[clamav-users] Html.Exploit.CVE_2012_2546
Nathan Howard
nathan+clamav at freeagent.com
Fri Sep 26 09:09:49 UTC 2014
>
> I seem to be getting lots of hits on my browser cache when accessing some
> several popular sites, including the Apple Support Community Forum. Looks
> like it was just added earlier today by Alain in daily 19432.
We have also seen this too today and triggered alerts on many of our
servers.
The file triggering for us is jquery.wysihtml5.js and is being caught by
the following virus definition:
Html.Exploit.CVE_2012_2546;Engine:51-255,Target:3;0&1&2&3;3c6d657461;2e6164646576656e746c697374656e6572{-55}646f6d;2e63726561746572616e6765{-250}2e64656c657465636f6e74656e7473;2e63726561746572616e6765{-250}2e64656c657465636f6e74656e7473
We use https://www.metascan-online.com/en to check the file and it showed
that ClamAV was the only scanner showing it as containing a virus.
Regards,
Nathan
More information about the clamav-users
mailing list