Vulnerability Description
Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: this might overlap CVE-2011-1389.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Flexerasoftware | Flexnet Publisher | 11.10 |
Related Weaknesses (CWE)
References
- http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docVendor Advisory
- http://secunia.com/advisories/45615Vendor Advisory
- http://www.flexerasoftware.com/pl/13057.htmPatchVendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg21577760
- http://www.securityfocus.com/bid/49191
- http://www.zerodayinitiative.com/advisories/ZDI-11-272/
- http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docVendor Advisory
- http://secunia.com/advisories/45615Vendor Advisory
- http://www.flexerasoftware.com/pl/13057.htmPatchVendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg21577760
- http://www.securityfocus.com/bid/49191
- http://www.zerodayinitiative.com/advisories/ZDI-11-272/
FAQ
What is CVE-2011-4135?
CVE-2011-4135 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allow remote attackers to execute arbitrary code via vectors related to sa...
How severe is CVE-2011-4135?
CVE-2011-4135 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-4135?
Check the references section above for vendor advisories and patch information. Affected products include: Flexerasoftware Flexnet Publisher.