Page 2 of 2

Re: plupload.silverlight.xap <- is it safe?

Posted: 27 Aug 2012, 19:07
by peterelsner
Yes it is. Thank you very much.

Re: plupload.silverlight.xap <- is it safe?

Posted: 24 Oct 2012, 22:24
by vius
Seems this issue is now unfixed.

Just got this hit running 2.74 when uploading a brand new Wordpress package:

# (compressed file: plupload.silverlight.dll [depth: 1]) MS Windows Binary/Executable [application/x-winexec]:
'/home/**REMOVED**/wp-includes/js/plupload/plupload.silverlight.xap

I'd really rather not exclude all xap files since they could contain exploits or hacks. Could someone look into this and re-fix it please? :)

Re: plupload.silverlight.xap <- is it safe?

Posted: 14 Jan 2013, 17:37
by sneader
I am starting up cxswatch with -I /etc/cxs/cxs.ignore

In my ignore file, I have:
hfile:plupload.silverlight.xap

I have restarted cxswatch

Despite all this, I still receive emails like this:

cxswatch Scanning /home/redacted/public_html/wp-includes/js/plupload/plupload.silverlight.xap:
# (compressed file: plupload.silverlight.dll [depth: 1]) MS Windows Binary/Executable [application/x-winexec]:
'/home/redacted/public_html/wp-includes/js/plupload/plupload.silverlight.xap'

I admit I am new to using the ignore system. Am I missing a step or doing something wrong?

Thanks for any advice.

- Scott

Re: plupload.silverlight.xap <- is it safe?

Posted: 14 Jan 2013, 17:44
by ForumAdmin
Since the plupload.silverlight.xap is in a sub-directory the ignore line will not match. You would be better of with a regex:

pfile:.*/plupload\.silverlight\.xap

Re: plupload.silverlight.xap <- is it safe?

Posted: 14 Jan 2013, 20:17
by sneader
Thanks, I'll give it a shot -- very helpful!

Also, I see in the docs, it looks like I should be using --ignore instead of -I. Maybe they are the same, but I'm going to switch to --ignore, to match the docs.

- Scott