MobileRead Forums - View Single Post - Exploit-CVE-2010-2738 in Ermine updates?

DoghouseReilley · 07-24-2011, 03:22 PM

TL,DR: Multiple versions of the update.zip for the Pocket Edge are being flagged by McAfee Stinger as having a virus.
Well met, strangers. I bought an enTourage Pocket eDGe Dualbook off Woot recently, and while I'm waiting for it to show up in the mail (shipping to APO takes forever sometimes) I've been downloading updates and reading about all the tinkering you've done.
Now for the hook: I ran some virus scans this morning, and when McAfee Stinger (version 10.1.0.1629, 27 May 2011 virus definitions) reached the folder I've downloaded my Edge updates into it came up with warnings. The problem appears to be a TrueType font (rursuscompactmono_2.ttf) which is in multiple updates and is susceptible to exploits. Stinger claims it's infected with a virus called Exploit-CVE-2010-2738. Frankly I don't know what to make of this, since I doubt Android has the same vulnerabilities, but this seems like something which the good people of Mobilereads should be aware of.
The file in question appears in these archives & paths:

ermine-1.01.002.zip\system2.zip\EsiDictionary.apk\rursusc ompactmono_2.ttf

p-update.zip.ermine-0.9.zip\system2.zip\EsiDictionary.apk\rursuscompac tmono_2.ttf

PocketEdge_updates_by_Mark_Rehorst.zip\update.zip. ermine-0.9.PE\system2.zip\EsiDictionary.apk\rursuscompact mono_2.ttf

update.zip\system2.zip\EsiDictionary.apk\rursuscom pactmono_2.ttf

07-24-2011, 03:22 PM	#1
DoghouseReilley Junior Member Posts: 7 Karma: 10 Join Date: Jul 2011 Location: KMC, De Device: Entourage PocketEdge; Motorola Droid2	Exploit-CVE-2010-2738 in Ermine updates? TL,DR: Multiple versions of the update.zip for the Pocket Edge are being flagged by McAfee Stinger as having a virus. Well met, strangers. I bought an enTourage Pocket eDGe Dualbook off Woot recently, and while I'm waiting for it to show up in the mail (shipping to APO takes forever sometimes) I've been downloading updates and reading about all the tinkering you've done. Now for the hook: I ran some virus scans this morning, and when McAfee Stinger (version 10.1.0.1629, 27 May 2011 virus definitions) reached the folder I've downloaded my Edge updates into it came up with warnings. The problem appears to be a TrueType font (rursuscompactmono_2.ttf) which is in multiple updates and is susceptible to exploits. Stinger claims it's infected with a virus called Exploit-CVE-2010-2738. Frankly I don't know what to make of this, since I doubt Android has the same vulnerabilities, but this seems like something which the good people of Mobilereads should be aware of. The file in question appears in these archives & paths: ermine-1.01.002.zip\system2.zip\EsiDictionary.apk\rursusc ompactmono_2.ttf p-update.zip.ermine-0.9.zip\system2.zip\EsiDictionary.apk\rursuscompac tmono_2.ttf PocketEdge_updates_by_Mark_Rehorst.zip\update.zip. ermine-0.9.PE\system2.zip\EsiDictionary.apk\rursuscompact mono_2.ttf update.zip\system2.zip\EsiDictionary.apk\rursuscom pactmono_2.ttf