Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

Buscar en Ayuda

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Este tema ha sido archivado. Haz una nueva pregunta si necesitas ayuda.

ClamXav reports Xml.Exploit.CVE_2013_3860-3 infection in the Firefox 48.0.1 MacOS app

  • 1 respuesta
  • 3 tienen este problema
  • 11 visitas
  • Última respuesta de John99

rayt1
rayt1
more options

update today to 48.0.1 on Mac, ClamXav reports infection 'File Name Infection Name Status /Applications/Firefox.app Xml.Exploit.CVE_2013_3860-3' Deleted firefox and downloaded/installed new from this site but ClamXav again reports same infection ?whether real or relevant

update today to 48.0.1 on Mac, ClamXav reports infection 'File Name Infection Name Status /Applications/Firefox.app Xml.Exploit.CVE_2013_3860-3' Deleted firefox and downloaded/installed new from this site but ClamXav again reports same infection ?whether real or relevant

Solución elegida

This is not a definitive answer. I am not even a Mac user.

Official Mozilla Firefox downloads have As Far As I Know never contained malware they have however occasionally triggered false positives, which I imagine is what is happening here.

Also if that malware is the same as https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3860 it looks like it is something that affects only Windows so it should not be any immediate problem on a Mac.

The official download site would be

You would presumably have initially got an update using the installed Firefox, there is just a possibility that is corrupt (or settings are corrupt)

If you wish to you could try what we call a clean reinstall where the original application files are trashed before reinstalling. However from what you say I presume the problem is only detected after the new Fx48.0.1 is installed and that your download would have been from an official site as you said.

Leer esta respuesta en su contexto 👍 1

Todas las respuestas (1)

John99
John99
more options

Solución elegida

This is not a definitive answer. I am not even a Mac user.

Official Mozilla Firefox downloads have As Far As I Know never contained malware they have however occasionally triggered false positives, which I imagine is what is happening here.

Also if that malware is the same as https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3860 it looks like it is something that affects only Windows so it should not be any immediate problem on a Mac.

The official download site would be

You would presumably have initially got an update using the installed Firefox, there is just a possibility that is corrupt (or settings are corrupt)

If you wish to you could try what we call a clean reinstall where the original application files are trashed before reinstalling. However from what you say I presume the problem is only detected after the new Fx48.0.1 is installed and that your download would have been from an official site as you said.