Home > CAPEC List > CAPEC-152: Inject Unexpected Items (Version 2.11)  

CAPEC CATEGORY: Inject Unexpected Items

 
Inject Unexpected Items
Definition in a New Window Definition in a New Window
Category ID: 152
 
Status: Stable
+ Description

Summary

Attack patterns within this category focus on the ability to control or disrupt the behavior of an target either through crafted data submitted via an interface for data input, or the installation and execution of malicious code on the target system. The former happens when an adversary adds material to their input that is interpreted by the application causing the targeted application to perform steps unintended by the application manager or causing the application to enter an unstable state. Attacks of this type differ from Data Structure Attacks in that the latter attacks subvert the underlying structures that hold user-provided data, either pre-empting interpretation of the input (in the case of Buffer Overflows) or resulting in values that the targeted application is unable to handle correctly (in the case of Integer Overflows). In Injection attacks, the input is interpreted by the application, but the attacker has included instructions to the interpreting functions that the target application then follows.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
HasMemberMeta Attack PatternMeta Attack Pattern137Parameter Injection
Mechanisms of Attack (primary)1000
HasMemberMeta Attack PatternMeta Attack Pattern175Code Inclusion
Mechanisms of Attack (primary)1000
HasMemberMeta Attack PatternMeta Attack Pattern240Resource Injection
Mechanisms of Attack (primary)1000
HasMemberMeta Attack PatternMeta Attack Pattern242Code Injection
Mechanisms of Attack (primary)1000
HasMemberMeta Attack PatternMeta Attack Pattern248Command Injection
Mechanisms of Attack (primary)1000
HasMemberMeta Attack PatternMeta Attack Pattern549Local Execution of Code
Mechanisms of Attack (primary)1000
HasMemberMeta Attack PatternMeta Attack Pattern586Object Injection
Mechanisms of Attack (primary)1000
HasMemberMeta Attack PatternMeta Attack Pattern594Traffic Injection
Mechanisms of Attack (primary)1000
HasMemberMeta Attack PatternMeta Attack Pattern624Fault Injection
Mechanisms of Attack (primary)1000
MemberOfViewView1000Mechanisms of Attack
Mechanisms of Attack1000
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2015-11-09Updated RelationshipsInternal
CAPEC Content TeamThe MITRE Corporation2017-01-09Updated Description, RelationshipsInternal
CAPEC Content TeamThe MITRE Corporation2017-05-01Updated RelationshipsInternal
Previous Entry Names
DatePrevious Entry Name
2017-01-09Injection

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2017