1061:
32:
177:
Arbitrary code execution signifies that if someone sends a specially designed set of data to a computer, they can make it do whatever they want. Even though this particular weakness may not cause actual problems in the real world, researchers have discussed whether it suggests a natural tendency for
237:. The instruction pointer points to the next instruction in the process that will be executed. Control over the value of the instruction pointer therefore gives control over which instruction is executed next. In order to execute arbitrary code, many exploits
283:, an attacker could act as the user, performing actions such as modifying personal computer files or accessing banking information, but would not be able to perform system-level actions (unless the user in question also had that access).
249:) and use a vulnerability to change the instruction pointer to have it point to the injected code. The injected code will then automatically get executed. This type of attack exploits the fact that most computers (which use a
637:
294:
itself or an account such as
Administrator, SYSTEM, or root. With or without this enhanced control, exploits have the potential to do severe damage or turn the computer into a
309:
hobbyists have managed to find vulnerabilities in classic video games that allow them to execute arbitrary code, usually using a precise sequence of button inputs in a
881:
836:
762:
443:
162:. The ability to trigger arbitrary code execution over a network (especially via a wide-area network such as the Internet) is often referred to as
783:
725:
527:
955:
909:
648:
186:
There are a number of classes of vulnerability that can lead to an attacker's ability to execute arbitrary commands or code. For example:
467:
Johnson, Pontus (2021). "Intrinsic
Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine".
96:
1499:
68:
49:
672:
257:, so that malicious code can be camouflaged as harmless input data. Many newer CPUs have mechanisms to make this harder, such as a
75:
1476:
347:
by utilizing an out-of-bounds read of a function pointer that points to a user controlled buffer to execute arbitrary code.
82:
1507:
948:
155:
or hardware allowing arbitrary code execution. A program that is designed to exploit such a vulnerability is called an
1439:
621:
588:
115:
64:
1235:
422:
140:) is an attacker's ability to run any commands or code of the attacker's choice on a target machine or in a target
1489:
53:
700:
1302:
941:
286:
To work around this, once an attacker can execute arbitrary code on a target, there is often an attempt at a
1533:
1494:
1415:
1215:
158:
20:
298:—but privilege escalation helps with hiding the attack from the legitimate administrator of the system.
1471:
1429:
1085:
791:
89:
1332:
1050:
291:
230:
147:
509:
495:
1317:
1195:
337:
322:
250:
1405:
1357:
1020:
578:
395:
310:
254:
42:
613:
1446:
1180:
482:
403:, and characterized as "the single biggest, most critical vulnerability of the last decade".
276:
1466:
1378:
1327:
1272:
1140:
1113:
1095:
993:
964:
545:
287:
270:
246:
1060:
8:
1250:
1025:
983:
382:
234:
226:
141:
683:
546:"Exploiting CVE-2018-19134: remote code execution through type confusion in Ghostscript"
1434:
1362:
1267:
606:
468:
295:
1482:
1240:
1175:
1125:
1072:
1030:
978:
617:
584:
412:
343:
129:
563:
1451:
1391:
1155:
1145:
1040:
910:"Recently uncovered software flaw 'most critical vulnerability of the last decade'"
754:
318:
198:
857:
812:
1342:
1322:
1220:
1045:
1035:
400:
314:
279:
as the target process that is vulnerable. For example, if exploiting a flaw in a
194:
275:
On its own, an arbitrary code execution exploit will give the attacker the same
1512:
1410:
1260:
1210:
1185:
1150:
1130:
1010:
998:
258:
238:
1527:
1422:
1383:
1352:
1347:
1200:
1190:
1160:
365:
361:
On May 1, 2018, a security researcher discovered an ACE vulnerability in the
241:
into the process (for example by sending input to it which gets stored in an
190:
1456:
1312:
1015:
914:
886:
326:
19:"Remote code execution" redirects here. For the science fiction novel, see
178:
computers to have vulnerabilities that allow unauthorized code execution.
1396:
1230:
1205:
1170:
1005:
837:"File Operation Induced Unserialization via the "phar://" Stream Wrapper"
306:
280:
242:
755:"Microsoft Windows CVE-2018-8213 Arbitrary Code Execution Vulnerability"
1461:
1277:
1225:
1108:
988:
933:
882:"Zeroday in ubiquitous Log4j tool poses a grave threat to the Internet"
444:"Remote code execution attack: what it is, how to protect your systems"
355:
225:
Arbitrary code execution is commonly achieved through control over the
212:
1337:
1292:
1287:
1135:
1103:
378:
31:
1297:
1255:
1118:
784:"A Vulnerability in 7-Zip Could Allow for Arbitrary Code Execution"
473:
417:
350:
On June 12, 2018, Bosnian security researcher Jean-Yves
Avenard of
152:
290:
exploit in order to gain additional control. This may involve the
1307:
1282:
1245:
351:
1165:
1080:
390:
528:"Understanding type confusion vulnerabilities: CVE-2015-0336"
386:
362:
331:
329:
enthusiasts managed to code and run versions of the games
608:
Milestones in
Computer Science and Information Technology
577:
Gilreath, William F.; Laplante, Phillip A. (2003-03-31).
371:
788:
New York State Office of
Information Technology Services
374:
has been the subject of numerous ACE vulnerabilities.
264:
56:. Unsourced material may be challenged and removed.
605:
377:On December 9, 2021, a RCE vulnerability called "
1525:
576:
580:Computer Architecture: A Minimalist Perspective
949:
638:"Tech Insight: Execute Disable Bit (XD-Bit)"
253:) do not make a general distinction between
726:"How an emulator-fueled robot reprogrammed
956:
942:
1500:Security information and event management
583:. Springer Science & Business Media.
472:
116:Learn how and when to remove this message
963:
466:
1526:
723:
612:. Greenwood Publishing Group. p.
603:
181:
16:Cyber attack where any code can be run
1477:Host-based intrusion detection system
937:
765:from the original on October 31, 2018
701:"Remote Code Execution - an overview"
442:Team, KernelCare (25 January 2021).
441:
389:, affecting many services including
54:adding citations to reliable sources
25:
1508:Runtime application self-protection
510:"Deserialization of untrusted data"
354:discovered an ACE vulnerability in
265:Combining with privilege escalation
13:
1059:
14:
1545:
1440:Security-focused operating system
1236:Insecure direct object reference
724:Orland, Kyle (14 January 2014).
423:Follina (security vulnerability)
30:
1490:Information security management
902:
874:
850:
829:
805:
776:
747:
717:
693:
665:
204:Deserialization vulnerabilities
41:needs additional citations for
630:
597:
570:
564:"LDD arbitrary code execution"
556:
538:
520:
502:
460:
435:
207:Type confusion vulnerabilities
1:
428:
323:Awesome Games Done Quick 2014
381:" was discovered in popular
317:, allowing them to write to
7:
1495:Information risk management
1416:Multi-factor authentication
972:Related security categories
406:
301:
21:RCE - Remote Code Execution
10:
1550:
1472:Intrusion detection system
1430:Computer security software
1086:Advanced persistent threat
268:
220:
65:"Arbitrary code execution"
18:
1371:
1071:
1057:
1051:Digital rights management
971:
604:Reilly, Edwin D. (2003).
157:arbitrary code execution
146:arbitrary code execution
1196:Denial-of-service attack
1091:Arbitrary code execution
251:Von Neumann architecture
216:arbitrary code execution
193:vulnerabilities such as
134:arbitrary code execution
1406:Computer access control
1358:Rogue security software
1021:Electromagnetic warfare
396:Minecraft: Java Edition
311:tool-assisted superplay
1452:Obfuscation (software)
1181:Browser Helper Objects
1065:
858:"NVD - CVE-2017-12933"
813:"NVD - CVE-2017-12934"
682:. 2012. Archived from
647:. 2005. Archived from
490:Cite journal requires
151:is a security flaw in
1447:Data-centric security
1328:Remote access trojans
1063:
673:"AMD has you covered"
229:(such as a jump or a
164:remote code execution
1379:Application security
1273:Privilege escalation
1141:Cross-site scripting
994:Cybersex trafficking
965:Information security
705:ScienceDirect Topics
288:privilege escalation
271:Privilege escalation
50:improve this article
1026:Information warfare
984:Automotive security
448:blog.kernelcare.com
227:instruction pointer
182:Vulnerability types
1534:Injection exploits
1435:Antivirus software
1303:Social engineering
1268:Polymorphic engine
1221:Fraudulent dialers
1126:Hardware backdoors
1066:
918:. 11 December 2021
890:. December 9, 2021
552:. 5 February 2019.
1521:
1520:
1483:Anomaly detection
1388:Secure by default
1241:Keystroke loggers
1176:Drive-by download
1064:vectorial version
1031:Internet security
979:Computer security
728:Super Mario World
413:Computer security
344:Super Mario World
130:computer security
126:
125:
118:
100:
1541:
1392:Secure by design
1323:Hardware Trojans
1156:History sniffing
1146:Cross-site leaks
1041:Network security
958:
951:
944:
935:
934:
928:
927:
925:
923:
906:
900:
899:
897:
895:
878:
872:
871:
869:
868:
854:
848:
847:
841:
833:
827:
826:
824:
823:
809:
803:
802:
800:
799:
790:. Archived from
780:
774:
773:
771:
770:
751:
745:
744:
742:
740:
721:
715:
714:
712:
711:
697:
691:
690:
688:
677:
669:
663:
662:
660:
659:
653:
642:
634:
628:
627:
611:
601:
595:
594:
574:
568:
567:
560:
554:
553:
542:
536:
535:
524:
518:
517:
506:
500:
499:
493:
488:
486:
478:
476:
464:
458:
457:
455:
454:
439:
319:protected memory
215:
195:buffer overflows
121:
114:
110:
107:
101:
99:
58:
34:
26:
1549:
1548:
1544:
1543:
1542:
1540:
1539:
1538:
1524:
1523:
1522:
1517:
1367:
1067:
1055:
1046:Copy protection
1036:Mobile security
967:
962:
932:
931:
921:
919:
908:
907:
903:
893:
891:
880:
879:
875:
866:
864:
856:
855:
851:
839:
835:
834:
830:
821:
819:
811:
810:
806:
797:
795:
782:
781:
777:
768:
766:
753:
752:
748:
738:
736:
722:
718:
709:
707:
699:
698:
694:
689:on Mar 5, 2019.
686:
675:
671:
670:
666:
657:
655:
651:
640:
636:
635:
631:
624:
602:
598:
591:
575:
571:
562:
561:
557:
544:
543:
539:
534:. 18 June 2015.
526:
525:
521:
508:
507:
503:
491:
489:
480:
479:
465:
461:
452:
450:
440:
436:
431:
409:
315:buffer overflow
304:
273:
267:
233:) of a running
223:
211:
184:
122:
111:
105:
102:
59:
57:
47:
35:
24:
17:
12:
11:
5:
1547:
1537:
1536:
1519:
1518:
1516:
1515:
1513:Site isolation
1510:
1505:
1504:
1503:
1497:
1487:
1486:
1485:
1480:
1469:
1464:
1459:
1454:
1449:
1444:
1443:
1442:
1437:
1427:
1426:
1425:
1420:
1419:
1418:
1411:Authentication
1403:
1402:
1401:
1400:
1399:
1389:
1386:
1375:
1373:
1369:
1368:
1366:
1365:
1360:
1355:
1350:
1345:
1340:
1335:
1330:
1325:
1320:
1315:
1310:
1305:
1300:
1295:
1290:
1285:
1280:
1275:
1270:
1265:
1264:
1263:
1253:
1248:
1243:
1238:
1233:
1228:
1223:
1218:
1213:
1211:Email spoofing
1208:
1203:
1198:
1193:
1188:
1183:
1178:
1173:
1168:
1163:
1158:
1153:
1151:DOM clobbering
1148:
1143:
1138:
1133:
1131:Code injection
1128:
1123:
1122:
1121:
1116:
1111:
1106:
1098:
1093:
1088:
1083:
1077:
1075:
1069:
1068:
1058:
1056:
1054:
1053:
1048:
1043:
1038:
1033:
1028:
1023:
1018:
1013:
1011:Cyberterrorism
1008:
1003:
1002:
1001:
999:Computer fraud
996:
986:
981:
975:
973:
969:
968:
961:
960:
953:
946:
938:
930:
929:
901:
873:
849:
828:
804:
775:
746:
716:
692:
664:
645:Toshiba Polska
629:
622:
596:
589:
569:
555:
537:
519:
501:
492:|journal=
459:
433:
432:
430:
427:
426:
425:
420:
415:
408:
405:
303:
300:
269:Main article:
266:
263:
259:no-execute bit
222:
219:
218:
217:
208:
205:
202:
183:
180:
124:
123:
38:
36:
29:
15:
9:
6:
4:
3:
2:
1546:
1535:
1532:
1531:
1529:
1514:
1511:
1509:
1506:
1501:
1498:
1496:
1493:
1492:
1491:
1488:
1484:
1481:
1478:
1475:
1474:
1473:
1470:
1468:
1465:
1463:
1460:
1458:
1455:
1453:
1450:
1448:
1445:
1441:
1438:
1436:
1433:
1432:
1431:
1428:
1424:
1423:Authorization
1421:
1417:
1414:
1413:
1412:
1409:
1408:
1407:
1404:
1398:
1395:
1394:
1393:
1390:
1387:
1385:
1384:Secure coding
1382:
1381:
1380:
1377:
1376:
1374:
1370:
1364:
1361:
1359:
1356:
1354:
1353:SQL injection
1351:
1349:
1346:
1344:
1341:
1339:
1336:
1334:
1333:Vulnerability
1331:
1329:
1326:
1324:
1321:
1319:
1318:Trojan horses
1316:
1314:
1313:Software bugs
1311:
1309:
1306:
1304:
1301:
1299:
1296:
1294:
1291:
1289:
1286:
1284:
1281:
1279:
1276:
1274:
1271:
1269:
1266:
1262:
1259:
1258:
1257:
1254:
1252:
1249:
1247:
1244:
1242:
1239:
1237:
1234:
1232:
1229:
1227:
1224:
1222:
1219:
1217:
1214:
1212:
1209:
1207:
1204:
1202:
1201:Eavesdropping
1199:
1197:
1194:
1192:
1191:Data scraping
1189:
1187:
1184:
1182:
1179:
1177:
1174:
1172:
1169:
1167:
1164:
1162:
1161:Cryptojacking
1159:
1157:
1154:
1152:
1149:
1147:
1144:
1142:
1139:
1137:
1134:
1132:
1129:
1127:
1124:
1120:
1117:
1115:
1112:
1110:
1107:
1105:
1102:
1101:
1099:
1097:
1094:
1092:
1089:
1087:
1084:
1082:
1079:
1078:
1076:
1074:
1070:
1062:
1052:
1049:
1047:
1044:
1042:
1039:
1037:
1034:
1032:
1029:
1027:
1024:
1022:
1019:
1017:
1014:
1012:
1009:
1007:
1004:
1000:
997:
995:
992:
991:
990:
987:
985:
982:
980:
977:
976:
974:
970:
966:
959:
954:
952:
947:
945:
940:
939:
936:
917:
916:
911:
905:
889:
888:
883:
877:
863:
859:
853:
845:
838:
832:
818:
814:
808:
794:on 2021-08-15
793:
789:
785:
779:
764:
760:
756:
750:
735:
731:
729:
720:
706:
702:
696:
685:
681:
674:
668:
654:on 2018-10-31
650:
646:
639:
633:
625:
623:9781573565219
619:
615:
610:
609:
600:
592:
590:9781402074165
586:
582:
581:
573:
565:
559:
551:
547:
541:
533:
532:microsoft.com
529:
523:
515:
511:
505:
497:
484:
475:
470:
463:
449:
445:
438:
434:
424:
421:
419:
416:
414:
411:
410:
404:
402:
398:
397:
392:
388:
384:
380:
375:
373:
369:
367:
366:file archiver
364:
359:
357:
353:
348:
346:
345:
341:in a copy of
340:
339:
334:
333:
328:
325:, a group of
324:
320:
316:
312:
308:
299:
297:
293:
289:
284:
282:
278:
272:
262:
260:
256:
255:code and data
252:
248:
244:
240:
236:
232:
228:
214:
209:
206:
203:
200:
196:
192:
191:Memory safety
189:
188:
187:
179:
175:
173:
169:
165:
161:
160:
154:
150:
149:
148:vulnerability
143:
139:
135:
131:
120:
117:
109:
98:
95:
91:
88:
84:
81:
77:
74:
70:
67: –
66:
62:
61:Find sources:
55:
51:
45:
44:
39:This article
37:
33:
28:
27:
22:
1457:Data masking
1090:
1016:Cyberwarfare
922:December 11,
920:. Retrieved
915:The Guardian
913:
904:
894:December 11,
892:. Retrieved
887:Ars Technica
885:
876:
865:. Retrieved
862:nvd.nist.gov
861:
852:
844:Secarma Labs
843:
831:
820:. Retrieved
817:nvd.nist.gov
816:
807:
796:. Retrieved
792:the original
787:
778:
767:. Retrieved
758:
749:
737:. Retrieved
734:Ars Technica
733:
727:
719:
708:. Retrieved
704:
695:
684:the original
679:
667:
656:. Retrieved
649:the original
644:
632:
607:
599:
579:
572:
558:
549:
540:
531:
522:
513:
504:
483:cite journal
462:
451:. Retrieved
447:
437:
394:
376:
370:
360:
349:
342:
336:
330:
327:speedrunning
305:
285:
274:
243:input buffer
224:
185:
176:
171:
167:
163:
156:
145:
137:
133:
127:
112:
103:
93:
86:
79:
72:
60:
48:Please help
43:verification
40:
1397:Misuse case
1231:Infostealer
1206:Email fraud
1171:Data breach
1006:Cybergeddon
730:on the fly"
313:to cause a
307:Retrogaming
281:web browser
239:inject code
1462:Encryption
1338:Web shells
1278:Ransomware
1226:Hacktivism
989:Cybercrime
867:2018-10-31
822:2018-10-31
798:2018-10-31
769:2018-10-31
710:2021-12-05
658:2018-10-31
474:2105.02124
453:2021-09-22
429:References
385:framework
356:Windows 10
277:privileges
199:over-reads
106:March 2019
76:newspapers
1293:Shellcode
1288:Scareware
1136:Crimeware
1096:Backdoors
514:owasp.org
379:Log4Shell
1528:Category
1467:Firewall
1372:Defenses
1298:Spamming
1283:Rootkits
1256:Phishing
1216:Exploits
763:Archived
759:Symantec
550:lgtm.com
418:BlueKeep
407:See also
302:Examples
153:software
1308:Spyware
1251:Payload
1246:Malware
1186:Viruses
1166:Botnets
1073:Threats
846:. 2018.
739:27 July
383:logging
352:Mozilla
235:process
221:Methods
159:exploit
142:process
90:scholar
1502:(SIEM)
1479:(HIDS)
1363:Zombie
1100:Bombs
1081:Adware
620:
587:
391:iCloud
296:zombie
292:kernel
231:branch
92:
85:
78:
71:
63:
1348:Worms
1343:Wiper
1261:Voice
1109:Logic
840:(PDF)
687:(PDF)
676:(PDF)
652:(PDF)
641:(PDF)
469:arXiv
401:Steam
387:Log4j
363:7-Zip
338:Snake
321:. At
144:. An
97:JSTOR
83:books
1114:Time
1104:Fork
924:2021
896:2021
741:2016
618:ISBN
585:ISBN
496:help
399:and
335:and
332:Pong
210:GNU
69:news
1119:Zip
680:AMD
614:245
372:PHP
247:RAM
245:in
213:ldd
197:or
174:).
172:RCX
170:or
168:RCE
138:ACE
128:In
52:by
1530::
912:.
884:.
860:.
842:.
815:.
786:.
761:.
757:.
732:.
703:.
678:.
643:.
616:.
548:.
530:.
512:.
487::
485:}}
481:{{
446:.
393:,
368:.
358:.
261:.
132:,
957:e
950:t
943:v
926:.
898:.
870:.
825:.
801:.
772:.
743:.
713:.
661:.
626:.
593:.
566:.
516:.
498:)
494:(
477:.
471::
456:.
201:.
166:(
136:(
119:)
113:(
108:)
104:(
94:·
87:·
80:·
73:·
46:.
23:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.