CAPEC 477 Signature Spoofing by Mixing Signed and Unsigned Content

Description

🇬🇧 English Original 🇮🇹 Italiano AI Translated

An attacker exploits the underlying complexity of a data structure that allows for both signed and unsigned content, to cause unsigned data to be processed as though it were signed data.

AI Generated Translation

Un attaccante sfrutta la complessità sottostante di una struttura dati che consente contenuti sia firmati che non firmati, per far sì che dati non firmati vengano elaborati come se fossero dati firmati.

Mitigations

1

Ensure The Application Is Fully Patched And Does Not Allow The Processing Of Unsigned Data As If It Is Signed Data.

Consequences

Consequence Information

{'impacts': [], 'impacts_translate': [], 'scopes': [], 'scopes_translate': []}

Relationships

Parent CAPECs

CAPEC-473