An attacker sends a SOAP message where the field values are other than
						what the server is likely to expect in order to precipitate non-standard
						server behavior. In a SOAP message, parameters take the form of values
						within XML elements. The server will have an XML schema that indicates
						certain restrictions on these parameter values. For example, the server may
						expect a parameter to be a string with fewer than 10 characters, or a number
						less than 100. In a SOAP parameter tampering attack, an attacker either
						violates this schema, or takes advantage of flexibility within the schame
						(for example, a lack of a character limit) to provide parameters that a
						server might not expect. Examples of unexpected parameters include oversized
						data, data with different data types, inserting metacharacters within data,
						and sending contextually inappropriate data (for example, sending a
						non-existant product name in a product name field or using an our-of-order
						sequence number). Results of this attack can include information disclosure,
						denial of service, or even execution of arbitrary code.