CAID 34509 - CA eTrust Antivirus WebScan versions 1.1.0.1047 and below are susceptible to arbitrary code execution flaws.
4cae55691ffcf0223d655c47bdca23e5fc91998a767f9a7caacd4f4169d4c5ff
CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability
07a837f7b40e2e601e9d01c4f63a3d737cdfa42056432e84c50f216b96451b95
CAID 34013 - A potential vulnerability issue exists in our CAIRIM LMP solution for z/OS. CAIRIM is delivered as part of CA's z/OS Common Services, and the LMP component provides licensing services to many of CA's z/OS solutions. IBM Global Services discovered an integrity problem, which could be exploited by an expert user of a z/OS system that utilizes CA's CAIRIM LMP component. We worked with IBM Global Services to understand the nature of the problem and to make certain that the remedy we have now provided addresses the problem completely.
25441e6a3e621cc379e0b1ebc1b28c21793d35d4bbe5423529a5dd2ede625cb1
The following two security vulnerability issues have been identified in the CA Message Queuing (CAM / CAFT) software: CAM is vulnerable to a Denial of Service (DoS) attack when a specially crafted message is received on TCP port 4105. CAM is vulnerable to a Denial of Service (DoS) through the spoofing of CAM control messages.
fa9bcf5733c36e27029a5ff78f5ff979acef14def6f47abd1743b7b6362823eb
The CA iGateway common component, which is included with several CA products for UNIX/Linux/Windows platforms, contains a buffer overflow vulnerability that can allow arbitrary code to be executed remotely with SYSTEM privileges on Windows, and cause iGateway component failure on UNIX and Linux platforms.
8409e14595803164e947c37dd2dfbb346cd4de292b503ce34d26b1d3bf7dc40d
The following security vulnerability issues have been identified in the DM Primer part of the DM Deployment Common Component being distributed with some CA products.
3bb77b73a739e829a3825d2e8abbaa2acbef94cd5a8a75f892c2a5e96d8e7d82
The Computer Associates iGateway common component, which is included with several CA products for UNIX/Linux/Windows platforms, contains a buffer overflow vulnerability that could allow remote attackers to execute arbitrary code on Windows platforms, or cause iGateway component failure (denial of service) on UNIX and Linux. The vulnerability is due to improper bounds checking on HTTP GET requests by the iGateway component when debug mode is enabled.
74bd732e56cce6be5894ef060731af97fd2aa0bfc7f55e97f70154c829339733
During a recent internal audit, CA discovered several vulnerability issues in the CA Message Queuing (CAM / CAFT) software. CA has made patches available for all affected users. These vulnerabilities affect all versions of the CA Message Queuing software prior to v1.07 Build 220_13 and v1.11 Build 29_13 on the platforms specified below.
d5bbb6c6ef69369d57bffbc7b601ba4afb4ce1009bb13cdc9ffd06f706f43207
Computer Associates BrightStor ARCserve Backup and BrightStor Enterprise Backup Agents for Windows contain a stack-based buffer overflow vulnerability. The vulnerability may allow remote attackers to execute arbitrary code with SYSTEM privileges, or cause a denial of service condition. The buffer overflow is the result of improper bounds checking performed on data sent to port 6070.
d0b86151caf4b31b313680362872830cbd81e6f29d1e165ddf1aea180174a2ed