Reputation: 1808
virus warning for the latest phpmyadmin (HTML.Exploit.CVE_2014_0322)
I run PHPMyAdmin locally, and after ClamXav updated its definitions today, I get a virus warning whenever I load PHPMyAdmin. The virus name is: HTML.Exploit.CVE_2014_0322.
It boils down to a call to /js/get_scripts.js.php, which loads a bunch of local JavaScript files in one request.
If I edit this script to prevent it from loading JavaScript, the virus warning goes away.
I'm on a Mac, and HTML.Exploit.CVE_2014_0322 is an exploit for Internet Explorer on Windows, so it seems to be a false warning.
I upgraded PHPMyAdmin to the latest version, and still get this error. Does anyone know which JavaScript file is triggering the error?
Upvotes: 0
Views: 3161
Answers (1)
Reputation: 56
This is almost certainly a false positive.
I run regular scans with clamav on webroots for a number of customers. We got tons of HTML.Exploit.CVE_2014_0322 detections today, mostly these were minified versions of jquery.
Seems ClamAV added some detection rule that generates lots of false alarms. The only thing you can do is wait for ClamAV to fix their Virus database.
Upvotes: 4
Related Questions
- phpmyadmin deprecation notice php 8
- How to hide lacking phpmyadmin warnings?
- When I run localhost/phpmyadmin then I got some code
- Virus/malware modifying .htaccess on Joomla CMS website
- phpmyadmin error with sanitizing.lib.php
- "A newer version of phpMyAdmin is available..." Warning doesn't disappear after upgrade
- Does somebody knows what is this code Virus in PHP?
- Possible exploit in phpmyadmin links http://dev.mysql.com/
- Found This Hack in my web server php files
- Where could this line be located?