Re: [clamav-users] What is the actual danger of this?
On February 22, 2023 1:48:02 PM EST, newcomer01 via clamav-users wrote: >for me look it like that the jpeg files cannot be read from heuristics scan as >reason that something is wrong with it >i would not think frist, that is be an exploit > > >> A clamdscan flagged quite a few files on my system as >> Heueristics.Broken.Media.JPEG.JFIFmarkerBadPosition. What kind of exploit is >> that? And what kind of danger does it pose? (What does it do?) Is it for all >> systems? Or just for Windows? >> >> A whole lot of web searching turned up nothing. Does anyone know? In a security podcast I listened to not too long ago it spoke of an exploit against iPhones which was quite hazardous, was concealed inside of an image file, which would immediately take control of the iPhone. There's not enough information for me to say that this is that exploit. Maybe it is, maybe it's something similar, or maybe it's simply a bit of corruption of the jpg file and actually relatively harmless. There are a lot of possibilities. You're right, we don't want to make any premature assumptions, neither overestimate nor underestimate the hazard. The purpose of my post was to find more information in order to make a proper evaluation. Thanks for helping me clarify that. ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] What is the actual danger of this?
This alert means that the JPEG is slightly malformed. Many applications will probably be fine with it. ClamAV thinks it is a little odd. The risk is probably pretty low, but perhaps looking at a little to see if any other antivirus products think it is suspicious. Regards, Micah Micah Snyder ClamAV Development Talos Cisco Systems, Inc. From: clamav-users on behalf of newcomer01 via clamav-users Sent: Wednesday, February 22, 2023 10:48 AM To: clamav-users Cc: newcomer01 Subject: Re: [clamav-users] What is the actual danger of this? for me look it like that the jpeg files cannot be read from heuristics scan as reason that something is wrong with it i would not think frist, that is be an exploit Von / From: Clamav User Mailinglist <mailto:clamav-users@lists.clamav.net> An / To: Newcomer01 <mailto:newcome...@posteo.de> CC / CC: Musc <mailto:muschel...@newcultures.com> Gesendet / Sent: Mittwoch, Februar 22, 2023 um 18:18 (at 06:18 PM) +0100 Betreff / Subject: [clamav-users] What is the actual danger of this? > A clamdscan flagged quite a few files on my system as > Heueristics.Broken.Media.JPEG.JFIFmarkerBadPosition. What kind of exploit is > that? And what kind of danger does it pose? (What does it do?) Is it for all > systems? Or just for Windows? > > A whole lot of web searching turned up nothing. Does anyone know? > > TIA. > ___ > > Manage your clamav-users mailing list subscription / unsubscribe: > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/Cisco-Talos/clamav-documentation > > https://docs.clamav.net/#mailing-lists-and-chat ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] What is the actual danger of this?
for me look it like that the jpeg files cannot be read from heuristics scan as reason that something is wrong with it i would not think frist, that is be an exploit Von / From: Clamav User Mailinglist <mailto:clamav-users@lists.clamav.net> An / To: Newcomer01 <mailto:newcome...@posteo.de> CC / CC: Musc <mailto:muschel...@newcultures.com> Gesendet / Sent: Mittwoch, Februar 22, 2023 um 18:18 (at 06:18 PM) +0100 Betreff / Subject: [clamav-users] What is the actual danger of this? A clamdscan flagged quite a few files on my system as Heueristics.Broken.Media.JPEG.JFIFmarkerBadPosition. What kind of exploit is that? And what kind of danger does it pose? (What does it do?) Is it for all systems? Or just for Windows? A whole lot of web searching turned up nothing. Does anyone know? TIA. ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
[clamav-users] What is the actual danger of this?
A clamdscan flagged quite a few files on my system as Heueristics.Broken.Media.JPEG.JFIFmarkerBadPosition. What kind of exploit is that? And what kind of danger does it pose? (What does it do?) Is it for all systems? Or just for Windows? A whole lot of web searching turned up nothing. Does anyone know? TIA. ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
