An attacker modifies file contents or attributes (such as extensions or
names) of files in a manner to cause incorrect processing by an application.
Attackers use this class of attacks to cause applications to enter unstable
states, overwrite or expose sensitive information, and even execute
arbitrary code with the application's privileges. This class of attacks
differs from attacks on configuration information (even if file-based) in
that file manipulation causes the file processing to result in non-standard
behaviors, such as buffer overflows or use of the incorrect interpreter.
Configuration attacks rely on the application interpreting files correctly
in order to insert harmful configuration information. Likewise, resource
location attacks rely on controlling an application's ability to locate
files, whereas File Manipulation attacks do not require the application to
look in a non-default location, although the two classes of attacks are
often combined.
Attack Prerequisites
The target must use the affected file without verifying its
integrity.
Resources Required
No special resources are required for most variants of this attack. In some
cases, tools are needed to better control the response of the targeted
application to the modified file.
Vision and Technical Leadership provided by Cigital, Inc.
This Web site is hosted by The MITRE Corporation.
Copyright 2009, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.
Description
