CVE-2016-10395

CWE-119 — Buffer Overflow3 documents3 sources

Severity

7.8HIGH

EPSS

0.1%

top 78.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Flexerasoftware Flexnet Publisher Flexera Software LLC Flexnet Publisher

Timeline

PublishedJun 15

Latest updateMay 14

Description

In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute arbitrary code with SYSTEM privileges.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDflexerasoftware/flexnet_publisher11.14.1

▶CVEListV5flexera_software_llc/flexnet_publisherVersions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform

🔴Vulnerability Details

GHSA

GHSA-7937-g7xq-56g3: In FlexNet Publisher versions before Luton SP1 (11↗2022-05-14

▶

CVEList

CVE-2016-10395: In FlexNet Publisher versions before Luton SP1 (11↗2017-06-15

▶