PT-2017-10394 · Flightgear+2 · Flightgear+2

Florent Rougon

Published

2016-12-20

Updated

2024-06-15

CVE-2016-9956

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions FlightGear versions prior to 2016.4.4

Description The issue allows remote attackers to write to arbitrary files via a crafted Nasal script, which is related to the route manager in FlightGear.

Recommendations For versions prior to 2016.4.4, update to version 2016.4.4 or later to resolve the issue.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

ALT-PU-2018-1974

CVE-2016-9956

DSA-3742-1

MGASA-2017-0011

OPENSUSE-SU-2024:10595-1

USN-4588-1

Affected Products

Alt Linux

Flightgear

Ubuntu

PT-2017-10394 · Flightgear+2 · Flightgear+2

CVE-2016-9956

Weakness Enumeration

Related Identifiers

Affected Products

References · 26