CVE-2018-20033

A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier could allow a remote attacker to corrupt the memory by allocating / deallocating memory, loading lmgrd or the vendor daemon and causing the heartbeat between lmgrd and the vendor daemon to stop. This would force the vendor daemon to shut down. No exploit of this vulnerability has been demonstrated.
Configurations

Configuration 1 (hide)

cpe:2.3:a:flexera:flexnet_publisher:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:oracle:communications_lsms:*:*:*:*:*:*:*:*

History

18 Apr 2022, 14:27

Type Values Removed Values Added
References (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory
References (SECUNIA) https://secuniaresearch.flexerasoftware.com/advisories/85979/ - Permissions Required, Third Party Advisory (SECUNIA) https://secuniaresearch.flexerasoftware.com/advisories/85979/ - Not Applicable, Vendor Advisory
References (BID) http://www.securityfocus.com/bid/109155 - (BID) http://www.securityfocus.com/bid/109155 - Broken Link
CWE CWE-119 CWE-770
CPE cpe:2.3:a:oracle:communications_lsms:*:*:*:*:*:*:*:*

20 Oct 2021, 11:15

Type Values Removed Values Added
References
  • (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html -

Information

Published : 2019-02-25 20:29

Updated : 2024-02-04 20:03


NVD link : CVE-2018-20033

Mitre link : CVE-2018-20033

CVE.ORG link : CVE-2018-20033


JSON object : View

Products Affected

oracle

  • communications_lsms

flexera

  • flexnet_publisher
CWE
CWE-770

Allocation of Resources Without Limits or Throttling