CVE-2017-13709

Published: Aug 27, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree.

Affected (1)

Products: Flightgear: Flightgear

Flightgear

1 product

Flightgear

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Flightgear Flightgear	Version 2017.2.1

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

https://sourceforge.net/p/flightgear/flightgear/ci/2a5e3d06b2c0d9f831063afe7e7260bca456d679/

Source: cve@mitre.org

ExploitThird Party Advisory

https://sourceforge.net/p/flightgear/flightgear/ci/c7a2aef59979af3e9ff22daabb37bdaadb91cd75/

Source: cve@mitre.org

ExploitThird Party Advisory

https://sourceforge.net/p/flightgear/flightgear/ci/2a5e3d06b2c0d9f831063afe7e7260bca456d679/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://sourceforge.net/p/flightgear/flightgear/ci/c7a2aef59979af3e9ff22daabb37bdaadb91cd75/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.