Can anyone help me with getting rid of ttf:CVE-2012-2897 virus detected? In Boot-time scan I was not able to do anything, i.e. delete, move…
Thanks for any help.
Start with installing ALL (especially security) updates for your system:
https://technet.microsoft.com/library/security/ms12-075
Can anyone help me with getting rid of ttf:CVE-2012-2897 virus detected?what is the location of the file detected?....full file path
Hi,
I am using the ReadCube software on the Mac OS X Yosemite platform. ReadCube helps searching for and downloading PDFs of articles from online depositories, such as www.jstor.org. Virtually whenever I download a PDF from www.jstor.org into my ReadCube, I get several warnings of virus threats being blocked by Avast!. The application reportedly linked with the problem is ‘pdf2swf’ and the name of the virus is TTF:CVE-2012-2897. I suppose that the problem can be easily replicated by other users who are using ReadCube on a Mac §platform. Should I be concerned about using ReadCube? I do have to pay annual fee for this app. Could it make my Mac vulnerable to infection? Or is it just a false positive message, meaning that CVE-2012-2897 is not a virus and not a problem for the users?
Thank you so much, Zed
CVE-2012-2897 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2897
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before 22.0.1229.79 and other programs, do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted TrueType font file, aka "Windows Font Parsing Vulnerability" or "TrueType Font Parsing Vulnerability."
@Valenta … seems it is no danger to Mac 
Upload and test the pdf file at www.virustotal.com if tested before, click rescan for a fresh result
post link to scan result here
Hi, the result of the scan is as follows:
The file being studied is a PDF document! The document’s header reveals it is using the following file format specification: %PDF-1.6.
PDFiD information:
This PDF document contains 1 object stream. A stream object is just a sequence of bytes and very often is only used to store images and page descriptions, however, since it is not limited in length many attackers use these artifacts in conjunction with filters to obfuscate other objects.
This PDF document uses JBIG2 compression. This is not necessarily and indication of a malicious PDF, but further investigation is recommended as it may reveal the presence of vulnerable filters.
This PDF document has 32 object start declarations and 32 object end declarations.
This PDF document has 30 stream object start declarations and 30 stream object end declarations.
This PDF document has a pointer to the cross reference table (startxref).