I've just updated the detection for CVE-2010-0815. The possible false positive you reported was actually a false positive and had to do with the fact that .ppt file was fragmented.
The updated detection for CVE-2010-0815 should be released in the next 24h. Thanks, -Alain On Tue, Jun 29, 2010 at 10:20 AM, Alain Zidouemba <[email protected]> wrote: > Looking into it now. Will let you know. > > -Alain > > On Tue, Jun 29, 2010 at 9:15 AM, Trevor Cotton <[email protected]> > wrote: >> Today clamAV has started reporting BC.Exploit.CVE_2010_0815 found in a .ppt >> file we have had since March last year. >> Running ClamAV Engine 0.96.1 on RHEL with latest signatures. >> McAfee on the windows side says the file is clean. >> Any ideas? >> >> Thank You, >> >> Trevor >> >> Freshclam says >> ClamAV update process started at Tue Jun 29 04:02:23 2010 >> main.cvd is up to date (version: 52, sigs: 704727, f-level: 44, builder: >> sven) >> Trying host db.us.clamav.net (208.72.56.53)... >> Downloading daily-11277.cdiff [*] >> daily.cld updated (version: 11277, sigs: 99038, f-level: 53, builder: arnaud) >> bytecode.cvd is up to date (version: 28, sigs: 6, f-level: 53, builder: >> nervous) >> Database updated (803771 signatures) from db.us.clamav.net (IP: 208.72.56.53) >> Clamd successfully notified about the update. >> >> >> _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ >> _ _ _ _ _ _ _ _ _ _ >> >> St. Jude Children’s Research Hospital is internationally recognized for its >> pioneering >> work in finding cures and saving children with cancer and other catastrophic >> diseases. >> St. Jude is the first and only pediatric cancer center to be designated as a >> Comprehensive >> Cancer Center by the National Cancer Institute. Founded by late entertainer >> Danny Thomas >> and based in Memphis, Tenn., St. Jude freely shares its discoveries with >> scientific and >> medical communities around the world. St. Jude is the only pediatric cancer >> research center >> where families never pay for treatment not covered by insurance. No child is >> ever denied >> treatment because of the family’s inability to pay. St. Jude is financially >> supported by >> ALSAC, its fundraising organization. For more information, please visit >> www.stjude.org. >> _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ >> _ _ _ _ _ _ _ _ _ _ >> >> This e-mail and any files transmitted with it are confidential and >> intended solely for the use of the individual or entity to whom >> they are addressed. If you have received this e-mail in error please >> notify the originator of the message. This footer also confirms that this >> e-mail message has been scanned for the presence of computer viruses. >> _______________________________________________ >> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net >> http://www.clamav.net/support/ml > _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
