CVE-2019-8960
Summary
| CVE | CVE-2019-8960 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-04-21 15:15:00 UTC |
| Updated | 2020-04-28 19:42:00 UTC |
| Description | A Denial of Service vulnerability related to command handling has been identified in FlexNet Publisher lmadmin.exe version 11.16.2. The message reading function used in lmadmin.exe can, given a certain message, call itself again and then wait for a further message. With a particular flag set in the original message, but no second message received, the function eventually return an unexpected value which leads to an exception being thrown. The end result can be process termination. |
Risk And Classification
Problem Types: CWE-754
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Flexera | Flexnet Publisher | 11.16.2 | All | All | All |
| Application | Flexera | Flexnet Publisher | 11.16.2 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-2019-8960 remediated in FlexNet Publisher - Community | CONFIRM | community.flexera.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.