Arbitrary Code Execution Vulnerability in FlexNet Publisher Licensing Service

Arbitrary Code Execution Vulnerability in FlexNet Publisher Licensing Service

CVE-2016-10395 · MEDIUM Severity

AV:L/AC:L/AU:S/C:C/I:C/A:C

In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute arbitrary code with SYSTEM privileges.

Learn more about our Web Application Penetration Testing UK.