### [CVE-2016-10395](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10395)
![](https://img.shields.io/static/v1?label=Product&message=FlexNet%20Publisher&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Versions%20before%20Luton%20SP1%20(11.14.1.1)%20running%20FlexNet%20Publisher%20Licensing%20Service%20on%20Windows%20platform%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Out-of-bounds%20memory%20read%20access%20leading%20to%20local%20user%20privilege%20escalation&color=brightgreen)

### Description

In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute arbitrary code with SYSTEM privileges.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cve-scores