Detailedseverity: MediumDraft

CAPEC-263Force Use of Corrupted Files

Abstraction
Detailed
Status
Draft
Severity
Medium

Description

This describes an attack where an application is forced to use a file that an attacker has corrupted. The result is often a denial of service caused by the application being unable to process the corrupted file, but other results, including the disabling of filters or access controls (if the application fails in an unsafe way rather than failing by locking down) or buffer overflows are possible.

Related weaknesses· 1

CWE-829

Related attack patterns· 1

CAPEC-17 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessInclusion of Functionality from Untrusted Control Spherecwe-829100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
File Manipulation
CAPEC
Modify Shared File
CAPEC
Leveraging Race Conditions
CAPEC
Buffer Overflow via Symbolic Links
CAPEC
Remote Code Inclusion
CAPEC
Filter Failure through Buffer Overflow
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.