CWE-430: Deployment of Wrong Handler

Description

The wrong "handler" is assigned to process an object.

Extended Description

An example of deploying the wrong handler would be calling a servlet to reveal source code of a .JSP file, or automatically "determining" type of the object even if it is contradictory to an explicitly specified type.

ThreatScore

Threat Mapped score: 1.8

Industry: Finiancial

Threat priority: P4 - Informational (Low)

Observed Examples (CVEs)

CVE: CVE-2001-0004

Source code disclosure via manipulated file extension that causes parsing by wrong DLL.
CVE: CVE-2002-0025

Web browser does not properly handle the Content-Type header field, causing a different application to process the document.
CVE: CVE-2000-1052

Source code disclosure by directly invoking a servlet.
CVE: CVE-2002-1742

Arbitrary Perl functions can be loaded by calling a non-existent function that activates a handler.

Related Attack Patterns (CAPEC)

CAPEC-11

Attack TTPs

T1036.006 — Space after Filename (defense-evasion)

Malware

Keydnap

APTs (Intrusion Sets)

APT38

Modes of Introduction

Phase	Note
Implementation	N/A

Common Consequences

Impact: Varies by Context, Unexpected State — Notes:

Potential Mitigations

Architecture and Design: Perform a type check before interpreting an object. (N/A)
Architecture and Design: Reject any inconsistent types, such as a file with a .GIF extension that appears to consist of PHP code. (N/A)

Applicable Platforms

None (Not Language-Specific, Undetermined)

Demonstrative Examples

N/A

Notes

No notes available.

← Back to CWE list