{"api_version":"1","generated_at":"2026-04-23T22:08:23+00:00","cve":"CVE-2011-4135","urls":{"html":"https://cve.report/CVE-2011-4135","api":"https://cve.report/api/cve/CVE-2011-4135.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2011-4135","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2011-4135"},"summary":{"title":"CVE-2011-4135","description":"Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files.  NOTE: this might overlap CVE-2011-1389.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2012-01-19 19:55:00","updated_at":"2012-01-23 05:00:00"},"problem_types":["CWE-22"],"metrics":[],"references":[{"url":"http://www.zerodayinitiative.com/advisories/ZDI-11-272/","name":"http://www.zerodayinitiative.com/advisories/ZDI-11-272/","refsource":"MISC","tags":[],"title":"Zero Day Initiative","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=Q200975&sliceId=1","name":"http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=Q200975&sliceId=1","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Customer Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/49191","name":"49191","refsource":"BID","tags":[],"title":"FlexNet License Server Manager Remote Code Execution Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.flexerasoftware.com/pl/13057.htm","name":"http://www.flexerasoftware.com/pl/13057.htm","refsource":"CONFIRM","tags":["Patch","Vendor Advisory"],"title":"IT Management Software, Optimization & Solutions | Flexera","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.ibm.com/support/docview.wss?uid=swg21577760","name":"http://www.ibm.com/support/docview.wss?uid=swg21577760","refsource":"MISC","tags":[],"title":"Security Bulletin: Vulnerability in Rational License Key Server affecting both the license server, lmgrd, and the vendor daemon, ibmratl (CVE-2011-1389)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/45615","name":"45615","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"FlexNet Publisher License Manager Log File Upload Vulnerability - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2011-4135","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4135","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2011","cve_id":"4135","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"flexerasoftware","cpe5":"flexnet_publisher","cpe6":"11.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4135","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"flexerasoftware","cpe5":"flexnet_publisher","cpe6":"11.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2011-4135","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files.  NOTE: this might overlap CVE-2011-1389."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"45615","refsource":"SECUNIA","url":"http://secunia.com/advisories/45615"},{"name":"http://www.zerodayinitiative.com/advisories/ZDI-11-272/","refsource":"MISC","url":"http://www.zerodayinitiative.com/advisories/ZDI-11-272/"},{"name":"49191","refsource":"BID","url":"http://www.securityfocus.com/bid/49191"},{"name":"http://www.flexerasoftware.com/pl/13057.htm","refsource":"CONFIRM","url":"http://www.flexerasoftware.com/pl/13057.htm"},{"name":"http://www.ibm.com/support/docview.wss?uid=swg21577760","refsource":"MISC","url":"http://www.ibm.com/support/docview.wss?uid=swg21577760"},{"name":"http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=Q200975&sliceId=1","refsource":"CONFIRM","url":"http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=Q200975&sliceId=1"}]}},"nvd":{"publishedDate":"2012-01-19 19:55:00","lastModifiedDate":"2012-01-23 05:00:00","problem_types":["CWE-22"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":10},"severity":"HIGH","exploitabilityScore":10,"impactScore":10,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:flexerasoftware:flexnet_publisher:11.10:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2011","CveId":"4135","Ordinal":"51538","Title":"CVE-2011-4135","CVE":"CVE-2011-4135","Year":"2011"},"notes":[{"CveYear":"2011","CveId":"4135","Ordinal":"1","NoteData":"Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files.  NOTE: this might overlap CVE-2011-1389.","Type":"Description","Title":null},{"CveYear":"2011","CveId":"4135","Ordinal":"2","NoteData":"2012-01-19","Type":"Other","Title":"Published"}]}}}