[clamav-users] Html.Exploit.CVE_2016_7190-1 WordPress False Positives

Al Varnell alvarnell at mac.com
Sun Oct 23 02:00:31 EDT 2016

Have received a couple of reports of multiple WordPress site infected with Html.Exploit.CVE_2016_7190-1 over the past two days, which was added by daily - 22400 on 10/20/2016.

Also found in the OS X WordPress.com App which I downloaded from <https://apps.wordpress.com/d/osx/>. I uploaded the app to your False Positive Reports as a .zip and believe the MD5 to be f06bece19d803bc2c1159b170aa8b499.

Actual component being identified as infected is WordPress.com.app/Contents/Resources/app/calypso/public/build.js with MD5 of 93dc9d8104d7c341012844f7e43a097e. VirusTotal shows ClamAV as the only scanner detecting it 

Al Varnell
Mountain View, CA

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3573 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20161022/c11dee30/attachment.bin>

More information about the clamav-users mailing list