This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Summit 2011 Working Sessions/Session203/Deliverable 2
From OWASP
Deliverable 2
OWASP Security Bulletin Template
Open Web Application Security Program - Security Bulletin [RELEASEDATE] ---------------------------------------------------------------------------- FLAW TITLE (CVE-????) SUMMARY ---------------------------------------------------------------------------- Short description of the flaw and how it was discovered. CVSS SCORE (Overall Score in Parenthesis) ---------------------------------------------------------------------------- Calculated at http://nvd.nist.gov/cvss.cfm?calculator&version=2 CVSS Base Score ? Impact Subscore ? Exploitability Subscore ? CVSS Temporal Score ? CVSS Environmental Score Undefined (We can't calculate environmental factors) Overall CVSS Score ? DETAILS ---------------------------------------------------------------------------- Details of the flaw, including research notes should go into this section. IMPACT ---------------------------------------------------------------------------- Potential impact of the flaw should be described here LIKELIHOOD OF EXPLOIT ---------------------------------------------------------------------------- Likelihood that the flaw would be exploited should go here. Details such as whether the flaw is in the wild, if proof of concept code exists, if that code is publicly available or has been released, and other factors relating to the likelihood of the flaw being exploted should all be disclosed here. AFFECTED VERSIONS ---------------------------------------------------------------------------- Projects and versions that are vulnerable ISSUE TRACKER LINKS ---------------------------------------------------------------------------- Links to issues in the project(s) issue trackers should be listed here WORKAROUND ---------------------------------------------------------------------------- If a workaround solution exists, it should be detailed here PERMANENT RESOLUTION ---------------------------------------------------------------------------- If a permanent solution exists, it should be detailed here ---------------------------------------------------------------------------- OWASP Projects Security Disclosure Group [email protected] PGP: ????