oss-sec mailing list archives

CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files

From: Salvatore Bonaccorso <carnil () debian org>
Date: Wed, 14 Dec 2016 16:57:11 +0100

Hi

The FlightGear project fixed a security issue, allowing arbitrary file
overwrites for files the user running FlightGear has write access to
and could be taken advantage to for other impact as arbitrary code
execution.

References:
https://bugs.debian.org/848114
https://sourceforge.net/p/flightgear/flightgear/ci/280cd523686fbdb175d50417266d2487a8ce67d2/

Can you please assign a CVE for this FlightGear issue.

Regards,
Salvatore

Current thread:

CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files Salvatore Bonaccorso (Dec 14)
- Re: CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files cve-assign (Dec 15)
- <Possible follow-ups>
- Re: CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files Florent Rougon (Dec 16)