Home > CAPEC List > CAPEC-253: Remote Code Inclusion (Version 2.7)  

CAPEC-253: Remote Code Inclusion

Remote Code Inclusion
Definition in a New Window Definition in a New Window
Attack Pattern ID: 253
Abstraction: Standard
Status: Draft
Completeness: Hook
Presentation Filter:
+ Summary

The attacker forces an application to load arbitrary code files from a remote location. The attacker could use this to try to load old versions of library files that have known vulnerabilities, to load files that the attacker placed on the remote machine during a prior attack, or to otherwise change the functionality of the targeted application in unexpected ways.

+ Content History
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team

More information is available — Please select a different filter.
Page Last Updated: November 13, 2015