CVE-2012-2091

NONE EPSS 92.9%
Published Jun 17, 201214y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jun 17, 2012 14y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long string in a rotor tag of an aircraft xml model to the Rotor::getValueforFGSet function in src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSocketUDP::read function in simgear/simgear/simgear/io/sg_socket_udp.cxx.

Threat Intelligence

EPSS Exploit Probability
92.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 6

VendorProductVersionRange
flightgearflightgear* ≤2.6.0
flightgearflightgear1.9.1any
flightgearflightgear2.0.0any
simgearsimgear* ≤2.6.0
simgearsimgear1.9.1any
simgearsimgear2.0.0any

References 9

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.