CAPEC - CAPEC-374: WASC-41 - XML Attribute Blowup (Version 3.0)

Home > CAPEC List > CAPEC-374: WASC-41 - XML Attribute Blowup (Version 3.0)

CAPEC-374: WASC-41 - XML Attribute Blowup

Category ID: 374

Status: Draft

Summary

This category is related to the WASC Threat Classification 2.0 item XML Attribute Blowup

Membership

Nature	Type	ID	Name
MemberOf	View - A view in CAPEC represents a perspective with which one might look at the collection of attack patterns defined within CAPEC. There are three different types of views: graphs, explicit slices, and implicit slices.	333	WASC Threat Classification 2.0
HasMember	Detailed Attack Pattern - A detailed level attack pattern in CAPEC provides a low level of detail, typically leveraging a specific technique and targeting a specific technology, and expresses a complete execution flow. Detailed attack patterns are more specific than meta attack patterns and standard attack patterns and often require a specific protection mechanism to mitigate actual attacks. A detailed level attack pattern often will leverage a number of different standard level attack patterns chained together to accomplish a goal.	229	XML Attribute Blowup

References

[REF-317] "WASC Threat Classification 2.0". WASC-41 - XML Attribute Blowup. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/XML-Attribute-Blowup>.

Content History

More information is available — Please select a different filter.

Page Last Updated or Reviewed: July 31, 2018


	Use of the Common Attack Pattern Enumeration and Classification dictionary and classification taxonomy, and the associated references from this website, are subject to the Terms of Use. For more information, please email capec@mitre.org. CAPEC is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 2007 - 2018, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.	Privacy policy Terms of use Site Map Contact us