Hello, ClamAV falsely detects a BC.Exploit.CVE_2010_0815 in a ".ppt" file. I ran the file through VirusTotal and only ClamAV shows it as infected. I found a 2-year old message related to this issue:
http://lurker.clamav.net/search/20380101.000000.00000000@ml:clamav-users,false,positive,bc.exploit.cve%5F2010%5F0815.en.html http://www.gossamer-threads.com/lists/clamav/users/48954 though it was never fully resolved. Alain Zidouemba reported he updated the detection for CVE_2010_0815, but Ewald Beekam reported he continued to have the problem. There was no response and I am also having this issue. Please advise on this. Thanks for your time and effort! Sincerely, Sasha P.S. I am running release 0.97.2 (using ClamXav), so I don't know if the 0.97.3 takes care of this or not, but given that this issue persisted for over 2 years, I doubt anything has been done. Any help with this would be greatly appreciated. P.P.S I also had a false positive on BC.Exploit.CVE_2010_3970 in Word document (that I created and which only had a numbered list of about 10 items), though VirusTotal reports the file is clean (aside from the ClamAV scan). After I copied the contents of an "infected" file into a new word document, the file is reported as clean, but I do wonder if this is another ClamAV issue that needs to be looked into. Thanks again for your help. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
