PT-2017-13035 · Flightgear · Flightgear

Florent Rougon

Published

2017-08-27

Updated

2017-10-09

CVE-2017-13709

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions FlightGear versions prior to 2017.3.1

Description The issue affects the FGLogger subsystem in FlightGear, specifically in Main/logger.cxx. It allows overwriting of any file through a resource that impacts the global Property Tree's contents.

Recommendations For versions prior to 2017.3.1, update to version 2017.3.1 or later to resolve the issue.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-13709

MGASA-2017-0362

Affected Products

Flightgear

PT-2017-13035 · Flightgear · Flightgear

CVE-2017-13709

Weakness Enumeration

Related Identifiers

Affected Products

References · 15