Home > CAPEC List > CAPEC-253: Remote Code Inclusion (Version 2.6)  

CAPEC-253: Remote Code Inclusion

Remote Code Inclusion
Definition in a New Window Definition in a New Window
Attack Pattern ID: 253
Abstraction: Standard
Status: Draft
Completeness: Hook
+ Description


The attacker forces an application to load arbitrary code files from a remote location. The attacker could use this to try to load old versions of library files that have known vulnerabilities, to load files that the attacker placed on the remote machine during a prior attack, or to otherwise change the functionality of the targeted application in unexpected ways.

+ Content History
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team

Page Last Updated: July 23, 2014