Home > CAPEC List > CAPEC-333: WASC Threat Classification 2.0 (Version 2.6)  

CAPEC VIEW: WASC Threat Classification 2.0

 
WASC Threat Classification 2.0
Definition in a New Window Definition in a New Window
View ID: 333
Structure: Explicit Slice
Status: Draft
+ Objective

CAPEC nodes in this view (graph) are associated with the WASC Threat Classification 2.0.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
HasMemberCategoryCategory336WASC-03 - Integer Overflows
WASC Threat Classification 2.0333
HasMemberCategoryCategory338WASC-05 - Remote File Inclusion
WASC Threat Classification 2.0333
HasMemberCategoryCategory339WASC-06 - Format String
WASC Threat Classification 2.0333
HasMemberCategoryCategory340WASC-07 - Buffer Overflow
WASC Threat Classification 2.0333
HasMemberCategoryCategory341WASC-08 - Cross-Site Scripting
WASC Threat Classification 2.0333
HasMemberCategoryCategory342WASC-09 - Cross-Site Request Forgery
WASC Threat Classification 2.0333
HasMemberCategoryCategory343WASC-10 - Denial of Service
WASC Threat Classification 2.0333
HasMemberCategoryCategory344WASC-11 - Brute Force
WASC Threat Classification 2.0333
HasMemberCategoryCategory345WASC-12 - Content Spoofing
WASC Threat Classification 2.0333
HasMemberCategoryCategory351WASC-18 - Credential/Session Prediction
WASC Threat Classification 2.0333
HasMemberCategoryCategory352WASC-19 - SQL Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory356WASC-23 - XML Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory357WASC-24 - HTTP Request Splitting
WASC Threat Classification 2.0333
HasMemberCategoryCategory358WASC-25 - HTTP Response Splitting
WASC Threat Classification 2.0333
HasMemberCategoryCategory359WASC-26 - HTTP Request Smuggling
WASC Threat Classification 2.0333
HasMemberCategoryCategory360WASC-27 - HTTP Response Smuggling
WASC Threat Classification 2.0333
HasMemberCategoryCategory361WASC-28 - Null Byte Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory362WASC-29 - LDAP Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory363WASC-30 - Mail Command Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory364WASC-31 - OS Commanding
WASC Threat Classification 2.0333
HasMemberCategoryCategory365WASC-32 - Routing Detour
WASC Threat Classification 2.0333
HasMemberCategoryCategory366WASC-33 - Path Traversal
WASC Threat Classification 2.0333
HasMemberCategoryCategory367WASC-34 - Predictable Resource Location
WASC Threat Classification 2.0333
HasMemberCategoryCategory368WASC-35 - SOAP Array Abuse
WASC Threat Classification 2.0333
HasMemberCategoryCategory369WASC-36 - SSI Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory370WASC-37 - Session Fixation
WASC Threat Classification 2.0333
HasMemberCategoryCategory371WASC-38 - URL Redirector Abuse
WASC Threat Classification 2.0333
HasMemberCategoryCategory372WASC-39 - XPath Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory374WASC-41 - XML Attribute Blowup
WASC Threat Classification 2.0333
HasMemberCategoryCategory375WASC-42 - Abuse of Functionality
WASC Threat Classification 2.0333
HasMemberCategoryCategory376WASC-43 - XML External Entities
WASC Threat Classification 2.0333
HasMemberCategoryCategory377WASC-44 - XML Entity Expansion
WASC Threat Classification 2.0333
HasMemberCategoryCategory378WASC-45 - Fingerprinting
WASC Threat Classification 2.0333
HasMemberCategoryCategory379WASC-46 - XQuery Injection
WASC Threat Classification 2.0333
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team
CAPECs in this viewTotal CAPECs
Total62out of544
Views0out of8
Categories36out of73
Attack Patterns33out of463

Page Last Updated: July 23, 2014