CAPEC-635

Standard Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Draft MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Severity: High
Alternative Execution Due to Deceptive Filenames

Description

The extension of a file name is often used in various contexts to determine the application that is used to open and use it. If an attacker can cause an alternative application to be used, it may be able to execute malicious code, cause a denial of service or expose sensitive information.

Prerequisites

The use of the file must be controlled by the file extension.

Mitigations

Applications should insure that the content of the file is consistent with format it is expecting, and not depend solely on the file extension.