PT-2020-11340 · Flexera · Flexnet Publisher

Published

2020-04-21

Updated

2020-04-28

CVE-2019-8960

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions FlexNet Publisher lmadmin.exe version 11.16.2

Description A Denial of Service issue has been identified related to command handling. The message reading function in lmadmin.exe can call itself and wait for a further message. If a particular flag is set in the original message but no second message is received, the function returns an unexpected value, leading to an exception and potentially process termination.

Recommendations For FlexNet Publisher lmadmin.exe version 11.16.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

CVE-2019-8960

Affected Products

Flexnet Publisher

PT-2020-11340 · Flexera · Flexnet Publisher

CVE-2019-8960

Weakness Enumeration

Related Identifiers

Affected Products

References · 3