The file has been subject to daily scanning since Mar 2015. According to the mtime, the file has not been changed since. However, the positive finding from ClamAV occurred just yesterday. That's why it seems to me that this might be a false positive.
Please let me know what you think. Cheers Ingo On Thu, 9 Jul 2015 at 19:33 Al Varnell <[email protected]> wrote: > I’m not sure why you would consider a 2012 CVE to be an indicator of a > false positive. Have you read the vulnerability description? > <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0167> > > If that document contains an EMF image it could cause a heap-based buffer > overflow in those older, unmatched versions of Microsoft Office. > > -Al- > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
