CVE-2016-6273 Information

Description

The lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) before 2015 SP5 and 2016 before R1 SP1 as used by Citrix License Server for Windows before 11.14.0.1 and Citrix License Server VPX before 11.14.0.1 allows remote attackers to cause a denial of service (crash) via a type 2F packet with a ‘01 19’ opcode.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

http://support.citrix.com/article/CTX217430 http://www.securityfocus.com/bid/93450 http://www.securitytracker.com/id/1037008 https://www.tenable.com/security/research/tra-2016-29

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5