On Thu, Jul 16, 2015 at 11:14 AM, P K <[email protected]> wrote: > Thanks Brandon. > > It means file upload using multi-part form will not be detected by ClamAv. > If curl is able to send multi-part form it means other browsers can upload > virus file using multi form. > > Any way to fix same? > > Best Regards > Punit Kandoi > > It depends completely on the signature. If the signature is strict as the EICAR signature is, then clamav will only detect the virus under strict circumstances. If the signature for the virus/malware allows for data preceding/following the actual bytes that match the signature, then a multi-part form with a virus will still be caught.
-- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net http://www.clamav.net/contact.html#ml
