drewnoakes
commented
2 years ago What virus scanner are you using?
Windows Defender doesn't find any issue with the files in this repo. I have them checked out locally.
Closed CodeTile closed 2 years ago
drewnoakes
commented
2 years ago What virus scanner are you using?
Windows Defender doesn't find any issue with the files in this repo. I have them checked out locally.
CodeTile
commented
2 years ago I am using BitDefender
On Mon, 31 Oct 2022, 09:34 Drew Noakes, @.***> wrote:
What virus scanner are you using?
Windows Defender doesn't find any issue with the files in this repo. I have them checked out locally.
— Reply to this email directly, view it on GitHub https://github.com/drewnoakes/metadata-extractor-images/issues/41#issuecomment-1296830159, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKME7BENENACZ5O2EPJCAPTWF6HDPANCNFSM6AAAAAARS2OTJA . You are receiving this because you authored the thread.Message ID: @.***>
drewnoakes
commented
2 years ago Can you identify a particular file in the repo that causes this? If you use git clone rather than downloading the .zip file, do you see any warnings?
CodeTile
commented
2 years ago path=".....\metadata-extractor-images\fuzzing\crash-043f32a0a693173f02dddb4e3ea9bd1314e9efdf.fuzzed" threatName="Exploit.StageFright-6.Gen" path=".....\metadata-extractor-images\fuzzing\crash-3e62baca0d98d2f8fb9f4256cb358b786ece020d.fuzzed" threatName="Exploit.StageFright-6.Gen" path=".....\metadata-extractor-images\fuzzing\crash-4fc34c4042aeffdc2e4ed3dd229da4d42e244217.fuzzed" threatName="Exploit.StageFright-6.Gen" path=".....\metadata-extractor-images\fuzzing\crash-6b4f34dac6b097d2f88f00646f91665aabd41b2e.fuzzed" threatName="Exploit.StageFright-6.Gen" path=".....\metadata-extractor-images\fuzzing\crash-6b85510afb1e2583c0b9bfe541e9c1590564a559.fuzzed" threatName="Exploit.StageFright-6.Gen" path=".....\metadata-extractor-images\fuzzing\crash-bb0dab7f3a224a8e9ea2a79ffcfbb519b8f6ff00.fuzzed" threatName="Exploit.CVE-2014-8438.Gen" path=".....\metadata-extractor-images\fuzzing\crash-c4c17badf37c73bbd1b5f20697002b071f108c9f.fuzzed" threatName="Exploit.StageFright-6.Gen" path=".....\metadata-extractor-images\jpg\HP PhotoSmart 318.jpg=>(REMOVED_NULLS)=>(JAVASCRIPT 2)" threatName="VBS.Entice.B" action="5" path=".....\metadata-extractor-images\jpg\HP PhotoSmart 318.jpg=>(REMOVED_NULLS)=>(JAVASCRIPT-COMPILATION)" threatName="VBS.Entice.B" action="1" path=".....\metadata-extractor-images\tif\ImageTestSuite\m1-5512ff2fc91566c07c8c8d3fd352a731.tif" threatName="Exploit.CVE-2015-5097.Gen" path=".....\metadata-extractor-images\tif\ImageTestSuite\m1-76c43508fc007bcf5902b6a28e8055a5.tif" threatName="Exploit.TIFF.Gen.0150" path=".....\metadata-extractor-images\tif\ImageTestSuite\m12-76c43508fc007bcf5902b6a28e8055a5.tif" threatName="Exploit.TIFF.Gen.0150" path=".....\metadata-extractor-images\tif\ImageTestSuite\m3-b0d36ed02fc2624ac79d3144e8b1bda2.tif" threatName="Exploit.TIFF.Gen.MS07-055" path=".....\metadata-extractor-images\tif\ImageTestSuite\m4-76c43508fc007bcf5902b6a28e8055a5.tif" threatName="Exploit.TIFF.Gen.0150" path=".....\metadata-extractor-images\tif\ImageTestSuite\m5-76c43508fc007bcf5902b6a28e8055a5.tif" threatName="Exploit.TIFF.Gen.0150"
drewnoakes
commented
2 years ago Thanks for that.
The fuzzing and ImageTestSuite images contain intentionally corrupted data, designed to validate the behaviour of a parser when receiving corrupted data.
The HP PhotoSmart 318 image does indeed contain the source of a VBS virus. I will remove it, even though I am not sure it is directly a threat to anyone.
CodeTile
commented
2 years ago Thanks for looking at it
drewnoakes
commented
2 years ago Thanks for taking the time to report this.
When I attempt to download as a zip file, my Anitvirus informs me that the zip file has a virus in it.
This is after it has downloaded 2GB.
Feature: Antivirus
C:\Users\xxxxxxxx\Downloads\metadata-extractor-images-master.zip tried to load a malicious resource detected as Exploit.StageFright-6.Gen and was blocked. Your device is safe.