Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 426502 (CVE-2012-2090) - <games-simulation/flightgear-3.4.0, <dev-games/simgear-3.4.0: Multiple buffer overflows and format string vulnerabilities (CVE-2012-{2090,2091})
Summary: <games-simulation/flightgear-3.4.0, <dev-games/simgear-3.4.0: Multiple buffer...
Status: RESOLVED FIXED
Alias: CVE-2012-2090
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2012-07-14 00:09 UTC by GLSAMaker/CVETool Bot
Modified: 2016-03-12 23:18 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2012-07-14 00:09:13 UTC
CVE-2012-2091 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2091):
  Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and
  earlier allow user-assisted remote attackers to cause a denial of service
  (crash) and possibly execute arbitrary code via a (1) long string in a rotor
  tag of an aircraft xml model to the Rotor::getValueforFGSet function in
  src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSocketUDP::read
  function in simgear/simgear/simgear/io/sg_socket_udp.cxx.

CVE-2012-2090 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2090):
  Multiple format string vulnerabilities in FlightGear 2.6 and earlier and
  SimGear 2.6 and earlier allow user-assisted remote attackers to cause a
  denial of service and possibly execute arbitrary code via format string
  specifiers in certain data chunk values in an aircraft xml model to (1)
  fgfs/flightgear/src/Cockpit/panel.cxx or (2)
  fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to
  simgear/simgear/scene/model/SGText.cxx.
Comment 1 Sergey Popov (RETIRED) gentoo-dev 2013-11-11 15:11:23 UTC
@maintainers: your opinion? upstream seems put this into low priority in discussion[1], but maybe i miss something.

Probably we should mask this

[1] - http://sourceforge.net/mailarchive/message.php?msg_id=28957051
Comment 2 Maciej Mrozowski gentoo-dev 2015-05-14 22:44:39 UTC
Affected versions are long gone from repository. Just sayin..
Comment 3 Sergey Popov (RETIRED) gentoo-dev 2015-05-16 06:04:06 UTC
Oops, it seems we missed resolution on this

New GLSA request is filed
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2016-03-12 23:18:29 UTC
This issue was resolved and addressed in
 GLSA 201603-12 at https://security.gentoo.org/glsa/201603-12
by GLSA coordinator Kristian Fiskerstrand (K_F).