CVE-2007-0060

critical

Description

Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/32234

http://www.vupen.com/english/advisories/2007/2638

http://www.securitytracker.com/id?1018449

http://www.securityfocus.com/bid/25051

http://www.securityfocus.com/archive/1/474602/100/0/threaded

http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809

http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp

http://secunia.com/advisories/26190

Details

Source: Mitre, NVD

Published: 2007-07-26

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical