20
edits
Security Severity Ratings: Difference between revisions
Jump to navigation
Jump to search
Explicitly mention sandbox escapes
(Add wsec-ssrf) |
Alex gaynor (talk | contribs) (Explicitly mention sandbox escapes) |
||
| Line 26: | Line 26: | ||
|} | |} | ||
;'''sec-high''': Obtain confidential data from other sites the user is visiting or the local machine, or inject data or code into those sites, requiring no more than normal browsing actions. Indefinite DoS of the user's system, requiring OS reinstallation or extensive cleanup. Exploitable web vulnerabilities that can lead to the targeted compromise of a small number of users. | ;'''sec-high''': Obtain confidential data from other sites the user is visiting or the local machine, or inject data or code into those sites, requiring no more than normal browsing actions. Indefinite DoS of the user's system, requiring OS reinstallation or extensive cleanup. Exploitable web vulnerabilities that can lead to the targeted compromise of a small number of users. Sandbox escapes which require the attacker to already have arbitrary code execution in the content process. | ||
{| class="wikitable collapsible " style="width: 100%" | {| class="wikitable collapsible " style="width: 100%" | ||
! ''sec-high Examples:'' | ! ''sec-high Examples:'' | ||
| Line 36: | Line 36: | ||
* Memory read that results in data being written into an inert container (ie string or image) that is subsequently accessible to content | * Memory read that results in data being written into an inert container (ie string or image) that is subsequently accessible to content | ||
* XSS (Reflected) | * XSS (Reflected) | ||
*Failure to use TLS where needed to ensure confidential/security | * Failure to use TLS where needed to ensure confidential/security | ||
* Memory corruption in a parent process IPC method which a malicious content process could exploit. | |||
|} | |} | ||