Common Vulnerability Scoring System
At RSA, Mike Schiffman presented a Common Vulnerability Scoring System. Brian Erdelyi has taken that, and made a web page to generate numbers. It’s at SecurityHive [link to https://www.securityhive.com/index.php?module=ContentExpress&func=display&ceid=3 no longer works]. (The page requires Javascript be turned on to function.)
CVSS
Adam Shostack points to the Common Vulnerability Scoring System (CVSS): Over the past several years, a number of large computer security vendors and not-for-profit organizations have developed, promoted, and implemented procedures to rank information s…