CyberSec.Space Logo
Back to CVE Browser

CVE-2016-10395

HIGH
7.8
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile9.96th
PublishedJun 15, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute arbitrary code with SYSTEM privileges.

Affected Platforms (CPE)

πŸ“¦
Flexerasoftware

Flexnet Publisher

<= 11.14.1

References & Advisories

πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-18-144-01
πŸ”— https://secuniaresearch.flexerasoftware.com/advisories/76368/
πŸ”— https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9134-vulnerabilities-within-schneider-electric-floating-license-manager
πŸ”— https://www.schneider-electric.com/en/download/document/SEVD-2018-046-01/
πŸ”— https://www.schneider-electric.com/en/download/document/SEVD-2018-137-01/
πŸ”— https://www.schneider-electric.com/en/download/document/SEVD-2018-144-01/
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-18-144-01
πŸ”— https://secuniaresearch.flexerasoftware.com/advisories/76368/

Related Vulnerabilities

CVE-2011-413410.0

Heap-based buffer overflow in lmadmin in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allows remote attack...

CVE-2011-413510.0

Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allo...

CVE-2018-200339.8

A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier cou...

CVE-2015-82779.8

Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in Flexera FlexNet Publisher before 11.13.1.2 Security Update 1 allow...