Vulnerability Details : CVE-2007-0060
Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2007-0060
Probability of exploitation activity in the next 30 days: 91.94%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-0060
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2007-0060
-
http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp
Vendor Advisory
-
http://www.securitytracker.com/id?1018449
Third Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/32234
Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/archive/1/474602/100/0/threaded
-
http://www.vupen.com/english/advisories/2007/2638
Third Party Advisory
-
http://www.iss.net/threats/272.html
Broken Link
-
http://www.securityfocus.com/bid/25051
Third Party Advisory;VDB Entry
-
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809
Vendor Advisory
Products affected by CVE-2007-0060
- cpe:2.3:a:ca:unicenter_management:4.0:*:lotus_notes_domino:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_management:4.0:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_management:4.1:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_management:5.0.1:*:web_servers:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_management:5.0:*:web_servers:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_tng:2.2:*:*:ja:*:*:*:*
- cpe:2.3:a:ca:unicenter_asset_management:4.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:ca:etrust_admin:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ca:etrust_admin:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:ca:etrust_admin:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ca:etrust_admin:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_software_delivery:4.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_remote_control:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_remote_control:6.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_tng:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_tng:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_tng:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_tng:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_asset_management:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_asset_management:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp1:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_asset_management:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp2:*:*:*:*:*:*
- cpe:2.3:a:broadcom:cleverpath_olap:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_admin:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_data_transport_option:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:cleverpath_ecm:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_jasmine:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_software_delivery:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_software_delivery:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:broadcom:advantage_data_transport:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_service_level_management:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_service_level_management:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:cleverpath_aion:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_nsm_wireless_network_management_option:3.0:*:*:*:*:*:*:*