5 matches found
CVE-2017-8921
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan XML. A resource such as a malicious third-party aircraft could exploit this to damage files belonging to...
Fedora 26 : FlightGear (2017-60775d65bb)
This updates fixes a security bug in the route manager, to prevent it from overwriting arbitrary files CVE-2017-8921 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
Fedora 24 : FlightGear (2017-fc10e3165a)
This updates fixes a security bug in the route manager, to prevent it from overwriting arbitrary files CVE-2017-8921 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
CVE-2017-8921
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan XML. A resource such as a malicious third-party aircraft could exploit this to damage files belonging to...
CVE-2017-8921
In FlightGear, prior to 2017.2.1, FGCommand can overwrite user-writable files with the contents of a FlightGear flightplan (XML); this is a directory traversal issue in Autopilot/route_mgr.cxx stemming from an incomplete fix for CVE-2016-9956. The impact is that a malicious aircraft could damage ...