JVN#83917769: AttacheCase vulnerable to directory traversal

ID JVN:83917769
Type jvn
Reporter Japan Vulnerability Notes
Modified 2017-01-16T00:00:00


## Description

AttacheCase is an open source file encryption software provided by HiBARA Software. AttacheCase contains a directory traversal vulnerability (CWE-22) due to a flaw in processing filenames in ATC files.

## Impact

Decrypting a crafted ATC file may result in creation of an arbitrary file or overwriting of an existing file.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.

## Products Affected

  • AttacheCase ver. and earlier
  • AttacheCase ver. and earlier