CAPEC - CAPEC-129: Pointer Attack (Release 1.4)

Home > CAPEC List > CAPEC-129: Pointer Attack (Release 1.4)

CAPEC List
Full CAPEC Dictionary
Methods of Attack View

About CAPEC
Documents
Resources

Community
Related Activities
Collaboration List

News & Events
Calendar
Free Newsletter

Contact Us
Search the Site

CAPEC-129: Pointer Attack

Pointer Attack

Attack Pattern ID: 129 (Standard Attack Pattern Completeness: Stub)

Typical Severity: Medium

Status: Draft

Description

Summary

This attack involves an attacker manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.

Attack Prerequisites

The target application must have a pointer variable that the attacker can influence to hold an arbitrary value.

Resources Required

No special resources are required for most forms of this attack.

Page Last Updated: September 23, 2009


	CAPEC is sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. Vision and Technical Leadership provided by Cigital, Inc. This Web site is hosted by The MITRE Corporation. Copyright 2009, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation. Contact capec@mitre.org for more information.	Privacy policy Terms of use Contact us