Home > CAPEC List > CAPEC-154: Resource Location Spoofing (Version 2.9)  

CAPEC-154: Resource Location Spoofing

 
Resource Location Spoofing
Definition in a New Window Definition in a New Window
Attack Pattern ID: 154
Abstraction: Meta
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An adversary, in an attempt to leverage an alternate or malicious resource, causes an application to look for a resource in an unintended location. This differs from a resource manipulation attack in which the contents of the resource are affected or where the resources themselves are physically altered or moved. Instead, this attack simply concerns itself with the paths used to find or create resources.

+ Attack Prerequisites
  • None. All applications rely on file paths and so, in theory, they or their resources could be affected by this attack.

+ Typical Severity

Medium

+ Resources Required

No special resources are required for most variants of this attack.

+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2015-11-09Updated Description SummaryInternal

More information is available — Please select a different filter.
Page Last Updated or Reviewed: December 07, 2015