[clamav-users] Html.Exploit.CVE_2017_8747-6336227-0 false positives
Al Varnell
alvarnell at mac.com
Thu Jan 18 01:30:33 UTC 2018
Some ClamXAV users reported this and since it's a Windows CVE it has been whitelisted for them.
Be sure and submit a sample or two to <https://www.clamav.net/reports/fp <https://www.clamav.net/reports/fp>> and return here with hash values for the file(s).
-Al-
On Wed, Jan 17, 2018 at 09:49 AM, Orion Poplawski wrote:
> Html.Exploit.CVE_2017_8747-6336227-0 is triggering on the following content:
>
> https://ow1.res.office365.com/owamail/20180105.04/scripts/owa.mail.js <https://ow1.res.office365.com/owamail/20180105.04/scripts/owa.mail.js>
> https://display.ugc.bazaarvoice.com/static/BonTon/BTN/93/6060_4_0/en_US/stylesheets/screen.css <https://display.ugc.bazaarvoice.com/static/BonTon/BTN/93/6060_4_0/en_US/stylesheets/screen.css>
> https://display.ugc.bazaarvoice.com/static/Lenovo/main_site/528/8923/en_US/stylesheets/screen.css <https://display.ugc.bazaarvoice.com/static/Lenovo/main_site/528/8923/en_US/stylesheets/screen.css>
>
> Orion Poplawski
More information about the clamav-users
mailing list