DetailedDraft

CAPEC-556Replace File Extension Handlers

Abstraction
Detailed
Status
Draft

Description

When a file is opened, its file handler is checked to determine which program opens the file. File handlers are configuration properties of many operating systems. Applications can modify the file handler for a given file extension to call an arbitrary program when a file with the given extension is opened.

Related weaknesses· 1

CWE-284

MITRE ATT&CK crosswalk· 1

T1546.001: Event Triggered Execution:Change Default File Association

Related attack patterns· 1

CAPEC-542 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessImproper Access Controlcwe-284100%live

Related to1

TypeTargetConfidenceTier
SubTechniqueChange Default File Associationt1546.001100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Alternative Execution Due to Deceptive Filenames
CAPEC
Adding a Space to a File Extension
CAPEC
File Manipulation
Sub-technique
Change Default File Association
CAPEC
Replace Trusted Executable
CAPEC
Replace Binaries
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.