Search for packages
| purl | pkg:deb/debian/flightgear@3.0.0-5 |
| Next non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Latest non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Risk | 3.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7q3y-2xqq-xyeb
Aliases: CVE-2017-13709 |
In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. |
Affected by 1 other vulnerability. |
|
VCID-9ewn-73tt-dbbp
Aliases: CVE-2017-8921 |
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). A resource such as a malicious third-party aircraft could exploit this to damage files belonging to the user. Both this issue and CVE-2016-9956 are directory traversal vulnerabilities in Autopilot/route_mgr.cxx - this one exists because of an incomplete fix for CVE-2016-9956. |
Affected by 2 other vulnerabilities. |
|
VCID-f7c9-mtg5-73d2
Aliases: CVE-2025-0781 |
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level. |
Affected by 0 other vulnerabilities. |
|
VCID-jvuk-8u9v-wyfy
Aliases: CVE-2016-9956 |
security update |
Affected by 4 other vulnerabilities. Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-8tcp-1jww-k3f3 | Multiple vulnerabilities have been found in FlightGear and SimGear allowing remote attackers to cause Denial of Service and possibly execute arbitrary code. |
CVE-2012-2090
|
| VCID-sgqz-rav3-fufm | Multiple vulnerabilities have been found in FlightGear and SimGear allowing remote attackers to cause Denial of Service and possibly execute arbitrary code. |
CVE-2012-2091
|