CVE-2012-2090
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx.
Múltiples vulnerabilidades de formato de cadena en FlightGear v2.6 y versiones anteriores y SimGear v2.6 y versiones anteriores, que permite a atacantes remotos asistidos por el usuario causar una denegación de servicio y posiblemente ejecutar código arbitrario a través de especificadores de formato de cadena en ciertos fragmentos de datos en un xml de modelo de aeronave a(1) fgfs/flightgear/src/Cockpit/panel.cxx o (2) fgfs/flightgear/src/Network/generic.cxx, o (3) un gráfico de modelo de escena a simgear/simgear/scene/model/SGText.cxx.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-04-04 CVE Reserved
- 2012-06-17 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-134: Use of Externally-Controlled Format String
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://sourceforge.net/mailarchive/message.php?msg_id=28957051 | Mailing List | |
| http://sourceforge.net/mailarchive/message.php?msg_id=29012174 | Mailing List | |
| http://www.openwall.com/lists/oss-security/2012/04/10/13 | Mailing List |
|
| https://bugzilla.redhat.com/show_bug.cgi?id=811617 | X_refsource_misc | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74791 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Flightgear Search vendor "Flightgear" | Flightgear Search vendor "Flightgear" for product "Flightgear" | <= 2.6.0 Search vendor "Flightgear" for product "Flightgear" and version " <= 2.6.0" | - |
Affected
| ||||||
| Flightgear Search vendor "Flightgear" | Flightgear Search vendor "Flightgear" for product "Flightgear" | 1.9.1 Search vendor "Flightgear" for product "Flightgear" and version "1.9.1" | - |
Affected
| ||||||
| Flightgear Search vendor "Flightgear" | Flightgear Search vendor "Flightgear" for product "Flightgear" | 2.0.0 Search vendor "Flightgear" for product "Flightgear" and version "2.0.0" | - |
Affected
| ||||||
| Simgear Search vendor "Simgear" | Simgear Search vendor "Simgear" for product "Simgear" | <= 2.6.0 Search vendor "Simgear" for product "Simgear" and version " <= 2.6.0" | - |
Affected
| ||||||
| Simgear Search vendor "Simgear" | Simgear Search vendor "Simgear" for product "Simgear" | 1.9.1 Search vendor "Simgear" for product "Simgear" and version "1.9.1" | - |
Affected
| ||||||
| Simgear Search vendor "Simgear" | Simgear Search vendor "Simgear" for product "Simgear" | 2.0.0 Search vendor "Simgear" for product "Simgear" and version "2.0.0" | - |
Affected
| ||||||