Dark Mode

Settings

Capec-649 Detail

Adding a Space to a File Extension

Detailed Software Likelihood: Low Typical Severity: Medium

Parents: 635

Threats: T68

Description

An adversary adds a space character to the end of a file extension and takes advantage of an application that does not properly neutralize trailing special elements in file names. This extra space, which can be difficult for a user to notice, affects which default application is used to operate on the file and can be leveraged by the adversary to control execution.

Not present

External ID Source Link Description
CAPEC-649 capec https://capec.mitre.org/data/definitions/649.html
CWE-46 cwe http://cwe.mitre.org/data/definitions/46.html
T1036.006 ATTACK https://attack.mitre.org/wiki/Technique/T1036/006 Masquerading:Space after Filename

Not present

  1. The use of the file must be controlled by the file extension.

Not present

Not present

Integrity Availability Confidentiality
Execute Unauthorized Commands Execute Unauthorized Commands Execute Unauthorized Commands

Not present

We use cookies to ensure you get the best experience on our website.