Flightgear · Flightgear · CVE-2017-8921
**Name of the Vulnerable Software and Affected Versions**
FlightGear versions prior to 2017.2.1
**Description**
The issue allows overwriting of files that the user has write access to, but only with the contents of a FlightGear flightplan (XML). This could be exploited by a malicious resource, such as a third-party aircraft, to damage user files. The problem exists due to an incomplete fix for a previous issue.
**Recommendations**
For versions prior to 2017.2.1, update to version 2017.2.1 or later to resolve the issue.