CAPEC-153
Alerta para un CAPEC
Manténgase informado sobre cualquier cambio en un CAPEC específico.
Descripciones CAPEC
An attacker exploits a weakness in input validation by controlling the format, structure, and composition of data to an input-processing interface. By supplying input of a non-standard or unexpected form an attacker can adversely impact the security of the target.
Informaciones CAPEC
Prerrequisitos
The target must accept user data for processing and the manner in which this data is processed must depend on some aspect of the format or flags that the attacker can control.Recursos requeridos
None: No specialized resources are required to execute this type of attack.Debilidades relacionadas
| Nombre de la debilidad | |
|---|---|
CWE-20 |
Improper Input Validation The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Envío
| Nombre | Organización | Fecha | Fecha de lanzamiento |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modificaciones
| Nombre | Organización | Fecha | Comentario |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns | |
| CAPEC Content Team | The MITRE Corporation | Updated Resources_Required | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses | |
| CAPEC Content Team | The MITRE Corporation | Updated Description, Extended_Description |
