Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
http://secunia.com/advisories/42672
http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000066.html