There was a previous Xml.Exploit.CVE_2013_3860-1 signature added by daily: 20352 on Apr 20, 2015 which was found to be producing FP’s and was removed by daily: 20358.
The current Xml.Exploit.CVE_2013_3860-1 was re-introduced by daily - 21939 on Jul 20, 2016 and I know of one ClamXav user reporting what he believes to be an FP, but waiting on details. Not sure whether the two signatures are the same or not. -Al- On Jul 24, 2016, at 7:14 AM, c chupela <cnctem...@yahoo.com> wrote: > My Clamav installation, engine version .99, signature daily.cld updated > (version: 21959, sigs: 454048, f-level: 63, builder: neo)bytecode.cld is up > to date (version: 283, sigs: 53, f-level: 63, builder: neo) > > flagging /usr/share/doc/libxml2-python-2.7.6/reader2.py: > Xml.Exploit.CVE_2013_3860-1 > > I see some discussion online that alludes to this being a false positive, is > this the case? > Thanks
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml