Christopher, Thanks for giving a hand. Several more reports this morning. ClamXav has added it to ClamXav.ign2.
Now I see there are reports concerning a different signature for the same CVE when accessing https://wordpress.org and Html.Exploit.CVE_2017_0141-6010301-0, which I can verify. -Al- On Thu, Mar 16, 2017 at 07:30 AM, Christopher Marczewski wrote: > > Al, > > Thanks for the report. In the interim, I'll pass that link along so we can > get a fix in as soon as possible. > > On Wed, Mar 15, 2017 at 10:55 PM, Al Varnell wrote: >> There have now been three ClamXav user reports of >> Html.Exploit.CVE_2017_0141-6003839-0, most, if not all involving browser >> caches while visiting several financial sites. >> >> Then I ran across these two reports on Reddit <https://www.reddit.com/r/ >> webdev/comments/5zis7p/infected_files_in_postman_resource_directory/> >> involving a variety of different files and have encouraged them to submit >> them as ClamAV False Positive. >> >> -Al-
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
