CAPEC-203 - Manipulate Application Registry Values

An attacker manipulates the registry values used by an application to perform a variety of possible attacks. Many applications utilize registries to store configuration and service information. As such, attacks that manipulate these registries can affect individual services (affecting billing, authorization, or even allowing for identity spoofing) or the overall configuration of the targeted application. It is important to note that "registry" does not only refer to the Microsoft Windows Registry, but to any registry used by an application. For example, both Java RMI and SOAP use registries to track available services. Changing registry values is sometimes undertaken as part of another attack; for example, a path traversal (inserting relative path modifiers) or buffer overflow (enlarging a registry value beyond an application's ability to store it), but given the long term usage of many registry values, the registry manipulation could be its own end.

Severity

Likelihood

Confidentiality

Integrity

Availability

The targeted application must rely on values stored in a registry.

No special resources are required.