CAPEC-635: Alternative Execution Due to Deceptive Filenames

Standard Draft 严重程度: High

CAPEC版本: 3.9

更新日期: 2023-01-24

攻击模式描述

The extension of a file name is often used in various contexts to determine the application that is used to open and use it. If an attacker can cause an alternative application to be used, it may be able to execute malicious code, cause a denial of service or expose sensitive information.

前提条件

The use of the file must be controlled by the file extension.

缓解措施

Applications should insure that the content of the file is consistent with format it is expecting, and not depend solely on the file extension.

分类映射

分类名称	条目ID	条目名称
ATTACK	1036.007	Masquerading: Double File Extension

关键信息

CAPEC ID: CAPEC-635

抽象级别: Standard

状态: Draft

典型严重程度: High

CAPEC-635: Alternative Execution Due to Deceptive Filenames

攻击模式描述

前提条件

缓解措施

分类映射

关键信息

相关攻击模式

相关CWE弱点

CAPEC-635: Alternative Execution Due to Deceptive Filenames

攻击模式描述

前提条件

缓解措施

分类映射

关键信息

相关攻击模式

ChildOf CAPEC-165

相关CWE弱点