Detailedlikelihood: Lowseverity: MediumDraft

CAPEC-649Adding a Space to a File Extension

Abstraction
Detailed
Status
Draft
Likelihood
Low
Severity
Medium

Description

An adversary adds a space character to the end of a file extension and takes advantage of an application that does not properly neutralize trailing special elements in file names. This extra space, which can be difficult for a user to notice, affects which default application is used to operate on the file and can be leveraged by the adversary to control execution.

Related weaknesses· 1

CWE-46

MITRE ATT&CK crosswalk· 1

T1036.006: Masquerading:Space after Filename

Related attack patterns· 1

CAPEC-635 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessPath Equivalence: 'filename ' (Trailing Space)cwe-46100%live

Related to1

TypeTargetConfidenceTier
SubTechniqueSpace after Filenamet1036.006100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Alternative Execution Due to Deceptive Filenames
Sub-technique
Space after Filename
CAPEC
Replace File Extension Handlers
CAPEC
File Manipulation
CAPEC
Create files with the same name as files protected with a higher classification
Sub-technique
Double File Extension
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.