Hi all

I have just run a browser test and i get this warning from avast, from web shield.

(Sign of “JS:XMLParse-A [Expl]” has been found in “httpp://bcheck.scanit.be/bcheck/raw.php” file.)
I have put a extra p in http as to make the above link not live

I am not sure what to think of this as i only get this warning in IE7

Firefox does not have this warning and also Opera does not have this warning also. They both come through with no warnings.

If this question has already been asked i apologize.
Any assistance will be appreciated

I have to go out now will check back tomorrow.

Have a great Christmas and new year.

Cheers pete

Crofty, avast is very good on website infection and hacking.
Maybe Firefox and Opera aren’t executing the scripts in that page (I’m not sure).
Do you use NoScript in Firefox?

Tech,

Just been there and tested my latest version of Firefox Shiretoko there, here the results and no avast flags there.

* Passed  Mozilla crashes with evidence of memory corruption - passed
* Passed Mozilla crashes with evidence of memory corruption - passed
* Passed Adobe Flash Player video file parsing integer overflow - passed
* Passed Mozilla crashes with evidence of memory corruption (rv:1.8.1.5) - passed
* Passed Apple QuickTime MOV file JVTCompEncodeFrame heap overflow - passed
* Passed Mozilla code execution via QuickTime Media-link files - passed
* Passed Mozilla crashes with evidence of memory corruption (rv:1.8.1.8) - passed
* Passed Mozilla memory corruption vulnerabilities (rv:1.8.1.10) - passed
* Passed Mozilla crashes with evidence of memory corruption (rv:1.8.1.12) - passed
* Passed Mozilla Firefox MathML integer overflow - passed 

This is my browser: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b3pre) Gecko/20081225 Shiretoko/3.1b3pre ID:20081225034145

polonus

The warning comes from Avast at this point:

Now testing “Internet Explorer XML nested SPAN elements memory corruption” vulnerability (test 18 out of 18)

If you run the browser specific tests the warning only appears in IE. If you run all available tests the warning also appears in Firefox and Opera.

BTW, all three of my browsers passed all tests. ;D

I noticed this, too:

Help! My anti-virus says there is a virus!
Your anti-virus is doing its job. It detects the exploit we are attempting and warns you about it. The virus it detects is some malicious software that uses the same bug we test for. Apart from exploiting same browser bug the Browser Security Test and the virus have nothing in common. We are not installing any trojans or attempting to infect you with viruses.

Hi tech
Yes i use no script in firefox

Hi polonus
Here is my results IE7
• Internet Explorer bait & switch race condition - passed
• Internet Explorer createTextRange arbitrary code execution - passed
• Windows MDAC ADODB ActiveX control invalid length - passed
• Adobe Flash Player video file parsing integer overflow - passed
• XMLDOM substringData() heap overflow - passed
• Apple QuickTime MOV file JVTCompEncodeFrame heap overflow - passed
• Apple QuickTime ‘QTPlugin.ocx’ ActiveX Control Multiple Buffer Overflows - passed
• Window location property cross-domain scripting - passed
• Internet Explorer XML nested SPAN elements memory corruption - passed
Congratulations! The test has found no vulnerabilities in your browser!

Firefox
• Mozilla crashes with evidence of memory corruption - passed
• Mozilla crashes with evidence of memory corruption - passed
• Adobe Flash Player video file parsing integer overflow - passed
• Mozilla crashes with evidence of memory corruption (rv:1.8.1.5) - passed
• Apple QuickTime MOV file JVTCompEncodeFrame heap overflow - passed
• Mozilla code execution via QuickTime Media-link files - passed
• Mozilla crashes with evidence of memory corruption (rv:1.8.1.8) - passed
• Mozilla memory corruption vulnerabilities (rv:1.8.1.10) - passed
• Mozilla crashes with evidence of memory corruption (rv:1.8.1.12) - passed
• Mozilla Firefox MathML integer overflow - passed

Opera
Adobe Flash Player video file parsing integer overflow - passed
Opera JavaScript invalid pointer arbitrary code execution - passed
Apple QuickTime MOV file JVTCompEncodeFrame heap overflow - passed

Hi Jahn
I only did the specific tests for each browser.

• Internet Explorer XML nested SPAN elements memory corruption - passed this was the last file checked so i assume that this is where i am getting the warning.

I also noticed Help! My anti-virus says there is a virus! warning on the web page.

The only reason i was concerned as i use this test at least once a week and this is the first time I have ever received a warning. I have tested at least 200 times.

Just now wondering why i have never received a warning from avast before.
Could it be because of a signature update ???

Thanks for all of your assistance

Cheers Pete
Ps
I have just ran a test with firefox using all available tests.
I got the same results as you did Jahn .

You’re welcome, Pete. Yes, more than likely it is caused by a recent signature update, but that’s a good thing. I occasionally run scanit and don’t remember any Avast warning until now, either.