CAPEC - CAPEC-483: Deprecated Entries (Version 3.9)


Common Attack Pattern Enumeration and Classification A Community Resource for Identifying and Understanding Attacks

Home > CAPEC List > CAPEC-483: Deprecated Entries (Version 3.9)

CAPEC VIEW: Deprecated Entries

View ID: 483

Structure: Implicit

Downloads: Booklet | CSV | XML

Objective

CAPEC nodes in this view (slice) have been deprecated.

Filter

/Attack_Pattern_Catalog/*/*[@Status='Deprecated']

Membership

Nature	Type	ID	Name
HasMember	Deprecated	56	DEPRECATED: Removing/short-circuiting 'guard logic'
HasMember	Deprecated	82	DEPRECATED: Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Service (XDoS))
HasMember	Deprecated	91	DEPRECATED: XSS in IMG Tags
HasMember	Deprecated	99	DEPRECATED: XML Parser Attack
HasMember	Deprecated	106	DEPRECATED: XSS through Log Files
HasMember	Deprecated	119	DEPRECATED: Deplete Resources
HasMember	Deprecated	171	DEPRECATED: Variable Manipulation
HasMember	Deprecated	205	DEPRECATED: Lifting credential(s)/key material embedded in client distributions (thick or thin)
HasMember	Deprecated	211	DEPRECATED: Leveraging web tools (e.g. Mozilla's GreaseMonkey, Firebug) to change application behavior
HasMember	Deprecated	213	DEPRECATED: Directory Traversal
HasMember	Deprecated	214	DEPRECATED: Fuzzing for garnering J2EE/.NET-based stack traces, for application mapping
HasMember	Deprecated	232	DEPRECATED: Exploitation of Authorization
HasMember	Deprecated	235	DEPRECATED: Implementing a callback to system routine (old AWT Queue)
HasMember	Deprecated	236	DEPRECATED: Catching exception throw/signal from privileged block
HasMember	Deprecated	238	DEPRECATED: Using URL/codebase / G.A.C. (code source) to convince sandbox of privilege
HasMember	Deprecated	239	DEPRECATED: Subversion of Authorization Checks: Cache Filtering, Programmatic Security, etc.
HasMember	Deprecated	241	DEPRECATED: Code Injection
HasMember	Deprecated	246	DEPRECATED: XSS Using Flash
HasMember	Deprecated	249	DEPRECATED: Linux Terminal Injection
HasMember	Deprecated	254	DEPRECATED: DTD Injection in a SOAP Message
HasMember	Deprecated	257	DEPRECATED: Abuse of Transaction Data Structure
HasMember	Deprecated	258	DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Dynamic Update
HasMember	Deprecated	259	DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Patching
HasMember	Deprecated	260	DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Initial Distribution
HasMember	Deprecated	264	DEPRECATED: Environment Variable Manipulation
HasMember	Deprecated	265	DEPRECATED: Global variable manipulation
HasMember	Deprecated	266	DEPRECATED: Manipulate Canonicalization
HasMember	Deprecated	269	DEPRECATED: Registry Manipulation
HasMember	Deprecated	280	DEPRECATED: SOAP Parameter Tampering
HasMember	Deprecated	281	DEPRECATED: Analyze Target
HasMember	Deprecated	286	DEPRECATED: Reconnaissance
HasMember	Deprecated	288	DEPRECATED: ICMP Echo Request Ping
HasMember	Deprecated	289	DEPRECATED: Infrastructure-based footprinting
HasMember	Deprecated	311	DEPRECATED: OS Fingerprinting
HasMember	Deprecated	314	DEPRECATED: IP Fingerprinting Probes
HasMember	Deprecated	315	DEPRECATED: TCP/IP Fingerprinting Probes
HasMember	Deprecated	316	DEPRECATED: ICMP Fingerprinting Probes
HasMember	Deprecated	334	DEPRECATED: WASC Threat Classification 2.0 - WASC-01 - Insufficient Authentication
HasMember	Deprecated	335	DEPRECATED: WASC Threat Classification 2.0 - WASC-02 - Insufficient Authorization
HasMember	Deprecated	336	DEPRECATED: WASC-03 - Integer Overflows
HasMember	Deprecated	337	DEPRECATED: WASC Threat Classification 2.0 - WASC-04 - Insufficient Transport Layer Protection
HasMember	Deprecated	338	DEPRECATED: WASC-05 - Remote File Inclusion
HasMember	Deprecated	339	DEPRECATED: WASC-06 - Format String
HasMember	Deprecated	340	DEPRECATED: WASC-07 - Buffer Overflow
HasMember	Deprecated	341	DEPRECATED: WASC-08 - Cross-Site Scripting
HasMember	Deprecated	342	DEPRECATED: WASC-09 - Cross-Site Request Forgery
HasMember	Deprecated	343	DEPRECATED: WASC-10 - Denial of Service
HasMember	Deprecated	344	DEPRECATED: WASC-11 - Brute Force
HasMember	Deprecated	345	DEPRECATED: WASC-12 - Content Spoofing
HasMember	Deprecated	346	DEPRECATED: WASC Threat Classification 2.0 - WASC-13 - Information Leakage
HasMember	Deprecated	347	DEPRECATED: WASC Threat Classification 2.0 - WASC-14 - Server Misconfiguration
HasMember	Deprecated	348	DEPRECATED: WASC Threat Classification 2.0 - WASC-15 - Application Misconfiguration
HasMember	Deprecated	349	DEPRECATED: WASC Threat Classification 2.0 - WASC-16 - Directory Indexing
HasMember	Deprecated	350	DEPRECATED: WASC Threat Classification 2.0 - WASC-17 - Improper Filesystem Permissions
HasMember	Deprecated	351	DEPRECATED: WASC-18 - Credential/Session Prediction
HasMember	Deprecated	352	DEPRECATED: WASC-19 - SQL Injection
HasMember	Deprecated	353	DEPRECATED: WASC Threat Classification 2.0 - WASC-20 - Improper Input Handling
HasMember	Deprecated	354	DEPRECATED: WASC Threat Classification 2.0 - WASC-21 - Insufficient Anti-automation
HasMember	Deprecated	355	DEPRECATED: WASC Threat Classification 2.0 - WASC-22 - Improper Output Handling
HasMember	Deprecated	356	DEPRECATED: WASC-23 - XML Injection
HasMember	Deprecated	357	DEPRECATED: WASC-24 - HTTP Request Splitting
HasMember	Deprecated	358	DEPRECATED: WASC-25 - HTTP Response Splitting
HasMember	Deprecated	359	DEPRECATED: WASC-26 - HTTP Request Smuggling
HasMember	Deprecated	360	DEPRECATED: WASC-27 - HTTP Response Smuggling
HasMember	Deprecated	361	DEPRECATED: WASC-28 - Null Byte Injection
HasMember	Deprecated	362	DEPRECATED: WASC-29 - LDAP Injection
HasMember	Deprecated	363	DEPRECATED: WASC-30 - Mail Command Injection
HasMember	Deprecated	364	DEPRECATED: WASC-31 - OS Commanding
HasMember	Deprecated	365	DEPRECATED: WASC-32 - Routing Detour
HasMember	Deprecated	366	DEPRECATED: WASC-33 - Path Traversal
HasMember	Deprecated	367	DEPRECATED: WASC-34 - Predictable Resource Location
HasMember	Deprecated	368	DEPRECATED: WASC-35 - SOAP Array Abuse
HasMember	Deprecated	369	DEPRECATED: WASC-36 - SSI Injection
HasMember	Deprecated	370	DEPRECATED: WASC-37 - Session Fixation
HasMember	Deprecated	371	DEPRECATED: WASC-38 - URL Redirector Abuse
HasMember	Deprecated	372	DEPRECATED: WASC-39 - XPath Injection
HasMember	Deprecated	373	DEPRECATED: WASC Threat Classification 2.0 - WASC-40 - Insufficient Process Validation
HasMember	Deprecated	374	DEPRECATED: WASC-41 - XML Attribute Blowup
HasMember	Deprecated	375	DEPRECATED: WASC-42 - Abuse of Functionality
HasMember	Deprecated	376	DEPRECATED: WASC-43 - XML External Entities
HasMember	Deprecated	377	DEPRECATED: WASC-44 - XML Entity Expansion
HasMember	Deprecated	378	DEPRECATED: WASC-45 - Fingerprinting
HasMember	Deprecated	379	DEPRECATED: WASC-46 - XQuery Injection
HasMember	Deprecated	380	DEPRECATED: WASC Threat Classification 2.0 - WASC-47 - Insufficient Session Expiration
HasMember	Deprecated	381	DEPRECATED: WASC Threat Classification 2.0 - WASC-48 - Insecure Indexing
HasMember	Deprecated	382	DEPRECATED: WASC Threat Classification 2.0 - WASC-49 - Insufficient Password Recovery
HasMember	Deprecated	396	DEPRECATED: Bypassing Card or Badge-Based Systems
HasMember	Deprecated	404	DEPRECATED: Social Information Gathering Attacks
HasMember	Deprecated	405	DEPRECATED: Social Information Gathering via Research
HasMember	Deprecated	408	DEPRECATED: Information Gathering from Traditional Sources
HasMember	Deprecated	409	DEPRECATED: Information Gathering from Non-Traditional Sources
HasMember	Deprecated	411	DEPRECATED: Pretexting
HasMember	Deprecated	419	DEPRECATED: Target Influence via Perception of Concession
HasMember	Deprecated	430	DEPRECATED: Target Influence via Micro-Expressions
HasMember	Deprecated	431	DEPRECATED: Target Influence via Neuro-Linguistic Programming (NLP)
HasMember	Deprecated	432	DEPRECATED: Target Influence via Voice in NLP
HasMember	Deprecated	436	DEPRECATED: Gain Physical Access
HasMember	Deprecated	449	DEPRECATED: Malware Propagation via USB Stick
HasMember	Deprecated	450	DEPRECATED: Malware Propagation via USB U3 Autorun
HasMember	Deprecated	451	DEPRECATED: Malware Propagation via Infected Peripheral Device
HasMember	Deprecated	453	DEPRECATED: Malicious Logic Insertion via Counterfeit Hardware
HasMember	Deprecated	454	DEPRECATED: Modification of Existing Components with Counterfeit Hardware
HasMember	Deprecated	455	DEPRECATED: Malicious Logic Insertion via Inclusion of Counterfeit Hardware Components
HasMember	Deprecated	484	DEPRECATED: XML Client-Side Attack
HasMember	Deprecated	525	DEPRECATED: Execute Code
HasMember	Deprecated	526	DEPRECATED: Alter System Components
HasMember	Deprecated	527	DEPRECATED: Manipulate System Users
HasMember	Deprecated	557	DEPRECATED: Schedule Software To Run
HasMember	Deprecated	566	DEPRECATED: Dump Password Hashes
HasMember	Deprecated	567	DEPRECATED: Obtain Data via Utilities
HasMember	Deprecated	570	DEPRECATED: Signature-Based Avoidance
HasMember	Deprecated	602	DEPRECATED: Degradation
HasMember	Deprecated	629	DEPRECATED: Unauthorized Use of Device Resources

View Metrics

	CAPECs in this view
Attack Patterns	56
Categories	57
Views	0
Total	113

Content History

Submissions
Submission Date	Submitter	Organization
2014-06-23 (Version 2.6)	CAPEC Content Team	The MITRE Corporation
2014-06-23 (Version 2.6)

More information is available — Please select a different filter.

Page Last Updated or Reviewed: July 31, 2018


	Site Map \| Terms of Use \| Manage Cookies \| Cookie Notice \| Privacy Policy \| Contact Us \| Use of the Common Attack Pattern Enumeration and Classification (CAPEC), and the associated references from this website are subject to the Terms of Use. Copyright © 2007–2024, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.

Common Attack Pattern Enumeration and Classification

CAPEC VIEW: Deprecated Entries