[Survey application] The adversary takes an inventory of the entry points of the application.
[Determine user-controllable input susceptible to format string injection] Determine the user-controllable input susceptible to format string injection. For each user-controllable input that the adversary suspects is vulnerable to format string injection, attempt to inject formatting characters such as %n, %s, etc.. The goal is to manipulate the string creation using these formatting characters.
[Try to exploit the Format String Injection vulnerability] After determining that a given input is vulnerable to format string injection, hypothesize what the underlying usage looks like and the associated constraints.
Weakness Name | |
---|---|
CWE-134 |
Use of Externally-Controlled Format String The product uses a function that accepts a format string as an argument, but the format string originates from an external source. |
CWE-20 |
Improper Input Validation The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
CWE-74 |
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Name | Organization | Date | Date release |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation |
Name | Organization | Date | Comment |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation | Updated Attack_Phases, Attacker_Skills_or_Knowledge_Required, Description Summary, Resources_Required | |
CAPEC Content Team | The MITRE Corporation | Updated Attack_Motivation-Consequences | |
CAPEC Content Team | The MITRE Corporation | Updated Consequences | |
CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns | |
CAPEC Content Team | The MITRE Corporation | Updated References, Taxonomy_Mappings | |
CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses |