CAPEC - CAPEC-129: Pointer Attack (Release 1.7.1)

Home > CAPEC List > CAPEC-129: Pointer Attack (Release 1.7.1)

CAPEC List
Full CAPEC Dictionary
Methods of Attack View
Reports

About CAPEC
Documents
Resources

Community
Related Activities
Collaboration List
T-Shirt

News & Events
Calendar
Free Newsletter

Compatibility
Program
Requirements
Make a Declaration
Contact Us
Search the Site

CAPEC-129: Pointer Attack

Pointer Attack

Attack Pattern ID: 129 (Standard Attack Pattern Completeness: Stub)

Typical Severity: Medium

Status: Draft

Description

Summary

This attack involves an attacker manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.

Attack Prerequisites

The target application must have a pointer variable that the attacker can influence to hold an arbitrary value.

Resources Required

No special resources are required for most forms of this attack.

Page Last Updated: May 04, 2012


	CAPEC is co-sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. This Web site is sponsored and managed by The MITRE Corporation to enable stakeholder collaboration. Copyright © 2009 - 2012, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation. Contact capec@mitre.org for more information.	Privacy policy Terms of use Contact us