5 results (0.021 seconds)

CVSS: 10.0EPSS: 36%CPEs: 7EXPL: 0

Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager r12 allows remote attackers to execute arbitrary code via crafted data. Desbordamiento de búfer basado en pila en la función de búsqueda de "token" (testigo) en la librería dtscore de los servicios Data Transport Services de CA Software Delivery r11.2 C1, C2, C3, y SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; y CA IT Client Manager r12. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates Unicenter Software Delivery. Authentication is not required to exploit this vulnerability. The specific flaw resides in the dtscore.dll library. The vulnerability is exposed through multiple processes listening on multiple ports. • http://osvdb.org/56834 http://secunia.com/advisories/36142 http://securitytracker.com/id?1022688 http://www.securityfocus.com/archive/1/505557/100/0/threaded http://www.securityfocus.com/bid/35984 http://www.vupen.com/english/advisories/2009/2195 http://www.zerodayinitiative.com/advisories/ZDI-09-052 https://exchange.xforce.ibmcloud.com/vulnerabilities/52322 https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214090 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 91%CPEs: 52EXPL: 0

Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104. Desbordamiento de búfer basado en pila en Message Queuing Server (Cam.exe) en CA (formalmente Computer Associates) Message Queuing (CAM / CAFT) software anterior a 1.11 construccion 54_4 sobre Windows y NetWare, utilizado en CA Advantage Data Transport, eTrust Admin, ciertos productos BrightStor, ciertos productos CleverPath, y ciertos productos Unicenter, permite a atacantes remotos ejecutar código de su elección a través de un mensaje manipulado en el puerto TCP 3104. • http://secunia.com/advisories/26190 http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809 http://www.iss.net/threats/272.html http://www.securityfocus.com/archive/1/474602/100/0/threaded http://www.securityfocus.com/bid/25051 http://www.securitytracker.com/id?1018449 http://www.vupen.com/english/advisories/2007/2638 https://exchange.xforce.ibmcloud.com/vulnerabilities/32234 •

CVSS: 10.0EPSS: 1%CPEs: 62EXPL: 0

Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets. • http://secunia.com/advisories/16513 http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp http://www.osvdb.org/18917 http://www.securityfocus.com/bid/14623 http://www.vupen.com/english/advisories/2005/1482 http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32919 •

CVSS: 10.0EPSS: 95%CPEs: 62EXPL: 1

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors. • https://www.exploit-db.com/exploits/16825 http://secunia.com/advisories/16513 http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp http://www.kb.cert.org/vuls/id/619988 http://www.osvdb.org/18916 http://www.securityfocus.com/bid/14622 http://www.vupen.com/english/advisories/2005/1482 http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32919 - •

CVSS: 5.0EPSS: 1%CPEs: 57EXPL: 0

Unknown vulnerability in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows attackers to cause a denial of service via unknown vectors, aka the "CAM TCP port vulnerability." • http://secunia.com/advisories/16513 http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp http://www.osvdb.org/18915 http://www.securityfocus.com/bid/14621 http://www.vupen.com/english/advisories/2005/1482 http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32919 •