Cache poisoning refers to a computer security vulnerability where invalid entries can be placed into a cache, which are then assumed to be valid when later used.[1] Two common varieties are DNS cache poisoning and ARP cache poisoning. Web cache poisoning [cs] involves the poisoning of web caches.[2] Attacks on other, more specific, caches also exist.[3][4][5]


  1. ^ "CAPEC-141: Cache Poisoning". CAPEC. Archived from the original on 2021-01-22. Retrieved 2021-01-22.
  2. ^ Nguyen, Hoai Viet; Iacono, Luigi Lo; Federrath, Hannes (6 November 2019). "Your Cache Has Fallen: Cache-Poisoned Denial-of-Service Attack". Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security: 1915–1936. doi:10.1145/3319535.3354215.
  3. ^ Hensler, Christopher; Tague, Patrick (15 May 2019). "Using bluetooth low energy spoofing to dispute device details: demo". Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks: 340–342. doi:10.1145/3317549.3326321.
  4. ^ Daswani, Neil; Garcia-Molina, Hector (2004). "Pong-cache poisoning in GUESS". Proceedings of the 11th ACM Conference on Computer and Communications Security - CCS '04: 98. doi:10.1145/1030083.1030099. ISBN 1581139616.
  5. ^ Wang, Dong; Dong, Wei Yu (April 2019). "Attacking Intel UEFI by Using Cache Poisoning". Journal of Physics: Conference Series. 1187 (4): 042072. doi:10.1088/1742-6596/1187/4/042072. Archived from the original on 2020-02-16. Retrieved 2021-01-22.