[clamav-users] CVE-2017-11241 - Synology DIskStation AV Essentials
Leonardo Rodrigues
leolistas at solutti.com.br
Wed Sep 13 14:27:50 UTC 2017
I'm also getting some excel files flagged by the same signature,
excel files that are supposed to be clean by other commercial antiviruses
two files from my amavis quarantine folder scanned with actual
signatures:
[root at correio shm]# clamdscan -v virus-2017*
/dev/shm/virus-20170912T100210-14568-04-oYAqsgllorwh:
BC.Win.Exploit.CVE_2017_11244-6335828-0 FOUND
/dev/shm/virus-20170913T105721-11777-15-NJFMBYpgy4B5:
BC.Win.Exploit.CVE_2017_11244-6335828-0 FOUND
signatures i'm running
[root at correio shm]# freshclam
ClamAV update process started at Wed Sep 13 11:27:06 2017
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60,
builder: sigmgr)
daily.cvd is up to date (version: 23823, sigs: 1742928, f-level: 63,
builder: neo)
bytecode.cld is up to date (version: 311, sigs: 74, f-level: 63,
builder: neo)
unfortunelly these are corporate files and i cannot submit them for
analysis :(
Em 11/09/17 16:06, Judd Grayzel escreveu:
> My Synology Diskstation running the Anti-Virus Essentials (ClamAV based engine) quarantined almost 1000 files for the CVE-2017-11241 vulnerability. This CVE references a problem with Adobe Acrobat, but the files that are being quarantined are Microsoft Excel fIles.
> Do these files really have a virus of some sort, or is this a False/Positive situation?
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertrudes at solutti.com.br
My SPAMTRAP, do not email it
More information about the clamav-users
mailing list