In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree.
References
Link | Resource |
---|---|
https://sourceforge.net/p/flightgear/flightgear/ci/c7a2aef59979af3e9ff22daabb37bdaadb91cd75/ | Exploit Third Party Advisory |
https://sourceforge.net/p/flightgear/flightgear/ci/2a5e3d06b2c0d9f831063afe7e7260bca456d679/ | Exploit Third Party Advisory |
Configurations
Information
Published : 2017-08-27 09:29
Updated : 2017-09-06 12:12
NVD link : CVE-2017-13709
Mitre link : CVE-2017-13709
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
flightgear
- flightgear