Home > CAPEC List > CAPEC-231: XML Oversized Payloads (Version 2.11)  

CAPEC-231: XML Oversized Payloads

XML Oversized Payloads
Definition in a New Window Definition in a New Window
Attack Pattern ID: 231
Abstraction: Standard
Status: Draft
Completeness: Complete
Presentation Filter:
+ Summary

Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. By supplying oversized payloads in input vectors that will be processed by the XML parser, an attacker can cause the XML parser to consume more resources while processing, causing excessive memory consumption and CPU utilization, and potentially cause execution of arbitrary code. An attacker's goal is to leverage parser failure to his or her advantage. In many cases this type of an attack will result in a denial of service due to an application becoming unstable, freezing, or crash. However it is possible to cause a crash resulting in arbitrary code execution, leading to a jump from the data plane to the control plane [R.231.1].

+ Attack Steps
  1. An attacker determines the input data stream that is being processed by an XML parser on the victim's side.

  1. An attacker crafts input data that may have an adverse effect on the operation of the XML parser when the data is parsed on the victim's system.

+ Attack Prerequisites
  • An application uses an XML parser to perform transformation on user-controllable data.

  • An application does not perform sufficient validation to ensure that user-controllable data is safe for an XML parser.

+ Typical Severity


+ Typical Likelihood of Exploit

Likelihood: Medium

+ Methods of Attack
  • Injection
  • API Abuse
+ Attacker Skills or Knowledge Required

Skill or Knowledge Level: Low

Denial of service

Skill or Knowledge Level: High

Arbitrary code execution

+ Indicators-Warnings of Attack

Bad data is passed to the XML parser (possibly repeatedly), possibly making it crash or execute arbitrary code.

+ Solutions and Mitigations

Carefully validate and sanitize all user-controllable data prior to passing it to the XML parser routine. Ensure that the resultant data is safe to pass to the XML parser.

Perform validation on canonical data.

Pick a robust implementation of an XML parser.

Validate XML against a valid schema or DTD prior to parsing.

+ Attack Motivation-Consequences
ScopeTechnical ImpactNote
DoS: resource consumption (memory)
Read memory
Execute unauthorized code or commands
Gain privileges / assume identity
+ Injection Vector

Application XML-compliant interface

+ Payload

User-controllable XML code

+ Activation Zone

The XML parser code.

+ Purposes
  • Penetration
  • Exploitation
+ CIA Impact
Confidentiality Impact: MediumIntegrity Impact: HighAvailability Impact: High
+ Technical Context
Architectural Paradigms
+ References
[R.231.1] [REF-43] Shlomo, Yona. "XML Parser Attacks: A summary of ways to attack an XML Parser". What is an XML Parser Attack?. 2007. <http://yeda.cs.technion.ac.il/~yona/talks/xml_parser_attacks/slides/slide2.html>.
+ Content History
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team

More information is available — Please select a different filter.
Page Last Updated or Reviewed: August 04, 2017