CVE-2016-9956
NONE EPSS 86.8%
Published Feb 22, 20179y ago · Modified Jun 17, 20262w ago
Published Feb 22, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script.
Threat Intelligence
EPSS Exploit Probability
86.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-284
Affected Products 4
| Vendor | Product | Version | Range |
|---|---|---|---|
| debian | debian_linux | 8.0 | any |
| fedoraproject | fedora | 24 | any |
| fedoraproject | fedora | 25 | any |
| flightgear | flightgear | * | ≤2016.4.3 |
References 10
- debian.org http://www.debian.org/security/2016/dsa-3742
- openwall.com http://www.openwall.com/lists/oss-security/2016/12/14/11
- openwall.com http://www.openwall.com/lists/oss-security/2016/12/15/10
- openwall.com http://www.openwall.com/lists/oss-security/2016/12/16/5
- securityfocus.com http://www.securityfocus.com/bid/94945
- lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZKAN7V6UOHSRFWO567XMN4O6WXTSL32/
- lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DB3B5XBB2NL2O2U4WNYGH7ZL45Q4UHGG/
- sourceforge.net https://sourceforge.net/p/flightgear/flightgear/ci/280cd523686fbdb175d50417266d2487a8ce67d2/
- sourceforge.net https://sourceforge.net/projects/flightgear/files/release-2016.4/
- usn.ubuntu.com https://usn.ubuntu.com/4588-1/
Remediation
- openwall.com http://www.openwall.com/lists/oss-security/2016/12/14/11
- openwall.com http://www.openwall.com/lists/oss-security/2016/12/15/10
- sourceforge.net https://sourceforge.net/p/flightgear/flightgear/ci/280cd523686fbdb175d50417266d2487a8ce67d2/
- sourceforge.net https://sourceforge.net/projects/flightgear/files/release-2016.4/