Common Vulnerability Scoring System
At RSA, Mike Schiffman presented a Common Vulnerability Scoring System. Brian Erdelyi has taken that, and made a web page to generate numbers. It’s at SecurityHive. (The page requires Javascript be turned on to function.)
CVSS
Adam Shostack points to the Common Vulnerability Scoring System (CVSS): Over the past several years, a number of large computer security vendors and not-for-profit organizations have developed, promoted, and implemented procedures to rank information s…