CAPEC-253 - Remote Code Inclusion

The attacker forces an application to load arbitrary code files from a remote location. The attacker could use this to try to load old versions of library files that have known vulnerabilities, to load files that the attacker placed on the remote machine during a prior attack, or to otherwise change the functionality of the targeted application in unexpected ways.

Severity

Likelihood

Confidentiality

Integrity

Availability