Upgrade StorageVulnerability issues with Zotero?
I use Zotero 3.0.11 with Firefox 19.0.2 in a Ubuntu 12.04 LTS distribution.
After making a thorough virus scan with ClamAV in Ubuntu, tens of potential threats appear to be related to Zotero and in particular they are located in the zotero/storage subfolders.
The majority of these files are gif and js. The status given by ClamAV to these threats is PUA.Phishing.Bank, PUA.Script.Packed-1, PUA.Js.Obfus-2, PUA.JS.Xored.
Are there (known) vulnerability issues associated with Zotero? Is there a list of them somewhere and an assessment of how serious those may be?
After making a thorough virus scan with ClamAV in Ubuntu, tens of potential threats appear to be related to Zotero and in particular they are located in the zotero/storage subfolders.
The majority of these files are gif and js. The status given by ClamAV to these threats is PUA.Phishing.Bank, PUA.Script.Packed-1, PUA.Js.Obfus-2, PUA.JS.Xored.
Are there (known) vulnerability issues associated with Zotero? Is there a list of them somewhere and an assessment of how serious those may be?
-
Rintze
edited April 1, 2013It sounds like these files are part of webpages saved in Zotero (see http://www.zotero.org/support/getting_stuff_into_your_library#saving_web_pages ). Could that be the case? Saving webpage snapshots will store files like gifs and .js files onto your computer, which could of course be malicious if the copies on the original webpage where that as well. (although they could very well be false-positives) -
dstillmanYes, these certainly aren't related to Zotero itself.