Subsonic Forum

[getjams]

I just upgraded from 4.7 beta 3 to 4.7 final and Microsoft Security essentials removed two items it saw as "severe" threats.

Category: Exploit
Detected Item: Exploit:Java/CVE-2008-5353.WX
Alert Level: Severe
Action Taken: Removed
Description: This program is dangerous and exploits the computer on which it is run.
Recommended action: Remove this software immediately.
Items:
file:C:\subsonic\jetty\3106\webapp\WEB-INF\classes\net\sourceforge\subsonic\dao\schema\Schema47.class
file:C:\subsonic\jetty\3106\webapp\WEB-INF\classes\net\sourceforge\subsonic\domain\Artist.class

It actually looks like it happened when I installed 4.7 beta 3 as well as I see two items in the log, one from a few weeks ago and one from today when I ran the 4.7 upgrade.

[getjams]

Forgot to mention. This is 32bit Windows 7 Ultimate, using the most current Java 7 update.

[getjams]

Whatever MS Security excluded made subsonic not work at all, started giving 503 service unavailable errors. I excluded C:\Subsonic from MS Security Essentials scanner and re-installed 4.7 and am back up and running. Still odd that it thought those two .class files were "severe" threats.

[PieterB]

Forgot to mention. This is 32bit Windows 7 Ultimate, using the most current Java 7 update.

Whenever you post something, and you forgot to write a little detail, it is better to edit your post instead of replying to your own post - in this case even twice.
HTH