[clamav-users] FP Pdf.Exploit.CVE_2016_1091-2
Jeff Dyke
jeff.dyke at gmail.com
Wed Nov 23 17:11:22 UTC 2016
I also submitted an FP a few days ago. I'm not as much of a fan of
whitelisting what could be a fairly serious exploit that i'd be allowing
people to download if it were valid. Hopefully it will be fixed up soon.
The documents i found it in are public, so if there is way to expedite the
process, i'm happy to supply other information.
On Wed, Nov 23, 2016 at 10:27 AM, Hajo Locke <Hajo.Locke at gmx.de> wrote:
> Hello,
>
> Am 23.11.2016 um 16:10 schrieb Ralf Hildebrandt:
>
>> * Hajo Locke <Hajo.Locke at gmx.de>:
>>
>>> Hello,
>>>
>>> unfortunately we have some problems with FP Pdf.Exploit.CVE_2016_1091-2
>>> Customer was testing at virustotal and only clamav is finding a virus.
>>> Unfortunately i can not do a FP-Report. All PDFs are property of
>>> costumers
>>> and not public.
>>>
>> I already did a FP report. It happened with PDFs from "Springer
>> Medical". had to diable that signature.
>>
> Thanks. In most cases the clam-team response is quick. Otherwise i would
> also do a global whitelisting.
>
>>
>> I hope there are some additional FP-Reports from other people regarding
>>> this
>>> virus to review this signature.
>>>
>> Yep.
>>
>> Thanks,
> Hajo
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
More information about the clamav-users
mailing list