CVE-2019-8960

A Denial of Service vulnerability related to command handling has been identified in FlexNet Publisher lmadmin.exe version 11.16.2. The message reading function used in lmadmin.exe can, given a certain message, call itself again and then wait for a further message. With a particular flag set in the original message, but no second message received, the function eventually return an unexpected value which leads to an exception being thrown. The end result can be process termination.
Configurations

Configuration 1 (hide)

cpe:2.3:a:flexera:flexnet_publisher:11.16.2:*:*:*:*:*:*:*

History

21 Nov 2024, 04:50

Type Values Removed Values Added
References () https://community.flexera.com/t5/FlexNet-Publisher-Knowledge-Base/CVE-2019-8960-remediated-in-FlexNet-Publisher/ta-p/124598/jump-to/first-unread-messageĀ - Vendor Advisory () https://community.flexera.com/t5/FlexNet-Publisher-Knowledge-Base/CVE-2019-8960-remediated-in-FlexNet-Publisher/ta-p/124598/jump-to/first-unread-messageĀ - Vendor Advisory

Information

Published : 2020-04-21 15:15

Updated : 2024-11-21 04:50


NVD link : CVE-2019-8960

Mitre link : CVE-2019-8960

CVE.ORG link : CVE-2019-8960


JSON object : View

Products Affected

flexera

  • flexnet_publisher
CWE
CWE-754

Improper Check for Unusual or Exceptional Conditions