Multiple format string vulnerabilities in FlightGear 2.6 and previous versions and SimGear 2.6 and previous versions allow user-assisted remote malicious users to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
simgear simgear 1.9.1 |
||
simgear simgear |
||
simgear simgear 2.0.0 |
||
flightgear flightgear |
||
flightgear flightgear 2.0.0 |
||
flightgear flightgear 1.9.1 |