Prof Rulle,

I believe you mean a false positive, don't you? A false negative would be a failure to report, but clearly ClamAV does detect this.

The proper way to report this would be to file a False Positive Report here: <https://www.clamav.net/reports/fp>. If you can also provide a hash value of file in question back here, that might speed up the process. Simply verifying one of these hash values from the VirusTotal report will work:

MD5
SHA-1
SHA-256

Powered by Mailbutler, the email extension that does it all

-Al-
ClamXAV User

On May 6, 2021, at 23:46, Andreas Rulle <andreas.rulle@itek.de> wrote:

Hi, thank you for your great service to internet security!

A false negative report has been issued this week for Img.Exploit.CVE_2017_3049-6268090-0, see also the virus total report under [1].

The issue has to be handled under the General Data Protection Regulation (GDPR). Therefore I would politely like to ask for the evaluation state of that false negative report. 

Thanks in advance for your kind response.

[1] https://www.virustotal.com/gui/file/7563a2b175d3c48069960e0290ac08e3f379cd74307e44c995df52d5dc6fc002/detection

-- 


P.S. Abonnieren Sie unseren Newsletter zu den aktuellen Themen der Standardisierung und IT-Lösungen in Ihrer Branche!
https://www.itek.de/aktuelles/newsletter


ITEK Technologie GmbH
Technologiepark 14
33100 Paderborn

Tel. +49 5251 / 16140
Fax +49 5251 / 161499
www.itek.de
mailto: Andreas Rulle@itek.de

Geschäftsführer: Prof. Dr. Uwe Kern
Registergericht /-nummer: Paderborn / HRB 13522