CAPEC-44: Overflow Binary Resource File
Description
Extended Description
The fundamental difference is that embedded messages have a complete semantic quality, rather than mere imagery, and the mind of the target tends to key off of particular dominant patterns. The remaining information, carefully structured, speaks directly to the subconscious with a subtle, indirect, command. The effect is to produce a pattern of thinking that the attacker has predetermined but is buried within the message and not overtly stated. Structuring a human "buffer overflow" requires precise attention to detail and the use of information in a manner that distracts the conscious mind from the message the subconscious is receiving.
Severity :
Very High
Possibility :
High
Type :
Detailed
Relationships with other CAPECs
This table shows the other attack patterns and high level categories that are related to this attack pattern.
Prerequisites
This table shows the other attack patterns and high level categories that are related to this attack pattern.
- Target software processes binary resource files.
- Target software contains a buffer overflow vulnerability reachable through input from a user-controllable binary resource file.
Skills required
This table shows the other attack patterns and high level categories that are related to this attack pattern.
- Medium To modify file, deceive client into downloading, locate and exploit remote stack or heap vulnerability
Taxonomy mappings
Mappings to ATT&CK, OWASP and other frameworks.
Related CWE
A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful.
Visit http://capec.mitre.org/ for more details.