The browser cache doesn’t really bother me that much, although I suspect it is just as much of an FP.
It’s these Adobe files that I’m pretty certain should not be detected: > EBookExport.InDesignPlugin > /Applications/Adobe InDesign CC > 2015/Plug-Ins/Filters/EBookExport.InDesignPlugin > Swf.Exploit.CVE_2015_5548 > > Flash3DViewer.swf > /Applications/Adobe Photoshop CC 2015/Presets/Flash 3D/Flash3DViewer.swf > Swf.Exploit.CVE_2015_5548 > > PWAFlex.swf > /Applications/Utilities/Adobe Application Manager/LWA/PWAFlex.swf > Swf.Exploit.CVE_2015_5548 > > OverlayCreator2015.swf > /Library/Application > Support/Adobe/CEP/extensions/OverlayCreator2015/OverlayCreator2015.swf > Swf.Exploit.CVE_2015_5548 and > Flixster Desktop.app Swf.Exploit.CVE_2015_5548 -Al- On Mon, Nov 16, 2015 at 10:54 PM, Gene Heskett wrote: > > On Tuesday 17 November 2015 01:33:15 Al Varnell wrote: > >> Swf.Exploit.CVE_2015_5548 was added to the database today: >>> ClamAV database updated (16 Nov 2015 07-00 -0500): daily.cvd >>> Version: 21062 >> >> and has resulted in three OS X users, so far, reporting various Adobe >> files as infected, in addition to even more reporting infected browser >> cache files. >> >> I have asked those with Adobe hits to upload to your False Positive >> Report site. >> >> -Al- > > No clue were that site is Al, but my scan, on a wheezy box, just reported > 10 copies of Swf.Exploit.CVE_2015_5548 > > In the mozilla and chrome caches, I just nuked the lot of them. > > Cheers, Gene Heskett -Al- -- Al Varnell Mountain View, CA
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
