Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I downloaded a pdf earlier, and I was trying to send it to my friend, but gmail

ID: 656758 • Letter: I

Question

I downloaded a pdf earlier, and I was trying to send it to my friend, but gmail said that it detected a virus. So I ran it through virustotal.com and only 1 out of 56 scanners came up with a virus - ClamAV returned with "PDF.Exploit.CVE_2014_8449". None of the other 55 scanners came up with anything. I looked up CVE_2014_8449 and found this: "Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors". I'm not sure what this means, and should I be worried about this even though only 1 of the 56 scanners found this? How can I tell if this is an actual problem? Should I just get rid of the pdf?

Thank you!

Explanation / Answer

The key thing to look for when you are analyzing a CVE is to first and foremost determine if your software is listed as being affected. If your software is not vulnerable, it doesn't mean you should necessarily be sharing the file because your friend may in fact be vulnerable and there may be some legal liability for knowingly sharing a malicious file.

The age of the file will also play an important factor here. If the PDF was created 5 years ago and you just recently downloaded it, the ClamAV finding is a false positive. This particular CVE is only a few months old and if we're seeing a PDF older than that, you are either dealing with super criminals or a false positive.

If you aren't affected and the file was only a few days old, consider it a learning experience and in the future only open files from respected locations.

Additionally, a question regarding a specific incident is difficult for the community to answer without additional findings, such as the origin of the file and a virus total link (Or other sandbox) to review behavioral observations.

Related Questions

I dont need you to write the 1-page, but I need help understanding how electrica
Question #3511583
I dont quite understand this question. Could you help me? -Mention a specific te
Question #200366
I dont really get how to set up this problem can you pleasehelp? In Plate Tecton
Question #3093528
I dont really know what two factor analysis is? All my study guid says is to kno
Question #316022
I dont really know where to start on this problem. Can anyone help me with it? L
Question #3546462
I dont really understand about interval notations and continuity much. Please sh
Question #2845983
I dont think my answers are correct The DataView tool that follows displays a da
Question #3306672
I dont underatnd these answers. For i: i thought the aldehyde reacts faster beca
Question #544165

Navigate

Previous
I download a large file of data regularly from the internet that comes in a .csv
Next
I draft letters that have the same basic language but with a few variations for

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.