14 matches found
SUSE CVE-2016-9956
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...
Null pointer dereference
An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An...
NetworkManager and libnl3 security, bug fix and enhancement update
NetworkManager 1:1.8.0-9 - device: don't change MTU unless explicitly configured rh 1460760 - core: don't remove external IPv4 addresses rh 1459813 1:1.8.0-8 - cli: fix output of iface in overview output rh1460219 - ppp: unexport NMPPPManager instance on dispose rh1459579 - cli: remove spurious...
Fedora 26 : FlightGear (2017-60775d65bb)
This updates fixes a security bug in the route manager, to prevent it from overwriting arbitrary files CVE-2017-8921 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
Fedora 24 : FlightGear (2017-fc10e3165a)
This updates fixes a security bug in the route manager, to prevent it from overwriting arbitrary files CVE-2017-8921 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
DEBIAN-CVE-2017-8921
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan XML. A resource such as a malicious third-party aircraft could exploit this to damage files belonging to...
DEBIAN-CVE-2016-9956
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...
CVE-2016-9956
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...
UBUNTU-CVE-2016-9956
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...
CVE-2016-9956
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...
Design/Logic Flaw
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...
CVE-2016-9956
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...
CVE-2016-9956
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...
CVE-2016-9956
FlightGear’s route manager is vulnerable in versions before 2016.4.4: a crafted Nasal script can cause remote attackers to overwrite arbitrary files the user can write to. The issue is a directory-traversal flaw in Autopilot/route_mgr.cxx, stemming from an incomplete prior fix for CVE-2016-9956. ...