XML Schema Poisoning
Variants:
Direct
Also Known As:
WSDL Metadata Spoofing
Vector Type:
Attack
Relevance:
Generic
Layer:
Application-Level
Platforms:
Any
Target Type:
Web Application, Web Service
Affected Mechanisms:
Web Server Configuration, Hardening
Invented In:
01/01/2009
Added In:
30/12/2014
Vector Operation Method:
An attacker modifying or corrupting the content of XML schema information sent from the client and server may cause unexpected behaviors in the application, such as exceptions, or sending mass amounts of nested data to trigger XDoS denial of service effects.
