Security Severity Ratings: Difference between revisions

Jump to navigation Jump to search

Security Severity Ratings (view source)

Revision as of 03:59, 11 April 2014

2 bytes added ,  11 April 2014
→‎Priority Matrix
Line 395: Line 395:
|
|
;'''Blocker''': Anything which is easily exploitable or reproducible and/or we are seeing active attempts to exploit. Anything which has a high impact to Mozilla should also be considered. This priority flag should communicate that other work is blocked
;'''Blocker''': Anything which is easily exploitable or reproducible and/or we are seeing active attempts to exploit. Anything which has a high impact to Mozilla should also be considered. This priority flag should communicate that other work is blocked
by this issue and it should be resolved immediatly.
by this issue and it should be resolved immediately.
''Examples:''
''Examples:''
* SQL injection or Injection Flaws and Remote File Inclusion (RFI)
* SQL injection or Injection Flaws and Remote File Inclusion (RFI)
* Anything which has been publicized as a 0day which falls into the 'Critical' category.  
* Anything which has been publicized as a 0day which falls into the 'Critical' category.  
* Flaws being activly used in the wild (chemspill?).
* Flaws being actively used in the wild (chemspill?).


;'''Critical''': Vulnerabilities which are exploitable and/or hard to reproduce. We are also not seeing these being actively exploited or have another means to protect against a vulnerability.  
;'''Critical''': Vulnerabilities which are exploitable and/or hard to reproduce. We are also not seeing these being actively exploited or have another means to protect against a vulnerability.  
Mrz
Confirmed users, Bureaucrats and Sysops emeriti
1,081

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/963345"

Navigation menu