CVE-2017-8921 in FlightGearजानकारी

सारांश

द्वारा MITRE

In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). A resource such as a malicious third-party aircraft could exploit this to damage files belonging to the user. Both this issue and CVE-2016-9956 are directory traversal vulnerabilities in Autopilot/route_mgr.cxx - this one exists because of an incomplete fix for CVE-2016-9956.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

आरक्षित करना

12/05/2017

प्रकटीकरण

12/05/2017

प्रविष्टि

VDB-101215

EPSS

0.01420

गतिविधियाँ

बहुत कम

स्रोत

Do you know our Splunk app?

Download it now for free!