Home > CAPEC List > Reports > Differences between 2.4 and 2.5 Content  

Differences between 2.4 and 2.5 Content

Summary
Summary
Total (2.5) 536
Total (2.4) 534
Attack Patterns
New Patterns Added 2
Existing Patterns Modified with Enhanced Material 34
Patterns Deprecated 1
Categories
Existing Categories Modified with Enhanced Material 7
CAPEC -> CWE Mappings
CAPEC -> CWE Mappings Added 1

Summary of Entry Types

Type 2.4 2.5
Views 8 8
Categories 60 60
Attack Patterns 449 450
Deprecated 17 18

Attack Pattern Changes
Attack Pattern Changes
New Patterns Added
CAPEC-540 Overread Buffers
CAPEC-541 Application Fingerprinting

Existing Patterns Modified with Enhanced Material
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-62 Cross Site Request Forgery (aka Session Riding)
CAPEC-85 AJAX Fingerprinting
CAPEC-109 Object Relational Mapping Injection
CAPEC-123 Buffer Manipulation
CAPEC-139 Relative Path Traversal
CAPEC-148 Content Spoofing
CAPEC-151 Identity Spoofing
CAPEC-170 Web Application Fingerprinting
CAPEC-173 Action Spoofing
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-224 Fingerprinting
CAPEC-257 Abuse of Transaction Data Structure
CAPEC-289 DEPRECATED: Infrastructure-based footprinting
CAPEC-292 Host Discovery
CAPEC-300 Port Scanning
CAPEC-309 Network Topology Mapping
CAPEC-310 Scanning for Vulnerable Software
CAPEC-311 OS Fingerprinting
CAPEC-401 Hacking Hardware Devices or Components
CAPEC-438 Integrity Modification During Manufacture
CAPEC-439 Integrity Modification during Distribution
CAPEC-440 Integrity Modification During Deployed Use
CAPEC-441 Malicious Logic Inserted Into Product
CAPEC-472 Browser Fingerprinting
CAPEC-511 Infiltration of Software Development Environment
CAPEC-516 Hardware Component Substitution During Baselining
CAPEC-517 Documentation Alteration to Circumvent Dial-down
CAPEC-518 Documentation Alteration to Produce Under-performing Systems
CAPEC-519 Documentation Alteration to Cause Errors in System Design
CAPEC-520 Counterfeit Hardware Component Inserted During Product Assembly
CAPEC-521 Hardware Design Specifications Are Altered

Patterns Deprecated
CAPEC-289 DEPRECATED: Infrastructure-based footprinting
Category Changes
Category Changes
New Categories Added

Existing Categories Modified with Enhanced Material
CAPEC-118 Gather Information
CAPEC-156 Deceptive Interactions
CAPEC-437 Supply Chain
CAPEC-512 Communications
CAPEC-513 Software
CAPEC-515 Hardware
CAPEC-526 Alter System Components

Categories Deprecated
View Changes
View Changes
Views Added

Existing Views Modified with Enhanced Material

Views Deprecated
Mapping Changes
Mapping Changes
CAPEC --> CWE Mappings Added
CAPEC-540 Overread Buffers
  --> CWE-125 Out-of-bounds Read

CAPEC --> CWE Mappings Removed

CAPEC --> CAPEC Mappings Added

CAPEC --> CAPEC Mappings Removed
More information is available — Please select a different filter.
Page Last Updated or Reviewed: October 28, 2016