CVE-2016-10395

HIGH

FlexNet Publisher < 11.14.1.1 - Out-of-Bounds Memory Read via Named Pipe

Title source: llm
STIX 2.1

Description

In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute arbitrary code with SYSTEM privileges.

Scores

CVSS v3 7.8
EPSS 0.0040
EPSS Percentile 32.2%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (2)
Flexera Software LLC/FlexNet Publisher Versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platfor
flexerasoftware/flexnet_publisher < 11.14.1
Published Jun 15, 2017
Tracked Since Feb 18, 2026