A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier could allow a remote attacker to corrupt the memory by allocating / deallocating memory, loading lmgrd or the vendor daemon and causing the heartbeat between lmgrd and the vendor daemon to stop. This would force the vendor daemon to shut down. No exploit of this vulnerability has been demonstrated.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/109155 | Broken Link |
https://secuniaresearch.flexerasoftware.com/advisories/85979/ | Not Applicable Vendor Advisory |
https://www.oracle.com/security-alerts/cpuoct2021.html | Patch Third Party Advisory |
Configurations
History
18 Apr 2022, 14:27
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory | |
References | (SECUNIA) https://secuniaresearch.flexerasoftware.com/advisories/85979/ - Not Applicable, Vendor Advisory | |
References | (BID) http://www.securityfocus.com/bid/109155 - Broken Link | |
CWE | CWE-770 | |
CPE | cpe:2.3:a:oracle:communications_lsms:*:*:*:*:*:*:*:* |
20 Oct 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-02-25 20:29
Updated : 2024-02-04 20:03
NVD link : CVE-2018-20033
Mitre link : CVE-2018-20033
CVE.ORG link : CVE-2018-20033
JSON object : View
Products Affected
oracle
- communications_lsms
flexera
- flexnet_publisher
CWE
CWE-770
Allocation of Resources Without Limits or Throttling