CAPEC-635

Alternative Execution Due to Deceptive Filenames
High
Draft
2018-05-31
00h00 +00:00
2022-09-29
00h00 +00:00
CAPEC Mitre.org
Alerte pour un CAPEC
Stay informed of any changes for a specific CAPEC.
Notifications manage

Descriptions CAPEC

The extension of a file name is often used in various contexts to determine the application that is used to open and use it. If an attacker can cause an alternative application to be used, it may be able to execute malicious code, cause a denial of service or expose sensitive information.

Informations CAPEC

Prerequisites

The use of the file must be controlled by the file extension.

Mitigations

Applications should insure that the content of the file is consistent with format it is expecting, and not depend solely on the file extension.

Related Weaknesses

CWE-ID Weakness Name

CWE-162

 Improper Neutralization of Trailing Special Elements
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes trailing special elements that could be interpreted in unexpected ways when they are sent to a downstream component.

Submission

Name Organization Date Date release
CAPEC Content Team The MITRE Corporation 2018-05-31 +00:00

Modifications

Name Organization Date Comment
CAPEC Content Team The MITRE Corporation 2022-09-29 +00:00 Updated Taxonomy_Mappings
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.