CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-20033

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0350%
EPSS Percentile26.50th
Published2019年2月25日
Last Modified2024年11月21日

Vulnerability Description

A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier could allow a remote attacker to corrupt the memory by allocating / deallocating memory, loading lmgrd or the vendor daemon and causing the heartbeat between lmgrd and the vendor daemon to stop. This would force the vendor daemon to shut down. No exploit of this vulnerability has been demonstrated.

Affected Platforms (CPE)

📦
Flexera

Flexnet Publisher

<= 11.16.1.0
📦
Oracle

Communications Lsms

>= 13.1 and <= 13.4

References & Advisories

🔗 http://www.securityfocus.com/bid/109155
🔗 https://secuniaresearch.flexerasoftware.com/advisories/85979/
🔗 https://www.oracle.com/security-alerts/cpuoct2021.html
🔗 http://www.securityfocus.com/bid/109155
🔗 https://secuniaresearch.flexerasoftware.com/advisories/85979/
🔗 https://www.oracle.com/security-alerts/cpuoct2021.html

相關漏洞威脅

CVE-2011-413510.0

Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allo...

CVE-2011-413410.0

Heap-based buffer overflow in lmadmin in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allows remote attack...

CVE-2015-82779.8

Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in Flexera FlexNet Publisher before 11.13.1.2 Security Update 1 allow...

CVE-2016-103957.8

In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boun...