CVE-2016-10395

Name of the Vulnerable Software and Affected Versions FlexNet Publisher versions before 11.14.1.1 (Luton SP1)

Description The issue is caused by a boundary error related to a named pipe within the FlexNet Publisher Licensing Service, which can be exploited to cause an out-of-bounds memory read access and subsequently execute arbitrary code with SYSTEM privileges. This can allow a remote attacker to execute arbitrary code with system privileges.

Recommendations For versions before 11.14.1.1 (Luton SP1), update to Luton SP1 (11.14.1.1) or later to resolve the issue. As a temporary workaround, consider restricting access to the FlexNet Publisher Licensing Service to minimize the risk of exploitation.