Confirm
446
edits
Changes
oops, my mistake, that's inaccurate
==Severity Ratings Table==
<table border="1">
<tr>
<th scope="row">Critical</th>
<td align="left" valign="top"><p>Run attacker code with local user privilege or to install software, requiring no user interaction beyond normal browsing. The big bada boom.</p></td>
<td align="left" valign="top"> <p>Overflows resulting in native code executionexcution</p>
<p>JavaScript injection into browser chrome</p>
<p>Launching of arbitrary local application with provided arguments</p>
<th scope="row">High</th>
<td align="left" valign="top"><p>Obtain confidential data from other sites the user is visiting or the local machine, or inject data or code into those sites, requiring no more than normal browsing actions.</p>
<p>Indefinite DoS of the user's system, requiring OS reinstallation or extensive cleanup</p></td>
<td align="left" valign="top"><p>Cross-site Scripting (XSS)</p>
==Additional Security Status Codes==
If a potential security issue has not yet been assigned a severity rating, or a rating is not appropriate, the whiteboard may instead contain one of the following security status codes.
