Franky Van Liedekerke wrote: > Hi, > > at http://www.gfi.com/emailsecuritytest/ you can submit your mailserver > to some testing to see if it catches all viruses/exploits being sent to > it. Now there seem to be 2 exploits that are not catched by clamav: > "ActiveX vulnerability test" and "Iframe remote vumnerability test". > Both use an iframe with width and heighth 0 in an html mail (only > exploitable on some outlook clients and with internet explorer as > browser). > Now I\'ve tested this with mcaffee (local) and kaspersky online scanner > as well, and they do not see this as a virus/exploit as well, so is GFI > a bit off here? > Anybody can enter their email at the above link to get a sample of these > 2 so-called exploits. >
What the online security test emaillers and reality class as an Iframe exploit seem to differ. I personally just drop everything that contains an Iframe these days. Upto just, I have never seen a legitimate use of one in an email. Matt _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
