VYPR
Unrated severityNVD Advisory· Published Jun 17, 2012· Updated Jun 16, 2026

CVE-2012-2090

CVE-2012-2090

Description

Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:flightgear:flightgear:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:flightgear:flightgear:*:*:*:*:*:*:*:*range: <=2.6.0
    • cpe:2.3:a:flightgear:flightgear:1.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:flightgear:flightgear:2.0.0:*:*:*:*:*:*:*
    • (no CPE)range: <=2.6
  • Simgear/Simgear4 versions
    cpe:2.3:a:simgear:simgear:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:simgear:simgear:*:*:*:*:*:*:*:*range: <=2.6.0
    • cpe:2.3:a:simgear:simgear:1.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:simgear:simgear:2.0.0:*:*:*:*:*:*:*
    • (no CPE)range: <=2.6

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.