CAPEC-476: Signature Spoofing by Misrepresentation
ID
CAPEC-476
Typical Severity
High
Likelihood Of Attack
Low
Status
Draft
An attacker exploits a weakness in the parsing or display code of the recipient software to generate a data blob containing a supposedly valid signature, but the signer's identity is falsely represented, which can lead to the attacker manipulating the recipient software or its victim user to perform compromising actions.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-290 | Authentication Bypass by Spoofing | weakness |