I have discovered that Avast incorrectly reports this bug when it is presented with a web page which contains a link to a JPEG file which (for maybe some innocent reason) does not exist on the server. Check out my page here…
For some reason if Avast sees a broken link in a web page to an image, it interprets this as a security threat. In some cases this may well be a sign of maliciously inserted code, but it’s being fussy and not very clever, I think this is a ‘false positive’.
Yes, this was a pretty obscure issue, but with the information you posted here I’ve found the problem - my webhosting company had set up my hosted website so that 404 errors (and a couple of other types of HTTP errors) were redirected to customised HTML files outside the httpdocs directory (e.g. /error_docs/not_found.html) - the maliciously inserted Javascript appeared in these HTML files and may have been there for some time as these pages are default standard files supplied by my webhosting company and not part of my website, and not something I was monitoring closely. The website itself was free of malicious code, it was the error-handling setup of the webserver that had been compromised.
Thanks very much for this, I think the thing to learn from this is to look beyond the httpdocs directory of a hosted website and look at the standard files that a commercial webhosting setup may have supplied you with.
Malware is supposed to have been closed: 2012-06-14 21:40:00
Still site is being flagged by Bitdefender’s TrafficLight extension as unsafe, but seems to be clean
Your website server gives away the full version number, this could be avoided: http://www.cyberciti.biz/faq/rhel-centos-hide-httpd-version/
article author = VIVEK GITE,
