New to CAPEC? Start Here
Home > CAPEC List > Reports > Differences between 1.6 and 1.7 Content  

Differences between 1.6 and 1.7 Content

Summary
Summary
Total (1.7)474
Total (1.6)460
Attack Patterns
New Patterns Added14
Existing Patterns Modified with Enhanced Material77
CAPEC -> CWE Mappings
CAPEC -> CWE Mappings Added123
CAPEC -> CWE Mappings Removed21

Summary of Entry Types

Type1.61.7
Views66
Categories6868
Attack Patterns386400
Deprecated22

Back to top
Attack Pattern Changes
Attack Pattern Changes
New Patterns Added
CAPEC-459Creating a Rogue Certificate Authority Certificate
CAPEC-460HTTP Parameter Pollution (HPP)
CAPEC-461Web Services API Signature Forgery Leveraging Hash Function Extension Weakness
CAPEC-462Cross-Domain Search Timing
CAPEC-463Padding Oracle Crypto Attack
CAPEC-464Evercookie
CAPEC-465Socket Capable Browser Plugins Result In Transparent Proxy Abuse
CAPEC-466Leveraging Active Man in the Middle Attacks to Bypass Single Origin Policy
CAPEC-467Cross Site Identification
CAPEC-468Generic Cross-Browser Cross-Domain Theft
CAPEC-469HTTP DoS
CAPEC-470Expanding Control over the Operating System from the Database
CAPEC-471DLL Search Order Hijacking
CAPEC-472Browser Fingerprinting

Existing Patterns Modified with Enhanced Material
CAPEC-127Directory Indexing
CAPEC-132Symlink Attack
CAPEC-135Format String Injection
CAPEC-136LDAP Injection
CAPEC-139Relative Path Traversal
CAPEC-141Cache Poisoning
CAPEC-142DNS Cache Poisoning
CAPEC-147XML Ping of the Death
CAPEC-159Redirect Access to Libraries
CAPEC-163Spear Phishing
CAPEC-169Footprinting
CAPEC-170Web Server/Application Fingerprinting
CAPEC-174Flash Parameter Injection
CAPEC-178Cross-Site Flashing
CAPEC-180Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-182Flash Injection
CAPEC-193PHP Remote File Inclusion
CAPEC-196Session Credential Falsification through Forging
CAPEC-197XEE (XML Entity Expansion)
CAPEC-199Cross-Site Scripting Using Alternate Syntax
CAPEC-205Lifting credential(s)/key material embedded in client distributions (thick or thin)
CAPEC-207Removing Important Functionality from the Client
CAPEC-215Fuzzing and observing application log data/errors for application mapping
CAPEC-219XML Routing Detour Attacks
CAPEC-222iFrame Overlay
CAPEC-237Calling Signed Code From Another Language Within A Sandbox Allow This
CAPEC-244Cross-Site Scripting via Encoded URI Schemes
CAPEC-259Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Patching
CAPEC-267Leverage Alternate Encoding
CAPEC-275DNS Rebinding
CAPEC-286Network Reconnaissance
CAPEC-287TCP SYN Scan
CAPEC-288ICMP Echo Request Ping
CAPEC-289Infrastructure-based footprinting
CAPEC-290Enumerate Mail Exchange (MX) Records
CAPEC-291DNS Zone Transfers
CAPEC-292Host Discovery
CAPEC-293Traceroute Route Enumeration
CAPEC-294ICMP Address Mask Request
CAPEC-295ICMP Timestamp Request
CAPEC-296ICMP Information Request
CAPEC-297TCP ACK Ping
CAPEC-298UDP Ping
CAPEC-299TCP SYN Ping
CAPEC-300Port Scanning
CAPEC-301TCP Connect Scan
CAPEC-302TCP FIN scan
CAPEC-303TCP Xmas Scan
CAPEC-304TCP Null Scan
CAPEC-305TCP ACK Scan
CAPEC-306TCP Window Scan
CAPEC-307TCP RPC Scan
CAPEC-308UDP Scan
CAPEC-309Scanning for Devices, Systems, or Routes
CAPEC-310Scanning for Vulnerable Software
CAPEC-311Fingerprinting Remote Operating Systems
CAPEC-312Active OS Fingerprinting
CAPEC-313Passive OS Fingerprinting
CAPEC-314IP Fingerprinting Probes
CAPEC-315TCP/IP Fingerprinting Probes
CAPEC-316ICMP Fingerprinting Probes
CAPEC-317IP ID Sequencing Probe
CAPEC-318IP 'ID' Echoed Byte-Order Probe
CAPEC-319IP (DF) 'Don't Fragment Bit' Echoing Probe
CAPEC-320TCP Timestamp Probe
CAPEC-321TCP Sequence Number Probe
CAPEC-322TCP (ISN) Greatest Common Divisor Probe
CAPEC-323TCP (ISN) Counter Rate Probe
CAPEC-324TCP (ISN) Sequence Predictability Probe
CAPEC-325TCP Congestion Control Flag (ECN) Probe
CAPEC-326TCP Initial Window Size Probe
CAPEC-327TCP Options Probe
CAPEC-328TCP 'RST' Flag Checksum Probe
CAPEC-329ICMP Error Message Quoting Probe
CAPEC-330ICMP Error Message Echoing Integrity Probe
CAPEC-331ICMP IP Total Length Field Probe
CAPEC-332ICMP IP 'ID' Field Error Message Probe

Patterns Deprecated
Back to top
Category Changes
Category Changes
New Categories Added

Existing Categories Modified with Enhanced Material

Categories Deprecated
Back to top
View Changes
View Changes
Views Added

Existing Views Modified with Enhanced Material

Views Deprecated
Back to top
Mapping Changes
Mapping Changes
CAPEC --> CWE Mappings Added
CAPEC-127 Directory Indexing
  -->CWE-276
  -->CWE-285
  -->CWE-288
  -->CWE-424
  -->CWE-425
  -->CWE-693
  -->CWE-721
  -->CWE-732
CAPEC-132 Symlink Attack
  -->CWE-59
CAPEC-135 Format String Injection
  -->CWE-20
  -->CWE-74
  -->CWE-133
  -->CWE-134
CAPEC-136 LDAP Injection
  -->CWE-20
  -->CWE-77
  -->CWE-90
CAPEC-139 Relative Path Traversal
  -->CWE-20
  -->CWE-22
CAPEC-141 Cache Poisoning
  -->CWE-345
  -->CWE-346
  -->CWE-348
  -->CWE-349
  -->CWE-441
CAPEC-142 DNS Cache Poisoning
  -->CWE-345
  -->CWE-346
  -->CWE-348
  -->CWE-349
  -->CWE-350
  -->CWE-441
CAPEC-147 XML Ping of the Death
  -->CWE-400
  -->CWE-770
CAPEC-159 Redirect Access to Libraries
  -->CWE-714
CAPEC-169 Footprinting
  -->CWE-200
  -->CWE-202
  -->CWE-276
  -->CWE-311
  -->CWE-312
  -->CWE-319
  -->CWE-497
  -->CWE-538
CAPEC-174 Flash Parameter Injection
  -->CWE-184Incomplete Blacklist
  -->CWE-185Incorrect Regular Expression
  -->CWE-697Insufficient Comparison
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
  -->CWE-732
CAPEC-182 Flash Injection
  -->CWE-20Improper Input Validation
  -->CWE-184Incomplete Blacklist
  -->CWE-697Insufficient Comparison
CAPEC-193 PHP Remote File Inclusion
  -->CWE-80
  -->CWE-98
  -->CWE-714
CAPEC-196 Session Credential Falsification through Forging
  -->CWE-361
  -->CWE-384
  -->CWE-664
CAPEC-197 XEE (XML Entity Expansion)
  -->CWE-400
  -->CWE-770
CAPEC-199 Cross-Site Scripting Using Alternate Syntax
  -->CWE-20
  -->CWE-71
  -->CWE-79
  -->CWE-85
  -->CWE-86
  -->CWE-87
  -->CWE-692
  -->CWE-697
  -->CWE-713
CAPEC-205 Lifting credential(s)/key material embedded in client distributions (thick or thin)
  -->CWE-259
  -->CWE-522
CAPEC-215 Fuzzing and observing application log data/errors for application mapping
  -->CWE-532Information Exposure Through Log Files
CAPEC-219 XML Routing Detour Attacks
  -->CWE-441
  -->CWE-610
CAPEC-237 Calling Signed Code From Another Language Within A Sandbox Allow This
  -->CWE-693Protection Mechanism Failure
CAPEC-244 Cross-Site Scripting via Encoded URI Schemes
  -->CWE-20
  -->CWE-71
  -->CWE-79
  -->CWE-84
  -->CWE-85
  -->CWE-86
  -->CWE-692
  -->CWE-697
  -->CWE-713
CAPEC-267 Leverage Alternate Encoding
  -->CWE-20
  -->CWE-21
  -->CWE-73
  -->CWE-74
  -->CWE-171
  -->CWE-172
  -->CWE-173
  -->CWE-180
  -->CWE-181
  -->CWE-692
  -->CWE-697
CAPEC-275 DNS Rebinding
  -->CWE-247
CAPEC-459 Creating a Rogue Certificate Authority Certificate
  -->CWE-290Authentication Bypass by Spoofing
  -->CWE-295Certificate Issues
  -->CWE-327Use of a Broken or Risky Cryptographic Algorithm
CAPEC-460 HTTP Parameter Pollution (HPP)
  -->CWE-88Argument Injection or Modification
  -->CWE-147Improper Neutralization of Input Terminators
  -->CWE-235Improper Handling of Extra Parameters
CAPEC-461 Web Services API Signature Forgery Leveraging Hash Function Extension Weakness
  -->CWE-290Authentication Bypass by Spoofing
  -->CWE-328Reversible One-Way Hash
CAPEC-462 Cross-Domain Search Timing
  -->CWE-352
  -->CWE-385
CAPEC-463 Padding Oracle Crypto Attack
  -->CWE-209Information Exposure Through an Error Message
  -->CWE-347Improper Verification of Cryptographic Signature
  -->CWE-354Improper Validation of Integrity Check Value
  -->CWE-514Covert Channel
  -->CWE-649Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking
  -->CWE-696Incorrect Behavior Order
CAPEC-464 Evercookie
  -->CWE-359Privacy Violation
CAPEC-465 Socket Capable Browser Plugins Result In Transparent Proxy Abuse
  -->CWE-441Unintended Proxy/Intermediary
CAPEC-466 Leveraging Active Man in the Middle Attacks to Bypass Single Origin Policy
  -->CWE-300Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-467 Cross Site Identification
  -->CWE-352Cross-Site Request Forgery (CSRF)
  -->CWE-359Privacy Violation
CAPEC-468 Generic Cross-Browser Cross-Domain Theft
  -->CWE-149Improper Neutralization of Quoting Syntax
  -->CWE-177Improper Handling of URL Encoding (Hex Encoding)
  -->CWE-707Improper Enforcement of Message or Data Structure
  -->CWE-838Inappropriate Encoding for Output Context
CAPEC-469 HTTP DoS
  -->CWE-770Allocation of Resources Without Limits or Throttling
  -->CWE-772Missing Release of Resource after Effective Lifetime
CAPEC-470 Expanding Control over the Operating System from the Database
  -->CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
  -->CWE-250Execution with Unnecessary Privileges
CAPEC-471 DLL Search Order Hijacking
  -->CWE-427Uncontrolled Search Path Element
  -->CWE-706Use of Incorrectly-Resolved Name or Reference
CAPEC-472 Browser Fingerprinting
  -->CWE-200

CAPEC --> CWE Mappings Removed
CAPEC-132 Symlink Attacks
  -->CWE-59Improper Link Resolution Before File Access ('Link Following')
CAPEC-139 Relative Path Traversal
  -->CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC-147 XML Ping of Death
  -->CWE-400Uncontrolled Resource Consumption ('Resource Exhaustion')
  -->CWE-770Allocation of Resources Without Limits or Throttling
CAPEC-163 Spear Phishing
  -->CWE-184Incomplete Blacklist
  -->CWE-247Reliance on DNS Lookups in a Security Decision
  -->CWE-357Insufficient UI Warning of Dangerous Operations
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
  -->CWE-732Incorrect Permission Assignment for Critical Resource
CAPEC-193 PHP Remote File Inclusion
  -->CWE-98Improper Control of Filename for Include/Require Statement in PHP Program ('PHP File Inclusion')
CAPEC-196 Session Credential Falsification through Forging
  -->CWE-384Session Fixation
CAPEC-197 XEE (XML Entity Expansion)
  -->CWE-770Allocation of Resources Without Limits or Throttling
CAPEC-199 Cross-Site Scripting Using Alternate Syntax
  -->CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  -->CWE-87Improper Neutralization of Alternate XSS Syntax
CAPEC-205 Lifting credential(s)/key material embedded in client distributions (thick or thin)
  -->CWE-259Use of Hard-coded Password
  -->CWE-311Missing Encryption of Sensitive Data
  -->CWE-798Use of Hard-coded Credentials
CAPEC-219 XML Routing Detour Attacks
  -->CWE-441Unintended Proxy/Intermediary
  -->CWE-610Externally Controlled Reference to a Resource in Another Sphere
CAPEC-244 Cross-Site Scripting via Encoded URI Schemes
  -->CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  -->CWE-84Improper Neutralization of Encoded URI Schemes in a Web Page
CAPEC-275 DNS Rebinding
  -->CWE-247Reliance on DNS Lookups in a Security Decision

CAPEC --> CAPEC Mappings Added

CAPEC --> CAPEC Mappings Removed
Back to top
More information is available — Please select a different filter.
Page Last Updated or Reviewed: October 28, 2016
 

Use of the Common Attack Pattern Enumeration and Classification (CAPEC), and the associated references from this website are subject to the Terms of Use. Copyright © 2007–2025, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.