Information on the vulnerability (JVN#04665167) of XacRett #49.
Author: k.inaba (kiki at kmonos dot net)
Publication: Oct 14, 2010
Fixed by the version #50, released on Oct 14, 2010.
If you are using #49 or older, please update to the latest version.
The latest version is available from [ xacr51.exe ].
Just after the decompression of archives, arbitrary malicious program may be executed.
Usually, XacRett automatically opens the folder containing extracted files by Explorer. But if a file named "explorer.exe" is contained in the archive, the executable is run, instead of the Windows' Explorer.