[clamav-users] CVE_2013_3860-1
Alain Zidouemba
azidouemba at sourcefire.com
Mon Jul 25 15:12:21 UTC 2016
Xml.Exploit.CVE_2013_3860-1 has been dropped.
Thanks,
- Alain
On Sun, Jul 24, 2016 at 11:51 AM, Al Varnell <alvarnell at mac.com> wrote:
> There was a previous Xml.Exploit.CVE_2013_3860-1 signature added by daily:
> 20352 on Apr 20, 2015 which was found to be producing FP’s and was removed
> by daily: 20358.
>
> The current Xml.Exploit.CVE_2013_3860-1 was re-introduced by daily - 21939
> on Jul 20, 2016 and I know of one ClamXav user reporting what he believes
> to be an FP, but waiting on details. Not sure whether the two signatures
> are the same or not.
>
> -Al-
>
> On Jul 24, 2016, at 7:14 AM, c chupela <cnctema68 at yahoo.com> wrote:
>
> > My Clamav installation, engine version .99, signature daily.cld updated
> (version: 21959, sigs: 454048, f-level: 63, builder: neo)bytecode.cld is up
> to date (version: 283, sigs: 53, f-level: 63, builder: neo)
> >
> > flagging /usr/share/doc/libxml2-python-2.7.6/reader2.py:
> Xml.Exploit.CVE_2013_3860-1
> >
> > I see some discussion online that alludes to this being a false
> positive, is this the case?
> > Thanks
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
More information about the clamav-users
mailing list