Title: FlightGear src/FDM/YASim/Rotor.cpp Rotor::getValueforFGSet() Function Aircraft Model Rotor Tag Parsing Remote Overflow
Mar 20, 2012
FlightGear is prone to an overflow condition. The Rotor::getValueforFGSet() function in src/FDM/YASim/Rotor.cpp fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted aircraft model rotor tag, a remote attacker can potentially execute arbitrary code.
Remote / Network Access
Loss of Integrity
OSVDB is not aware of a solution for this vulnerability.