This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- FlexNet Publisher
- :
- FlexNet Publisher Knowledge Base
- :
- CVE-2019-8961 remediated in FlexNet Publisher
Subscribe
- Mark as New
- Mark as Read
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
CVE-2019-8961 remediated in FlexNet Publisher
CVE-2019-8961 remediated in FlexNet Publisher
Summary
A Denial of Service vulnerability related to stack exhaustion has been identified in FlexNet Publisher lmadmin.exe 11.16.2. Please see the Symptoms section for more details.
If you do not distribute lmadmin to your customers, there is no further action on your part. If you do, you must distribute to those same customers the security update mentioned in the Resolution section of this article.
This security vulnerability has been assigned the CVE ID number of CVE-2019-8961.
Symptoms
Because the message reading function calls itself recursively given a certain condition in the received message, an unauthenticated remote attacker can repeatedly send messages of that type to cause a stack exhaustion condition.
Resolution
The FlexNet Publisher 2019 R3 SP1 (11.16.5.1) addresses the security vulnerability and is available from Flexera’s Product and License Center.
We advise all FlexNet Publisher customers update lmadmin.exe to FlexNet Publisher 11.16.5.1.
No ratings