Attention community - three.js-dev-r148 - VIRUS?

I am being attacked on all sides and would like to report a possible warning.

ClamTk, v6.07
Tue Mar 21 22:55:43 2023
ClamAV Signatures: 8674330
Directories Scanned:

Found 1 possible threat (263523 files scanned).

…/www/threejs-r148/three.js-dev-r148/three.js-dev/examples/textures/memorial.tif Img.Exploit.CVE_2012_2027-6332502-0

See discussion in A virus appears to be present in this repo · Issue #25190 · mrdoob/three.js · GitHub — this doesn’t appear to be a real vulnerability.


I don’t know if Rozz is being serious or just being hilarious, there is no such threats in threejs? I have been using threejs and I have never encounter such issues, and the way you described the issues is exagerated, (attack on all side) what is that even mean?

should you not then update whatever tiff files it complains about, to make sure they are not recognized as “crafted”

1 Like

If I spent time on every reported issue in every code scanning tool, I would get nothing else done. I try to address those that represent actual problems, not the (many, many) false positives. NPM audit is a particularly bad offender here.

If you’d be interested in updating the .tif file so this tool doesn’t flag it, that’s great. :slight_smile:

nah Im good. I dont have this tool installed any way. let the topic starter do the pull request then XD

Yes, I should have researched the subject before, unfortunately my life is very busy, and the meaning of being attacked from all sides is real, mobile network, wifi and wired… I found this because I am in paranoid mode, it’s no joke.

My dear friend, it is best ethics to please evaluate your post before posting it, you are fortunate to have not been flagged, because your post is out of topic.

How can I fix friend?

if what u said is true? then there must be another cause, it could be a plugin or something you have installed in your pc, creating a virus in javascript is impossible, a virus can only be made on a computer program such as assembly language, flash MX, turbo C and any windows application that has a .COM or .EXE extension that you may have installed in your PC

So, as I sent is an ‘Exploit’ in the file ‘memorial.tif’ in the path indicated above…

It wasn’t me who warned, it was Antivirus for Linux ClamTk v6.0
I just did what I would do as a tech person, removing the hazard and warning the community. To know how this exploit works, the interested party will have to go deeper, that’s it!

that’s not entirely true, XSS is capable of injecting javascript into a website to scrape sensitive data that may have been left vulnerable… that being said the flagged “virus” above seems to have been a vulnerability in an older version of photoshop that

allows remote attackers to execute arbitrary code via a crafted TIFF (aka .TIF) file.

as described in this post…