This could actually be a problem with ClamAV. I don't see this with
McAfee VirusScan.
Gustavo Seabra
Professor Adjunto
Departamento de Química Fundamental
Universidade Federal de Pernambuco
Fone: +55-81-2126-7417
On Tue, May 25, 2010 at 10:11 PM, Lachele Foley <lfoley.ccrc.uga.edu> wrote:
> Just ran ClamAV on a machine. You might find these entries in the log amusing:
>
> /usr/local/programs/amber/amber11/doc/AmberTools.pdf: Suspect.PDF.ObfuscatedJS-1 FOUND
> /usr/local/programs/amber/amber11/doc/leap_pg.pdf: Suspect.PDF.ObfuscatedJS-1 FOUND
> /usr/local/programs/amber/amber11/AmberTools/src/gleap/leapdoc/leap_pg.pdf: Suspect.PDF.ObfuscatedJS-1 FOUND
>
> I don't think they mean the docs are compromised. The md5sum for the leap_pg.pdf there is the same as on two other machines, including the git repo that I just updated. I'm sure there's some internal check the files don't pass, but I don't know what. Based on a cursory Googling, I think there is an evil and hard to detect exploit involving javascript embedded in pdf files, and these files must look somehow as if they have it.
>
> I'm sure this isn't worth losing sleep over, but figured you'd want to know.
>
> :-) Lachele
> --
> B. Lachele Foley, PhD '92,'02
> Assistant Research Scientist
> Complex Carbohydrate Research Center, UGA
> 706-542-0263
> lfoley.ccrc.uga.edu
>
> _______________________________________________
> AMBER-Developers mailing list
> AMBER-Developers.ambermd.org
> http://lists.ambermd.org/mailman/listinfo/amber-developers
>
_______________________________________________
AMBER-Developers mailing list
AMBER-Developers.ambermd.org
http://lists.ambermd.org/mailman/listinfo/amber-developers
Received on Wed May 26 2010 - 07:00:08 PDT
