Sent: Thursday, June 21, 2018 12:12 PM
To: ClamAV users ML
Subject: Re: [clamav-users] DWFx files tagged as
Xml.Exploit.CVE_2018_4975-6545149-0
We actually got another FP report for the signature
Xml.Exploit.CVE_2018_4975-6545149-0 triggering on AutoCAD DWFx files. We
dropped
We actually got another FP report for the signature
Xml.Exploit.CVE_2018_4975-6545149-0 triggering on AutoCAD DWFx files. We
dropped Xml.Exploit.CVE_2018_4975-6545149-0 from the signature set earlier
today pending further investigation on how the signature could be
re-written to avoid FPs on these
We use a replication platform that has ClamAV baked in so can't really use the
standard whitelist procedures, or at least not that I am aware of. Anyway we
are getting a bunch of our AutoCAD DWFx files that are being tagged for the
virus Xml.Exploit.CVE_2018_4975-6545149-0. I can't figure out