IP Messenger Installer vulnerability of DLL loading without intent
IP Messenger Installer(v4.60 or earlier) has vulnerability of DLL loading without intent.
If this vulnerability is exploited, there is a risk that arbitrary code will be executed during the execution of the installer.
IP Messenger Installer v4.60 or earlier.
Please use IP Messenger Installer v4.61 or later.
1) Restore the installer executable file in the installer zip archive to the folder where the malicious DLL is placed.
2) Execute the installer and press "start" button
Remarks: It will not be affected if it is executed directly from the explorer zip folder or when it is executed after restoring with folder.
Even if it is not written "DLL reading without absolute path" in the source code, it is automatically internally executed "DLL reading without absolute path" at some WinAPI or COM I/F called.
This is the reason of IP Messenger Installer vulnerability.
(*) I confirmed in Win10Pro and found in the following.
1) ShellExecute API will load "urlmon.dll" without absolute path internally.
2) IShellLink(create shortcut or etc) COM will load a dll without absolute path internally.
2017/08/03: Add JVN Number and related links because JPCERT announced about this vulnerability.