 | Exploit.JS.CVE-2005-1790.A |  |
|
fj1372D>
| Joined: 18 Mar 2007 |
| Posts: 0 |
|
|
|
 Posted: Sun Mar 18, 2007 5:29 pm |
|
 |
 |
|
|
ClamWin identified Exploit.JS.CVE-2005-1790.A in file C:\ProgramData\Symantec\LiveUpdate\Downloads\1171504390jtun_nisenidfull25.x86.full.zip. I submitted the file to VirusTotal and ClamAV 0.90.1 was the only scanner to identify the exploit. My question is this a real exploit or a false positive found in an update of the Norton virus database. Has anyone else had this result?
Thank you
|
|
|
|
alch
Site Admin
| Joined: 27 Nov 2005 |
| Posts: 0 |
|
|
|
| Posted: Sun Mar 18, 2007 10:59 pm |
|
|
|
|
|
most likely it is a false positive. Try to unpack the archive and identify an individual file that causes the detection. Then rescan it on virustotal
|
|
|
|
fj1372D>
| Joined: 18 Mar 2007 |
| Posts: 0 |
|
|
|
| Posted: Tue Mar 20, 2007 4:18 pm |
|
|
|
|
|
The file in the archive clamwin flagged was sigs.dat, which I am pretty sure is a Norton signatures database file. Again, clamwin was the only engine on VirusTotal that flagged the file as a threat.
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by
phpBB © phpBB Group
Design by
phpBBStyles.com |
Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
