Hello We were seeing a number of files being quarantined earlier with the reference BC.Exploit.CVE_2012_1847 FOUND and BC.Exploit.CVE_2012_0184 FOUND. The CVE numbers point to vulnerabilities found in Microsoft's Excel and Office suites. However, the files were not only excel spreadsheets but also some .msi files and word .doc files. Our other AV scanners (Sophos and Avira) see the files as clean, so is this a false positive ? I'm assuming yes. Also, interestingly, a copy of one of the files put back on the affected server has not been quarantined again. The various definitions have been updated by freshclam, so we are all up to date currently on that score. If someone could confirm if this was a signature that was wrong and causing the quarantine, that would be great.
Version info below: clamscan -V ClamAV 0.97.3/14913/Fri May 11 16:03:22 2012 running on a Centos 5.7 box. Thanks in advance. Andrew -- Andrew Thompson and...@x-2.org.uk _________________________________________________________ This mail sent using V-webmail - http://www.v-webmail.org _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
