Search for packages
| purl | pkg:deb/debian/flightgear@3.0.0-5 |
| Next non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Latest non-vulnerable version | 1:2020.3.16+dfsg-1+deb12u1 |
| Risk | 3.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1j2q-k2gh-pqdk
Aliases: CVE-2025-0781 |
An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level. |
Affected by 0 other vulnerabilities. |
|
VCID-7txw-7t76-aaab
Aliases: CVE-2017-8921 |
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). A resource such as a malicious third-party aircraft could exploit this to damage files belonging to the user. Both this issue and CVE-2016-9956 are directory traversal vulnerabilities in Autopilot/route_mgr.cxx - this one exists because of an incomplete fix for CVE-2016-9956. |
Affected by 2 other vulnerabilities. |
|
VCID-jx8t-94cp-aaas
Aliases: CVE-2016-9956 |
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script. |
Affected by 4 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-vm83-ajzg-aaan
Aliases: CVE-2017-13709 |
In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2gkf-7tg1-aaab | Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx. |
CVE-2012-2090
|
| VCID-7gtb-wvpj-aaaq | Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long string in a rotor tag of an aircraft xml model to the Rotor::getValueforFGSet function in src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSocketUDP::read function in simgear/simgear/simgear/io/sg_socket_udp.cxx. |
CVE-2012-2091
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:05:58.668274+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:05:18.729246+00:00 | Debian Oval Importer | Fixing | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:40:30.038336+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:08:05.949350+00:00 | Debian Oval Importer | Fixing | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:06:44.761822+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:23:46.234778+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T09:49:25.526580+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T01:05:00.951392+00:00 | Debian Oval Importer | Fixing | VCID-7gtb-wvpj-aaaq | None | 36.1.3 |
| 2025-06-21T00:34:44.866715+00:00 | Debian Oval Importer | Fixing | VCID-2gkf-7tg1-aaab | None | 36.1.3 |
| 2025-06-21T00:03:17.882842+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.1.3 |
| 2025-06-20T22:47:34.053195+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.1.3 |
| 2025-06-20T19:39:55.369667+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.1.3 |
| 2025-06-08T11:35:05.703606+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:36:56.228938+00:00 | Debian Oval Importer | Fixing | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:33:42.311654+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:01:37.451847+00:00 | Debian Oval Importer | Fixing | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:01:37.765484+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:25:27.866436+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:38:04.858785+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T18:27:35.195737+00:00 | Debian Oval Importer | Fixing | VCID-7gtb-wvpj-aaaq | None | 36.1.0 |
| 2025-06-07T17:57:22.387119+00:00 | Debian Oval Importer | Fixing | VCID-2gkf-7tg1-aaab | None | 36.1.0 |
| 2025-06-07T17:26:05.581637+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.1.0 |
| 2025-06-07T16:11:28.391618+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.1.0 |
| 2025-06-07T13:34:03.744559+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.1.0 |
| 2025-04-13T03:10:21.652030+00:00 | Debian Oval Importer | Affected by | VCID-1j2q-k2gh-pqdk | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:36:05.277642+00:00 | Debian Oval Importer | Fixing | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:45:02.394790+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:37:36.457617+00:00 | Debian Oval Importer | Fixing | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:00:48.523165+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:19:34.186544+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:18:27.394989+00:00 | Debian Oval Importer | Fixing | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:06:25.417235+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:34:18.520234+00:00 | Debian Oval Importer | Fixing | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:33:34.158687+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:56:36.803716+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:05:50.293599+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T17:05:11.893829+00:00 | Debian Oval Importer | Fixing | VCID-7gtb-wvpj-aaaq | None | 36.0.0 |
| 2025-04-07T16:34:15.599817+00:00 | Debian Oval Importer | Fixing | VCID-2gkf-7tg1-aaab | None | 36.0.0 |
| 2025-04-07T16:00:26.346225+00:00 | Debian Oval Importer | Affected by | VCID-vm83-ajzg-aaan | None | 36.0.0 |
| 2025-04-07T14:42:51.219491+00:00 | Debian Oval Importer | Affected by | VCID-7txw-7t76-aaab | None | 36.0.0 |
| 2025-04-07T12:09:29.777343+00:00 | Debian Oval Importer | Affected by | VCID-jx8t-94cp-aaas | None | 36.0.0 |
| 2024-11-28T22:53:04.524356+00:00 | Debian Oval Importer | Fixing | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T22:49:27.531954+00:00 | Debian Oval Importer | Fixing | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-14T07:19:46.032446+00:00 | Debian Oval Importer | Fixing | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T07:17:03.510300+00:00 | Debian Oval Importer | Fixing | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-21T07:09:44.502241+00:00 | Debian Oval Importer | Fixing | VCID-7gtb-wvpj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T07:08:52.488980+00:00 | Debian Oval Importer | Fixing | VCID-2gkf-7tg1-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |