CAPEC-231: Oversized Serialized Data Payloads

An adversary injects oversized serialized data payloads into a parser during data processing to produce adverse effects upon the parser such as exhausting system resources and arbitrary code execution.

Severity

High

Likelihood

Medium

/ 100

low-risk

Active Threat 9/50 · Minimal

Exploit Availability 2/50 · Minimal