Hi there,
On Thu, 9 Jun 2022, ichijo toru via clamav-users wrote:
Hello, I have a question about virus scanning for folders that generate
temporary files.
I do not understand what you mean. Folders do not generate anything,
the processes which use them do that. ClamAV neither knows nor care
Hi
I am not a security person so I apologize if the question sounds stupid.
I'd like to ask if there is a signature in the clamav DB to recognise
Microsoft word documents affected by the "Follina" - CVE-2022-30190 remote
code execution vulnerability.
Regards
Vangelis
_
Hi there,
On Thu, 9 Jun 2022, Vangelis Katsikaros via clamav-users wrote:
I am not a security person so I apologize if the question sounds stupid.
It doesn't sound stupid. :)
I'd like to ask if there is a signature in the clamav DB to recognise
Microsoft word documents affected by the "Foll
Actually, there are two so far, added pm June 2 and 7:
% sigtool -f CVE_2022_30190-|sigtool --decode-sigs
VIRUS NAME: Win.Exploit.CVE_2022_30190-9951234-1
TDB: Engine:96-255,Container:CL_TYPE_OOXML_WORD,Target:7
LOGICAL EXPRESSION: 0&1&2
* SUBSIG ID 0
+-> OFFSET: 0
+-> SIGMOD: NOCASE
+-> DECOD
On 9 June 2022 13:17:29 Vangelis Katsikaros via clamav-users
wrote:
Hi
I am not a security person so I apologize if the question sounds stupid.
I'd like to ask if there is a signature in the clamav DB to recognise
Microsoft word documents affected by the "Follina" - CVE-2022-30190 remote
cod
