André Ricardo Abed Grégio,  Luiz Gustavo C. Barbato,  Luiz Otávio Duarte,  Antonio Montes,  Cristine Hoepers,  Klaus Steding-Jessen. 

There is a large number of software vulnerabilities being discovered every year, but there is no accepted classification scheme or standard format to store information about vulnerabilities. This paper presents a survey of several initiatives in the area of vulnerabilities' taxonomies and classification, including the early proposals and more recent work.

http://www.lbd.dcc.ufmg.br/colecoes/sbseg/2005/009.pdf

Processando consulta.