Published: 2018/08/31  Last Updated: 2018/08/31

Information from HiBARA Software

Vulnerability ID:JVN#02037158
Title:AttacheCase vulnerable to arbitrary script execution
Status:Vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.

When a maliciously created setting file "_AtcCase.ini" exists in the same folder as the encrypted file (* .atc) created by the this product "Attache Case", the content of the setting file takes precedence and it is possible malicious scripts be executed.