[clamav-users] Html.Exploit.CVE_2017_8747-6336227-0 false positives

Al Varnell alvarnell at mac.com
Thu Jan 18 01:30:33 UTC 2018


Some ClamXAV users reported this and since it's a Windows CVE it has been whitelisted for them.

Be sure and submit a sample or two to <https://www.clamav.net/reports/fp <https://www.clamav.net/reports/fp>> and return here with hash values for the file(s).

-Al-

On Wed, Jan 17, 2018 at 09:49 AM, Orion Poplawski wrote:
> Html.Exploit.CVE_2017_8747-6336227-0 is triggering on the following content:
> 
> https://ow1.res.office365.com/owamail/20180105.04/scripts/owa.mail.js <https://ow1.res.office365.com/owamail/20180105.04/scripts/owa.mail.js>
> https://display.ugc.bazaarvoice.com/static/BonTon/BTN/93/6060_4_0/en_US/stylesheets/screen.css <https://display.ugc.bazaarvoice.com/static/BonTon/BTN/93/6060_4_0/en_US/stylesheets/screen.css>
> https://display.ugc.bazaarvoice.com/static/Lenovo/main_site/528/8923/en_US/stylesheets/screen.css <https://display.ugc.bazaarvoice.com/static/Lenovo/main_site/528/8923/en_US/stylesheets/screen.css>
> 
> Orion Poplawski





More information about the clamav-users mailing list