...
Passing untrusted, unsanitized data to the Runtime.exec()
method can result in command and argument injection attacks.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
IDS07-J | High | Probable | Medium | P12 | L1 |
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
The Checker Framework |
| Tainting Checker | Trust and security errors (see Chapter 8) | ||||||
CodeSonar |
| JAVA.IO.INJ.COMMAND | Command Injection (Java) | ||||||
Coverity | 7.5 | OS_CMD_INJECTION | Implemented | ||||||
Parasoft Jtest |
| CERT.IDS07.EXEC | Do not use 'Runtime.exec()' | ||||||
SonarQube |
| OS commands should not be vulnerable to injection attacks |
Related Vulnerabilities
CVE-2010-0886 | |
CVE-2010-1826 | Command injection in |
T-472 | Mac OS X Java Command Injection Flaw in |
Related Guidelines
Secure
Coding Standard | IDS34-PL. Do not pass untrusted, unsanitized data to a command interpreter |
Injection [RST] | |
CWE-78, Improper Neutralization of Special Elements Used in an OS Command ("OS Command Injection") |
Android Implementation Details
Runtime.exec()
can be called from Android apps to execute operating system commands.
Bibliography
Chapter 5, "Handling Input," section "Command Injection" | |
[OWASP 2005] | A Guide to Building Secure Web Applications and Web Services |
[Permissions 2008] | Permissions in the Java™ SE 6 Development Kit (JDK) |
[Seacord 2015] |
...
...