On 9 June 2022 13:17:29 Vangelis Katsikaros via clamav-users
wrote:
Hi
I am not a security person so I apologize if the question sounds stupid.
I'd like to ask if there is a signature in the clamav DB to recognise
Microsoft word documents affected by the "Follina" - CVE-2022-30190 remote
cod
Actually, there are two so far, added pm June 2 and 7:
% sigtool -f CVE_2022_30190-|sigtool --decode-sigs
VIRUS NAME: Win.Exploit.CVE_2022_30190-9951234-1
TDB: Engine:96-255,Container:CL_TYPE_OOXML_WORD,Target:7
LOGICAL EXPRESSION: 0&1&2
* SUBSIG ID 0
+-> OFFSET: 0
+-> SIGMOD: NOCASE
+-> DECOD
Hi there,
On Thu, 9 Jun 2022, Vangelis Katsikaros via clamav-users wrote:
I am not a security person so I apologize if the question sounds stupid.
It doesn't sound stupid. :)
I'd like to ask if there is a signature in the clamav DB to recognise
Microsoft word documents affected by the "Foll
Hi
I am not a security person so I apologize if the question sounds stupid.
I'd like to ask if there is a signature in the clamav DB to recognise
Microsoft word documents affected by the "Follina" - CVE-2022-30190 remote
code execution vulnerability.
Regards
Vangelis
_
