Html.Exploit.CVE_2014_4138



  • Just run a clamtk scan & this came up Found 1 possible threat (187457 files scanned). /opt/vivaldi-beta/resources/vivaldi/bundle.js Html.Exploit.CVE_2014_4138 Is it a false positive, can it be deleted. It seem to be related to Microsoft Internet Explorer 11 as far as I can see ?. Anyone got any idea's Forgot to say I'am using Linux Mint 17.3 with cinnamon desktop


  • Moderator

    As long the file was not modified while downloading or installing it's a false positive. There were many people having those calls from ClamAV. On Windows I use Avira and it did not find anything, on Win10 I ran Win Defender and nothing as well.

    Jotti's Scan and VirusTotal have just some very few AVs detecting Vivaldi as virus, I believe the problem is that they offer their scripts unbundled from the executable and as it has some web scripting it marks as a potential thread.



  • Thank you, that make's a lot sense I think it's been showing up on mac os as well again with clamav

    Thanks again for the help Muzzie


  • Moderator

    Just checked on Windows with ClamWin and it's detecting bundle.js as a virus. I wonder if there's any way to report it to ClamAV team.

    On VirusTotal only ClamAV detected it as a virus, from all 54; on Jotti's scan it's the same, out of 21.



  • I also installed Vivaldi on Windows 10 & run a full scan using 360 Total Security didn't find a thing, think it must be clamav finding some residual windows code in in the linux deb package or something along them line's. Just find it a bit bizarre as Exploit.CVE_2014_4138 only seem's affect windows Internet Explorer & Microsoft seem to have issued a patch for it. I will have a go at uploading it to the people at clamav.

    Many thank muzzie



  • ClamAV is not very good and it has a bad heuristical scanner.

    That is a false positive.


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.