Published:2018/06/12  Last Updated:2018/06/12

JVN#92265618
LINE for Windows may insecurely load Dynamic Link Libraries

Overview

LINE for Windows may insecurely load Dynamic Link Libraries.

Products Affected

  • LINE for Windows versions before 5.8.0
The developer states that version 5.8.0 and upper versions are not affected by this vulnerability.

Description

LINE for Windows provided by LINE Corporation specifies the path to read DLL when launching software.
If a user launches LINE for Windows by clicking the specially crafted link prepared by a remote attacker, it may result in insecurely loading Dynamic Link Libraries (CWE-427).

Impact

Arbitrary code may be executed with the privilege of the user invoking the software.

Solution

Update the Software
Update the software to the latest version according to the information provided by the developer.
According to the developer, the version 5.8.0 which contains a fix for this vulnerability was released on 2018 May 31, and the update is automatically applied when launching software.

Vendor Status

Vendor Link
LINE Corporation [Vulnerabilities] Vulnerability in the LINE Application for Windows PC Has Been Fixed​

References

  1. Japan Vulnerability Notes JVNTA#91240916
    Insecure DLL Loading and Command Execution Issues on Many Windows Application Programs

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score: 7.8
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)
CVSS v2 AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score: 6.8
Access Vector(AV) Local (L) Adjacent Network (A) Network (N)
Access Complexity(AC) High (H) Medium (M) Low (L)
Authentication(Au) Multiple (M) Single (S) None (N)
Confidentiality Impact(C) None (N) Partial (P) Complete (C)
Integrity Impact(I) None (N) Partial (P) Complete (C)
Availability Impact(A) None (N) Partial (P) Complete (C)

Comment

This analysis assumes that the user is tricked into launching LINE for Windows by clicking the specially crafted link prepared by an attacker.

Credit

LINE Corporation reported this vulnerability to JPCERT/CC to notify users of respective solutions through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2018-0609
JVN iPedia JVNDB-2018-000063