Published: 2017/07/14  Last Updated: 2022/03/29

Information from HiBARA Software

Vulnerability ID:JVN#61502349
Title:Self-Extracting Encrypted Files created by AttacheCase may insecurely load Dynamic Link Libraries

This is a statement from the vendor itself with no modification by JPCERT/CC.

A DLL hijacking (DLL preloading) vulnerability was discovered by placing a specific DLL file in the location where the output self-extracting archive file or the main body "AttacheCase.exe" are placed in both "AttacheCase#3" or "AttacheCase4" are released on the site.

These vulnerabilities have been confirmed in both the previous version (ver. or earlier) and the current version (ver. or earlier). If you are using these versions of "AttacheCase", please update to the latest version as soon as possible.

update history