware u88 runtime detection (more info ...) | misc-activity | URL | |||
| 9832 | BACKDOOR ieva 1.0 runtime detection - send message (more info ...) | trojan-activity | URL | |||
| 9833 | BACKDOOR ieva 1.0 runtime detection - fake delete harddisk message (more info ...) | trojan-activity | URL | |||
| 9834 | BACKDOOR ieva 1.0 runtime detection - black screen (more info ...) | trojan-activity | URL | |||
| 9835 | BACKDOOR ieva 1.0 runtime detection - swap mouse (more info ...) | trojan-activity | URL | |||
| 9836 | BACKDOOR ieva 1.0 runtime detection - crazy mouse (more info ...) | trojan-activity | URL | |||
| 9837 | BACKDOOR sun shadow 1.70 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 9838 | BACKDOOR sun shadow 1.70 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 9839 | BACKDOOR sun shadow 1.70 runtime detection - keep alive (more info ...) | trojan-activity | URL | |||
| 9844 | WEB-CLIENT VLC Media Player udp URI format string attempt - single packet (more info ...) | attempted-user | 2007-0017 | 21852 | URL | |
| 9845 | WEB-CLIENT M3U File Download Detected (more info ...) | misc-activity | ||||
| 9846 | WEB-CLIENT VLC Media Player udp URI format string attempt - multipacket (more info ...) | attempted-user | 2007-0017 | 21852 | URL | |
| 9848 | WEB-CLIENT Vector Markup Language recolorinfo tag numfills parameter buffer overflow attempt (more info ...) | attempted-user | 2007-0024 | URL | ||
| 9849 | WEB-CLIENT Vector Markup Language recolorinfo tag numcolors parameter buffer overflow attempt (more info ...) | attempted-user | 2007-0024 | URL | ||
| 10063 | WEB-CLIENT Firefox query interface suspicious function call access attempt (more info ...) | attempted-user | 2006-0295 | 16476 | URL | |
| 10090 | SPYWARE-PUT Trickler zango easymessenger runtime detection (more info ...) | misc-activity | URL | |||
| 10091 | SPYWARE-PUT Hacker-Tool spylply.a runtime detection (more info ...) | misc-activity | URL | |||
| 10092 | SPYWARE-PUT Trackware russian searchbar runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10093 | SPYWARE-PUT Hijacker kuaiso toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 10094 | SPYWARE-PUT Adware borlan runtime detection (more info ...) | misc-activity | URL | |||
| 10095 | SPYWARE-PUT Trackware bydou runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10096 | SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection - keylog (more info ...) | successful-recon-limited | URL | |||
| 10097 | SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection (more info ...) | successful-recon-limited | ||||
| 10098 | SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection - get system info (more info ...) | successful-recon-limited | URL | |||
| 10099 | SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection (more info ...) | successful-recon-limited | ||||
| 10100 | SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection - open website (more info ...) | successful-recon-limited | URL | |||
| 10101 | BACKDOOR crossfires trojan 3.0 runtime detection - delete file (more info ...) | trojan-activity | URL | |||
| 10102 | BACKDOOR crossfires trojan 3.0 runtime detection - chat with victim (more info ...) | trojan-activity | URL | |||
| 10103 | BACKDOOR hav-rat 1.1 runtime detection (more info ...) | trojan-activity | ||||
| 10104 | BACKDOOR hav-rat 1.1 runtime detection (more info ...) | trojan-activity | ||||
| 10105 | BACKDOOR hav-rat 1.1 runtime detection - retrieve pc info (more info ...) | trojan-activity | URL | |||
| 10109 | BACKDOOR k-msnrat 1.0.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 10110 | BACKDOOR poison ivy 2.1.2 runtime detection (more info ...) | trojan-activity | ||||
| 10111 | BACKDOOR poison ivy 2.1.2 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 10112 | BACKDOOR rix3 1.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 10113 | BOTNET-CNC Trojan Peacomm command and control propagation detected (more info ...) | trojan-activity | ||||
| 10114 | BOTNET-CNC Trojan Peacomm command and control propagation detected (more info ...) | trojan-activity | ||||
| 10116 | WEB-CLIENT AIM GoChat URL access attempt (more info ...) | misc-attack | 2007-0021 | 22146 | URL | |
| 10164 | SPYWARE-PUT Adware adclicker-ej runtime detection (more info ...) | misc-activity | URL | |||
| 10165 | SPYWARE-PUT Keylogger mybr Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10166 | SPYWARE-PUT Trackware baigoo runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10168 | BACKDOOR one runtime detection (more info ...) | trojan-activity | URL | |||
| 10169 | BACKDOOR matrix 1.03 by mtronic runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 10179 | SPYWARE-PUT Trackware bysoo runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10180 | SPYWARE-PUT Adware eqiso runtime detection (more info ...) | misc-activity | URL | |||
| 10181 | SPYWARE-PUT Keylogger systemsleuth runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10182 | SPYWARE-PUT Adware newweb runtime detection (more info ...) | misc-activity | URL | |||
| 10183 | SPYWARE-PUT Keylogger activity Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10184 | BACKDOOR wow 23 runtime detection (more info ...) | trojan-activity | URL | |||
| 10187 | EXPLOIT HP Mercury Loadrunner command line buffer overflow ( |