Information on the vulnerability (JVN#04665167) of XacRett #49.

Author: k.inaba (kiki at kmonos dot net)
Publication: Oct 14, 2010
Japanese Version


Fixed by the version #50, released on Oct 14, 2010.

If you are using #49 or older, please update to the latest version.
The latest version is available from [ xacr51.exe ].


Just after the decompression of archives, arbitrary malicious program may be executed.

Usually, XacRett automatically opens the folder containing extracted files by Explorer. But if a file named "explorer.exe" is contained in the archive, the executable is run, instead of the Windows' Explorer.

To fix

presented by k.inaba (kiki .a.t. under CC0