Detailedlikelihood: Highseverity: Very HighDraft

CAPEC-44Overflow Binary Resource File

Abstraction
Detailed
Status
Draft
Likelihood
High
Severity
Very High

Description

An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the adversary access to the execution stack and execute arbitrary code in the target process.

Related weaknesses· 3

CWE-120CWE-119CWE-697

Related attack patterns· 2

CAPEC-100 (ChildOf)CAPEC-23 (ChildOf)

Exploits3

TypeTargetConfidenceTier
WeaknessImproper Restriction of Operations within the Bounds of a Memory Buffercwe-119100%live
WeaknessBuffer Copy without Checking Size of Input ('Classic Buffer Overflow')cwe-120100%live
WeaknessIncorrect Comparisoncwe-697100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Buffer Overflow via Symbolic Links
CAPEC
File Content Injection
CAPEC
Client-side Injection-induced Buffer Overflow
CAPEC
Overflow Buffers
CAPEC
Leverage Executable Code in Non-Executable Files
CAPEC
File Manipulation
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.