CVE-2012-2090 - Vulnerability Details - OpenCVE

Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Flightgear	Flightgear
Simgear	Simgear

Configuration 1 [-]

OR	cpe:2.3:a:flightgear:flightgear::::::::
	cpe:2.3:a:flightgear:flightgear:1.9.1:::::::*
	cpe:2.3:a:flightgear:flightgear:2.0.0:::::::*
	cpe:2.3:a:simgear:simgear::::::::
	cpe:2.3:a:simgear:simgear:1.9.1:::::::*
	cpe:2.3:a:simgear:simgear:2.0.0:::::::*

No data.

References

Link	Providers
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081997.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082002.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082017.html
http://secunia.com/advisories/48780
http://sourceforge.net/mailarchive/message.php?msg_id=28957051
http://sourceforge.net/mailarchive/message.php?msg_id=29012174
http://www.openwall.com/lists/oss-security/2012/04/10/13
https://bugzilla.redhat.com/show_bug.cgi?id=811617
https://exchange.xforce.ibmcloud.com/vulnerabilities/74791
https://security.gentoo.org/glsa/201603-12

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-06-17T01:00:00

Updated: 2024-08-06T19:26:07.202Z

Reserved: 2012-04-04T00:00:00

Link: CVE-2012-2090

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-06-17T03:41:40.560

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-2090

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-03-09T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "48780", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48780"}, {"name": "flightgear-xml-format-string(74791)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74791"}, {"name": "FEDORA-2012-8615", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082017.html"}, {"name": "[oss-security] 20120410 Re: CVE Request: FlightGear and Simgear Multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/04/10/13"}, {"name": "FEDORA-2012-8650", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082002.html"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=811617"}, {"name": "GLSA-201603-12", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201603-12"}, {"name": "[Flightgear-devel] 20120320 Re: Flightgear and Simgear multiple format string vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://sourceforge.net/mailarchive/message.php?msg_id=29012174"}, {"name": "FEDORA-2012-8647", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081997.html"}, {"name": "[Flightgear-devel] 20120309 Flightgear and Simgear multiple format string vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://sourceforge.net/mailarchive/message.php?msg_id=28957051"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:26:07.202Z"}, "title": "CVE Program Container", "references": [{"name": "48780", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48780"}, {"name": "flightgear-xml-format-string(74791)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74791"}, {"name": "FEDORA-2012-8615", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082017.html"}, {"name": "[oss-security] 20120410 Re: CVE Request: FlightGear and Simgear Multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/04/10/13"}, {"name": "FEDORA-2012-8650", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082002.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=811617"}, {"name": "GLSA-201603-12", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201603-12"}, {"name": "[Flightgear-devel] 20120320 Re: Flightgear and Simgear multiple format string vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://sourceforge.net/mailarchive/message.php?msg_id=29012174"}, {"name": "FEDORA-2012-8647", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081997.html"}, {"name": "[Flightgear-devel] 20120309 Flightgear and Simgear multiple format string vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://sourceforge.net/mailarchive/message.php?msg_id=28957051"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-2090", "datePublished": "2012-06-17T01:00:00", "dateReserved": "2012-04-04T00:00:00", "dateUpdated": "2024-08-06T19:26:07.202Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:flightgear:flightgear:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC81BE3E-813A-4348-B845-35BBA02ABBCD", "versionEndIncluding": "2.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:flightgear:flightgear:1.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "C2A22029-37C3-4E48-A0B7-BF8A317F7EA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:flightgear:flightgear:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F778F4A4-4994-4C93-BA5E-6A1C5BDA354C", "vulnerable": true}, {"criteria": "cpe:2.3:a:simgear:simgear:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5A0A5E8-7606-49C4-A294-FB258F8C0643", "versionEndIncluding": "2.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:simgear:simgear:1.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "703223A4-4C9A-4359-A950-C395CD53BE97", "vulnerable": true}, {"criteria": "cpe:2.3:a:simgear:simgear:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F3A247B-969D-484E-8BEC-1A42F600839E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de formato de cadena en FlightGear v2.6 y versiones anteriores y SimGear v2.6 y versiones anteriores, que permite a atacantes remotos asistidos por el usuario causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de especificadores de formato de cadena en ciertos fragmentos de datos en un xml de modelo de aeronave a(1) fgfs/flightgear/src/Cockpit/panel.cxx o (2) fgfs/flightgear/src/Network/generic.cxx, o (3) un gr\u00e1fico de modelo de escena a simgear/simgear/scene/model/SGText.cxx."}], "id": "CVE-2012-2090", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-06-17T03:41:40.560", "references": [{"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081997.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082002.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082017.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/48780"}, {"source": "secalert@redhat.com", "url": "http://sourceforge.net/mailarchive/message.php?msg_id=28957051"}, {"source": "secalert@redhat.com", "url": "http://sourceforge.net/mailarchive/message.php?msg_id=29012174"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/04/10/13"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=811617"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74791"}, {"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/201603-12"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081997.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/48780"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/mailarchive/message.php?msg_id=28957051"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/mailarchive/message.php?msg_id=29012174"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/04/10/13"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=811617"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74791"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201603-12"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-134"}], "source": "nvd@nist.gov", "type": "Primary"}]}