An attacker creates a client application to interface with a target
						service where the client violates assumptions the service makes about
						clients. Services that have designated client applications (as opposed to
						services that use general client applications, such as IMAP or POP mail
						servers which can interact with any IMAP or POP client) may assume that the
						client will follow specific procedures. For example, servers may assume that
						clients will accurately compute values (such as prices), will send correctly
						structured messages, and will attempt to ensure efficient interactions with
						the server. By reverse-engineering a client and creating their own version,
						an attacker can take advantage of these assumptions to abuse service
						functionality. For example, a purchasing service might send a unit price to
						its client and expect the client to correctly compute the total cost of a
						purchase. If the attacker uses a malicious client, however, the attacker
						could ignore the server input and declare any total price. Likewise, an
						attacker could configure the client to retain network or other server
						resources for longer than legitimately necessary in order to degrade server
						performance.