CVE-2016-10395

Summary

In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute arbitrary code with SYSTEM privileges.

Affected Software

VendorProductVersion RangeStatus
Flexera Software LLCFlexNet PublisherVersions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platformaffected

Weaknesses

  • Out-of-bounds memory read access leading to local user privilege escalation

ADP Enrichment

CVE Program Container

Additional References

References