system
1
polonus
2
system
3
is the font and http://fontlibrary.org/ not been seen to this day in the spread of exploits
XFilius
Pondus
4
Eddy
5
What a nutcase there at F-Secure.
There sure is such a exploit:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2426
Pondus
6
I think you are misunerstanding the answer, he did not say CVE-2015-2426 does not exist … he said the exploit is not in those files
One of the files is 2 months old at VT First submission 2015-09-18 23:02:13 UTC ( 2 months ago )
So why so few to report it?
zip file containe 8 files, only two are detected https://www.metascan-online.com/#!/results/file/6aa758025e7d48a19038a6fdaa49860a/extracted
Anyway, have sendt files to avast lab … will see what they say
Eddy
7
Many anti-malware tools don’t check if a exploit is fixed or not.
They only detect things when the exploit actively is being abused.
Pondus
8
Well Eddy, it seems the nutcase at F-Secure was correct, this is result from Avira lab
https://analysis.avira.com/en/status?uniqueid=Lsc2dqEOQhpAB6x4TdWrpP8hKjnpgw11&incidentid=1952788
File ID Filename Size (Byte) Result
28661650 Deuperset/Deupers...ar.eot 13.73 KB CLEAN
28661651 Deuperset/Deupers...ar.otf 11.86 KB FALSE POSITIVE
28661652 Deuperset/Deupers...ar.sfd 83.87 KB CLEAN
28661653 Deuperset/Deuper...ar.sfd~ 83.84 KB CLEAN
28661654 Deuperset/Deupers...ar.svg 28.59 KB CLEAN
28661655 Deuperset/Deupers...ar.ttf 13.55 KB FALSE POSITIVE
28661656 Deuperset/Deuper...ar.woff 4.81 KB CLEAN
28661657 Deuperset/README 1 KB CLEAN
Milos
9
Hello,
detection for CVE-2015-2426 will be fixed in next VPS release.
Milos