PT-2016-1312 · Flexnet · Flexnet Publisher

Rgkelley5

Published

2016-02-24

Updated

2018-08-07

CVE-2015-8277

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FlexNet Publisher versions prior to 11.13.1.2 Security Update 1

Description The issue is caused by multiple buffer overflows in the lmgrd and Vendor Daemon components of FlexNet Publisher. This allows remote attackers to execute arbitrary code via a crafted packet with opcode 0x107 or 0x10a.

Recommendations For versions prior to 11.13.1.2 Security Update 1, update to version 11.13.1.2 Security Update 1 to resolve the issue. As a temporary workaround, consider restricting access to the lmgrd and Vendor Daemon components to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2016-00610

CVE-2015-8277

Affected Products

Flexnet Publisher

PT-2016-1312 · Flexnet · Flexnet Publisher

CVE-2015-8277

Weakness Enumeration

Related Identifiers

Affected Products

References · 13