CAPEC | Related Weakness |
DNS Cache Poisoning |
CWE-345 | Insufficient Verification of Data Authenticity |
CWE-346 | Origin Validation Error |
CWE-348 | Use of Less Trusted Source |
CWE-349 | Acceptance of Extraneous Untrusted Data With Trusted Data |
CWE-350 | Reliance on Reverse DNS Resolution for a Security-Critical Action |
CWE-441 | Unintended Proxy or Intermediary ('Confused Deputy') |
|
Manipulating Writeable Configuration Files |
CWE-77 | Improper Neutralization of Special Elements used in a Command ('Command Injection') |
CWE-99 | Improper Control of Resource Identifiers ('Resource Injection') |
CWE-346 | Origin Validation Error |
CWE-349 | Acceptance of Extraneous Untrusted Data With Trusted Data |
CWE-353 | Missing Support for Integrity Check |
CWE-354 | Improper Validation of Integrity Check Value |
CWE-713 | OWASP Top Ten 2007 Category A2 - Injection Flaws |
|
Cache Poisoning |
CWE-345 | Insufficient Verification of Data Authenticity |
CWE-346 | Origin Validation Error |
CWE-348 | Use of Less Trusted Source |
CWE-349 | Acceptance of Extraneous Untrusted Data With Trusted Data |
CWE-441 | Unintended Proxy or Intermediary ('Confused Deputy') |
|