Home > CAPEC List > CAPEC-129: Pointer Manipulation (Version 3.2)  

CAPEC-129: Pointer Manipulation

Attack Pattern ID: 129
Abstraction: Meta
Status: Draft
Presentation Filter:
+ Description
This attack pattern involves an adversary manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.
+ Typical Severity

Medium

+ Relationships

The table below shows the views that this attack pattern belongs to and top level categories within that view.

+ Prerequisites
The target application must have a pointer variable that the attacker can influence to hold an arbitrary value.
+ Resources Required
None: No specialized resources are required to execute this type of attack.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, Related_Attack_Patterns
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Resources_Required
2019-04-04CAPEC Content TeamThe MITRE Corporation
Updated Related_Weaknesses
Previous Entry Names
Change DatePrevious Entry Name
2017-01-09Pointer Attack
More information is available — Please select a different filter.
Page Last Updated or Reviewed: September 30, 2019