[clamav-users] Pdf.Exploit.CVE_2019_7057-6900620-0 signature causes error on clamav start
Alptugay Değirmencioğlu
alptugay at labrisnetworks.com
Thu Mar 21 10:19:25 UTC 2019
Hello,
This signature*Pdf.Exploit.CVE_2019_7057-6900620-0 *causes error on
clamd start both on versions 0.93 and 0.101.1.
The error is:
LibClamAV Error: cli_pcre_compile: PCRE compilation failed at offset 20:
unrecognized character after (?<
LibClamAV Error: cli_pcre_build: failed to build pcre regex
Thu Mar 21 13:11:33 2019 -> !Database initialization error: Malformed
database
The content of the signature is odd.
Pdf.Exploit.CVE_2019_7057-6900620-0;Engine:81-255,Target:10;1;7361766546696C7465726564584D4C;0/resolveNode[^>]*?(?<load>loadXML\([^>]*?save(XML|FilteredXML))[^>]*?(?P=load)[^>]*?(?P=load)/i
--
Alptugay Değirmencioğlu
Güvenlik Araştırmaları ve Operasyon Takım Lideri
Security Research & Operations Team Lead
Labris Teknoloji A.Ş.
Galyum Blok, K1-1 ODTÜ TEKNOKENT
Ankara, Türkiye
alptugay at labrisnetworks.com
T : +90 312 210 1490 (pbx)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20190321/f0c3ae8b/attachment.htm>
More information about the clamav-users
mailing list