Security Severity Ratings: Difference between revisions

Run attacker code with local user privilege or to install software, requiring no user interaction beyond normal browsing. The big bada boom.

Overflows resulting in native code excution

JavaScript injection into browser chrome

Launching of arbitrary local application with provided arguments

Filetype spoofing where executables can masquerade as benign content types

Obtain confidential data from other sites the user is visiting or the local machine, or inject data or code into those sites, requiring no more than normal browsing actions.

Cross-site Scripting (XSS)

Theft of arbitrary files from local system

Spoofing of full URL bar or bypass of SSL integrity checks

Disclosure of sensitive information, such as name, username, entire browsing history, that represents a violation of privacy but by itself does not expose the user or organization to immediate risk.

A vulnerability that combined with another moderate vulnerability could result in an attack of high or critical severity (aka stepping stone).

Denial of Service attacks resulting in browser crash.

Identification a user by unauthorized access to username, or by profiling browsing behavior.

Disclosure of browser cache path

Detection of arbitrary local files

Launching of arbitrary local application without arguments

Local storage of passwords in unencrypted form

Minor security vulnerabilities such as temporary Denial of Service attacks, leaks or spoofs of non-sensitive information.

Detection of previous visit to a specific site

Script that hangs the browser for a while then triggers the "slow script" dialog

Corruption of browser dialogs or user input without the ability to spoof arbitrary messages