Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

ClamXav reports Xml.Exploit.CVE_2013_3860-3 infection in the Firefox 48.0.1 MacOS app

  • 1 reply
  • 3 have this problem
  • 7 views
  • Last reply by John99

rayt1
rayt1
more options

update today to 48.0.1 on Mac, ClamXav reports infection 'File Name Infection Name Status /Applications/Firefox.app Xml.Exploit.CVE_2013_3860-3' Deleted firefox and downloaded/installed new from this site but ClamXav again reports same infection ?whether real or relevant

update today to 48.0.1 on Mac, ClamXav reports infection 'File Name Infection Name Status /Applications/Firefox.app Xml.Exploit.CVE_2013_3860-3' Deleted firefox and downloaded/installed new from this site but ClamXav again reports same infection ?whether real or relevant

Chosen solution

This is not a definitive answer. I am not even a Mac user.

Official Mozilla Firefox downloads have As Far As I Know never contained malware they have however occasionally triggered false positives, which I imagine is what is happening here.

Also if that malware is the same as https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3860 it looks like it is something that affects only Windows so it should not be any immediate problem on a Mac.

The official download site would be

You would presumably have initially got an update using the installed Firefox, there is just a possibility that is corrupt (or settings are corrupt)

If you wish to you could try what we call a clean reinstall where the original application files are trashed before reinstalling. However from what you say I presume the problem is only detected after the new Fx48.0.1 is installed and that your download would have been from an official site as you said.

Read this answer in context 👍 1

All Replies (1)

John99
John99
more options

Chosen Solution

This is not a definitive answer. I am not even a Mac user.

Official Mozilla Firefox downloads have As Far As I Know never contained malware they have however occasionally triggered false positives, which I imagine is what is happening here.

Also if that malware is the same as https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3860 it looks like it is something that affects only Windows so it should not be any immediate problem on a Mac.

The official download site would be

You would presumably have initially got an update using the installed Firefox, there is just a possibility that is corrupt (or settings are corrupt)

If you wish to you could try what we call a clean reinstall where the original application files are trashed before reinstalling. However from what you say I presume the problem is only detected after the new Fx48.0.1 is installed and that your download would have been from an official site as you said.