[clamav-users] - False Positive
Ingo Bente
ingo.bente at gmail.com
Thu Jul 9 18:22:09 UTC 2015
The file has been subject to daily scanning since Mar 2015. According to
the mtime, the file has not been changed since. However, the positive
finding from ClamAV occurred just yesterday. That's why it seems to me that
this might be a false positive.
Please let me know what you think.
Cheers
Ingo
On Thu, 9 Jul 2015 at 19:33 Al Varnell <alvarnell at mac.com> wrote:
> I’m not sure why you would consider a 2012 CVE to be an indicator of a
> false positive. Have you read the vulnerability description?
> <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0167>
>
> If that document contains an EMF image it could cause a heap-based buffer
> overflow in those older, unmatched versions of Microsoft Office.
>
> -Al-
>
More information about the clamav-users
mailing list