RSS   Vulnerabilities for 'X-plane'   RSS

2020-03-30
 
CVE-2019-19606

CWE-78
 

 
X-Plane before 11.41 has multiple improper path validations that could allow reading and writing files from/to arbitrary paths (or a leak of OS credentials to a remote system) via crafted network packets. This could be used to execute arbitrary commands on the system.

 
 
CVE-2019-19605

CWE-787
 

 
X-Plane before 11.41 allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution.

 


Copyright 2024, cxsecurity.com

 

Back to Top