Common Vulnerability Scoring System
At RSA, Mike Schiffman presented a Common Vulnerability Scoring System [link to http://www.security-focus.com/news/10541 no longer works]. Brian Erdelyi has taken that, and made a web page to generate numbers. It’s at SecurityHive. (The page requires Javascript be turned on to function.)
CVSS
Adam Shostack points to the Common Vulnerability Scoring System (CVSS): Over the past several years, a number of large computer security vendors and not-for-profit organizations have developed, promoted, and implemented procedures to rank information s…