[clamav-users] Html.Exploit.CVE_2016_3386-1 False Positives

Alain Zidouemba azidouemba at sourcefire.com
Fri Oct 21 11:28:05 EDT 2016


Thanks for the FP report. The offending signature has been pulled.

- Alain

On Fri, Oct 21, 2016 at 4:16 AM, Al Varnell <alvarnell at mac.com> wrote:

> Html.Exploit.CVE_2016_3386-1 added today by daily - 22400 is identifying
> the following Main.js files as infected. They are all WebKit components
> included with multiple versions of OS X/macOS associated with Apple Safari
> Browser applications.  All three have been uploaded to the ClamAV False
> Positive Report page.
>
> /System/Library/PrivateFrameworks/WebInspectorUI.framework/
> Versions/A/Resources/Main.js
> d67f310354f84d6aca4e6e2a1c95a1ff:2087182:Main.js
>
> /System/Library/StagedFrameworks/Safari/WebInspectorUI.framework/
> Versions/A/Resources/Main.js
> b570fcfd3e04e5ebca7e9869bc137138:2374974:Main.js
>
> /Applications/Safari Technology Preview.app/Contents/
> Frameworks/WebInspectorUI.framework/Versions/A/Resources/Main.js
> 7c7cfc310d19477ad642e8dc65fdfa45:2452877:Main.js
>
>
> -Al-
> --
> Al Varnell
> Mountain View, CA
>
>
>
>
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>


More information about the clamav-users mailing list