I just got a very peculiar warning from running McAfee virus scan (XP): BlueCloth-1.0.0\tests\15_Contrib.tests.rb is infected by the JS\Exploit-CrossSite trojan. Anything to be concerned about here? Or a total red-herring from McAfee? (McAfee seems to have the file somehow locked right now so I can't even browse its contents.) Thanks.
on 2005-12-02 18:41
on 2005-12-02 19:29
itsme213 wrote: > I just got a very peculiar warning from running McAfee virus scan (XP): > > BlueCloth-1.0.0\tests\15_Contrib.tests.rb is infected by the > JS\Exploit-CrossSite trojan. > > Anything to be concerned about here? Or a total red-herring from McAfee? Antivir (updated 2 hours ago) does not complain. Perhaps McAffee uses some heuristics to guess whether sth is a virus or not. Possibly because of the string DangerousHtml (containing <script> tags). There has been an online-virus-scanner somewhere sometime, but - here it is: http://www.kaspersky.com/scanforvirus
on 2005-12-08 00:24
This has already been reported, but it's an artifact of McAfee's heuristics, not an actual virus. For more details check out: <http://www.deveiate.org/projects/BlueCloth/ticket/29>