A place for security related announcements and discussions - please check this forum frequently!
Posts: 13114
Joined: Tue Jun 21, 2011 11:04 am
Location: Mü-Sa, RLP, DE


Post by cmb » Fri Oct 26, 2012 11:52 am

Hello Community,

I've checked all 649 files of the CMSimple_XH_155 package on The files have been checked with 43 recent anti-malware engines. Only for 1 file 1 positive was reported by McAfee-GW-Edition (yesterdays version). The file is plugins/jquery/help/sh/shCore.js (a part of Alex Gorbatchev's Syntaxhighlighter); it was reported as Heuristic.BehavesLike.JS.Unwanted. Manual inspection of the file showed, that it's using clipboard.swf (in the same folder), what might have caused the scanner to report it as potential malware.

I have compared the file with the one contained in the download from (Version 2.1.382) and they are identical. So I'm very sure, that the file doesn't contain any malware, as the SyntaxHighlighter is used on many websites, and 2.1.382 is the latest version of the 2 series, which is still very popular.

IMO we can close the case. There is no malware contained in CMSimple_XH 1.5.5.

Christoph M. Becker – Plugins for CMSimple_XH

Post Reply