Home > CAPEC List > CAPEC-333: WASC Threat Classification 2.0 (Version 2.5)  

CAPEC VIEW: WASC Threat Classification 2.0

 
WASC Threat Classification 2.0
Definition in a New Window Definition in a New Window
View ID: 333
Structure: Explicit Slice
Status: Draft
+ Objective

CAPEC nodes in this view (graph) are associated with the WASC Threat Classification 2.0.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
HasMemberCategoryCategory336WASC-03 - Integer Overflows
WASC Threat Classification 2.0333
HasMemberCategoryCategory338WASC-05 - Remote File Inclusion
WASC Threat Classification 2.0333
HasMemberCategoryCategory339WASC-06 - Format String
WASC Threat Classification 2.0333
HasMemberCategoryCategory340WASC-07 - Buffer Overflow
WASC Threat Classification 2.0333
HasMemberCategoryCategory341WASC-08 - Cross-Site Scripting
WASC Threat Classification 2.0333
HasMemberCategoryCategory342WASC-09 - Cross-Site Request Forgery
WASC Threat Classification 2.0333
HasMemberCategoryCategory343WASC-10 - Denial of Service
WASC Threat Classification 2.0333
HasMemberCategoryCategory344WASC-11 - Brute Force
WASC Threat Classification 2.0333
HasMemberCategoryCategory345WASC-12 - Content Spoofing
WASC Threat Classification 2.0333
HasMemberCategoryCategory351WASC-18 - Credential/Session Prediction
WASC Threat Classification 2.0333
HasMemberCategoryCategory352WASC-19 - SQL Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory356WASC-23 - XML Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory357WASC-24 - HTTP Request Splitting
WASC Threat Classification 2.0333
HasMemberCategoryCategory358WASC-25 - HTTP Response Splitting
WASC Threat Classification 2.0333
HasMemberCategoryCategory359WASC-26 - HTTP Request Smuggling
WASC Threat Classification 2.0333
HasMemberCategoryCategory360WASC-27 - HTTP Response Smuggling
WASC Threat Classification 2.0333
HasMemberCategoryCategory361WASC-28 - Null Byte Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory362WASC-29 - LDAP Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory363WASC-30 - Mail Command Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory364WASC-31 - OS Commanding
WASC Threat Classification 2.0333
HasMemberCategoryCategory365WASC-32 - Routing Detour
WASC Threat Classification 2.0333
HasMemberCategoryCategory366WASC-33 - Path Traversal
WASC Threat Classification 2.0333
HasMemberCategoryCategory367WASC-34 - Predictable Resource Location
WASC Threat Classification 2.0333
HasMemberCategoryCategory368WASC-35 - SOAP Array Abuse
WASC Threat Classification 2.0333
HasMemberCategoryCategory369WASC-36 - SSI Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory370WASC-37 - Session Fixation
WASC Threat Classification 2.0333
HasMemberCategoryCategory371WASC-38 - URL Redirector Abuse
WASC Threat Classification 2.0333
HasMemberCategoryCategory372WASC-39 - XPath Injection
WASC Threat Classification 2.0333
HasMemberCategoryCategory374WASC-41 - XML Attribute Blowup
WASC Threat Classification 2.0333
HasMemberCategoryCategory375WASC-42 - Abuse of Functionality
WASC Threat Classification 2.0333
HasMemberCategoryCategory376WASC-43 - XML External Entities
WASC Threat Classification 2.0333
HasMemberCategoryCategory377WASC-44 - XML Entity Expansion
WASC Threat Classification 2.0333
HasMemberCategoryCategory378WASC-45 - Fingerprinting
WASC Threat Classification 2.0333
HasMemberCategoryCategory379WASC-46 - XQuery Injection
WASC Threat Classification 2.0333
+ Content History
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2013-11-26Removed deprecated entries from RelationshipsInternal
CAPEC Content TeamThe MITRE Corporation2013-12-18Updated RelationshipsInternal
CAPECs in this viewTotal CAPECs
Total61out of536
Views0out of8
Categories38out of75
Attack Patterns30out of453

Page Last Updated: May 07, 2014