JVN#51565015
LINE for Windows may insecurely load Dynamic Link Libraries
Overview
LINE for Windows may use unsafe methods for determining how to load DLLs.
Products Affected
- LINE for Windows ver 4.7.0 and earlier
- LINE Installer for Windows ver 4.8.0 and earlier
Note that LINE Installer for Windows (ver 4.8.0) did not address the vulnerability completely. Newer versions have been released.
Description
LINE for Windows provided by LINE Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries.
Impact
Arbitrary code may be executed with the privileges of the running application.
Solution
Update the Software
For cuurent users of LINE for Windows, the application will automatically update to the latest version provided by the developer.
For users that will be installing LINE for Windows, the developer has provided an updated version of the installer, please use this version of the installer.
Vendor Status
| Vendor | Link |
| LINE Corporation | [Vulnerability Notice] Fixed Vulnerability in LINE for Windows |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Comment
This analysis assumes that the user is tricked into placing a malicious DLL file prepared by an attacker in a specific folder.
Credit
Takashi Yoshikawa of Mitsui Bussan Secure Directions reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2016-4831 |
| JVN iPedia |
JVNDB-2016-000123 |
Update History
- 2016/08/19
- Information under the section "Products Affected" was updated.