CWE-494: Download of Code Without Integrity Check
Description
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
Submission Date :
July 19, 2006, midnight
Modification Date :
2023-06-29 00:00:00+00:00
Organization :
MITRE
Extended Description
An attacker can execute malicious code by compromising the host server, performing DNS spoofing, or modifying the code in transit.
Example - 1
This example loads an external class from a local subdirectory.
new URL("file:subdir/")
URL[] classURLs= new URL[]{};URLClassLoader loader = new URLClassLoader(classURLs);Class loadedClass = Class.forName("loadMe", true, loader);
This code does not ensure that the class loaded is the intended one, for example by verifying the class's checksum. An attacker may be able to modify the class file to execute malicious code.
Example - 2
This code includes an external script to get database credentials, then authenticates a user against the database, allowing access to the application.
// //assume the password is already encrypted, avoiding CWE-312//
// //dbInfo.php makes $dbhost, $dbuser, $dbpass, $dbname available//
mysql_close();return true;
mysql_close();return false;include("http://external.example.com/dbInfo.php");mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql');mysql_select_db($dbname);$query = 'Select * from users where username='.$username.' And password='.$password;$result = mysql_query($query);if(mysql_numrows($result) == 1){}else{}
function authenticate($username,$password){}
This code does not verify that the external domain accessed is the intended one. An attacker may somehow cause the external domain name to resolve to an attack server, which would provide the information for a false database. The attacker may then steal the usernames and encrypted passwords from real user login attempts, or simply allow themself to access the application without a real user account.
This example is also vulnerable to an Adversary-in-the-Middle AITM (CWE-300) attack.
Related Weaknesses
This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.
Visit http://cwe.mitre.org/ for more details.