Description
Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104.
References (9)
Core 9
Core References
Vendor Advisory x_refsource_confirm
http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2638
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32234
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018449
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26190
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/474602/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25051
Broken Link third-party-advisory
x_refsource_iss
http://www.iss.net/threats/272.html
Vendor Advisory x_refsource_confirm
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809
Scores
EPSS
0.2182
EPSS Percentile
95.8%
Details
Status
published
Products (43)
broadcom/advantage_data_transport
3.0
broadcom/brightstor_portal
11.1
broadcom/brightstor_san_manager
11.1
broadcom/brightstor_san_manager
11.5
broadcom/cleverpath_aion
10.0
broadcom/cleverpath_ecm
3.5
broadcom/cleverpath_olap
5.1
broadcom/cleverpath_predictive_analysis_server
2.0
broadcom/cleverpath_predictive_analysis_server
3.0
broadcom/etrust_admin
8.0
... and 33 more
Published
Jul 26, 2007
Tracked Since
Feb 18, 2026