• Home
• com.daedafusion.mitre
• cybox-jaxb
• 2.1
• source code
• Win_Memory_Page_Region_Object.xsd

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

objects.Win_Memory_Page_Region_Object.xsd Maven / Gradle / Ivy

	
		This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
		
			Win_Memory_Page_Region_Object
			2.1
			01/22/2014			
			The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. 
			Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
		
	
	
	
	
		
			The Windows_Memory_Page_Region object is intended represent a single Windows memory page region.
		
	
	
		
			The WindowsMemoryPageRegionObjectType type is intended to characterize Windows memory page regions.
		
		
			
				
					
						
							The Type field specifies the type of pages in the memory page region.
						
					
					
						
							The Allocation_Base_Address field specifies the base address of the memory page region when the region was first allocated.
						
					
					
						
							The Allocation_Protect field specifies the memory protection option for the memory page region when the region was initially allocated.
						
					
					
						
							The State field specifies the state of the memory pages in the region.
						
					
					
						
							The Protect field specifies the access protection of the memory pages in the region.
						
					
				
			
		
	
	
		
			MemoryPageProtectionType specifies memory protection constant types, via a union of the MemoryPageProtectionEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.
		
		
			
				
					
				
				
					
						This attribute is optional and specifies the expected type for the value of the specified property.
					
				
			
		
	
	
		
			The MemoryPageProtectionEnum defines an enumeration of memory page protection constants. As a further reference, please see: http://msdn.microsoft.com/en-us/library/windows/desktop/aa366786(v=vs.85).aspx.
		
		
			
				
					From Microsoft: "Enables execute access to the committed region of pages. An attempt to read from or write to the committed region results in an access violation.".
				
			
			
				
					From Microsoft: "Enables execute or read-only access to the committed region of pages. An attempt to write to the committed region results in an access violation.".
				
			
			
				
					From Microsoft: "Enables execute, read-only, or read/write access to the committed region of pages.".
				
			
			
				
					From Microsoft: "Enables execute, read-only, or copy-on-write access to a mapped view of a file mapping object. An attempt to write to a committed copy-on-write page results in a private copy of the page being made for the process. The private page is marked as PAGE_EXECUTE_READWRITE, and the change is written to the new page.".
				
			
			
				
					From Microsoft: "Disables all access to the committed region of pages. An attempt to read from, write to, or execute the committed region results in an access violation.".
				
			
			
				
					From Microsoft: "Enables read-only access to the committed region of pages. An attempt to write to the committed region results in an access violation. If Data Execution Prevention is enabled, an attempt to execute code in the committed region results in an access violation.".
				
			
			
				
					From Microsoft: "Enables read-only or read/write access to the committed region of pages. If Data Execution Prevention is enabled, attempting to execute code in the committed region results in an access violation.".
				
			
			
				
					From Microsoft: "Enables read-only or copy-on-write access to a mapped view of a file mapping object. An attempt to write to a committed copy-on-write page results in a private copy of the page being made for the process. The private page is marked as PAGE_READWRITE, and the change is written to the new page. If Data Execution Prevention is enabled, attempting to execute code in the committed region results in an access violation.".
				
			
		
	
	
		
			MemoryPageStateType specifies memory protection states, via a union of the MemoryPageStateEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.
		
		
			
				
					
				
				
					
						This attribute is optional and specifies the expected type for the value of the specified property.
					
				
			
		
	
	
		
			The MemoryPageStateEnum defines an enumeration of memory page states. As a further reference, please see: http://msdn.microsoft.com/en-us/library/windows/desktop/aa366775(v=vs.85).aspx.
		
		
			
				
					From Microsoft: "Indicates committed pages for which physical storage has been allocated, either in memory or in the paging file on disk.".
				
			
			
				
					From Microsoft: "Indicates free pages not accessible to the calling process and available to be allocated. For free pages, the information in the AllocationBase, AllocationProtect, Protect, and Type members is undefined.".
				
			
			
				
					From Microsoft: "Indicates reserved pages where a range of the process's virtual address space is reserved without any physical storage being allocated. For reserved pages, the information in the Protect member is undefined.".
				
			
		
	
	
		
			MemoryPageTypeType specifies memory protection type, via a union of the MemoryPageTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.
		
		
			
				
					
				
				
					
						This attribute is optional and specifies the expected type for the value of the specified property.
					
				
			
		
	
	
		
			The MemoryPageTypeEnum defines an enumeration of memory page types. As a further reference, please see: http://msdn.microsoft.com/en-us/library/windows/desktop/aa366775(v=vs.85).aspx.
		
		
			
				
					From Microsoft: "Indicates that the memory pages within the region are mapped into the view of an image section.".
				
			
			
				
					From Microsoft: "Indicates that the memory pages within the region are mapped into the view of a section.".
				
			
			
				
					From Microsoft: "Indicates that the memory pages within the region are private (that is, not shared by other processes).".