Current Description

Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104.

Basic Data

PublishedJuly 26, 2007
Last ModifiedOctober 16, 2018
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score9.3
Exploitability Score8.6
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.


  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationCaAdvantage Data Transport3.0*******
    2.3ApplicationCaBrightstor Portal11.1*******
    2.3ApplicationCaBrightstor San Manager11.1*******
    2.3ApplicationCaBrightstor San Manager11.5*******
    2.3ApplicationCaCleverpath Aion10.0*******
    2.3ApplicationCaCleverpath Ecm3.5*******
    2.3ApplicationCaCleverpath Olap5.1*******
    2.3ApplicationCaCleverpath Predictive Analysis Server2.0*******
    2.3ApplicationCaCleverpath Predictive Analysis Server3.0*******
    2.3ApplicationCaEtrust Admin2.1*******
    2.3ApplicationCaEtrust Admin2.4*******
    2.3ApplicationCaEtrust Admin2.7*******
    2.3ApplicationCaEtrust Admin2.9*******
    2.3ApplicationCaEtrust Admin8.0*******
    2.3ApplicationCaEtrust Admin8.1*******
    2.3ApplicationCaUnicenter Application Performance Monitor3.0*******
    2.3ApplicationCaUnicenter Application Performance Monitor3.5*******
    2.3ApplicationCaUnicenter Asset Management3.1*******
    2.3ApplicationCaUnicenter Asset Management3.2*******
    2.3ApplicationCaUnicenter Asset Management3.2sp1******
    2.3ApplicationCaUnicenter Asset Management3.2sp2******
    2.3ApplicationCaUnicenter Asset Management4.0*******
    2.3ApplicationCaUnicenter Asset Management4.0sp1******
    2.3ApplicationCaUnicenter Data Transport Option2.0*******
    2.3ApplicationCaUnicenter Enterprise Job Manager1.0sp1******
    2.3ApplicationCaUnicenter Enterprise Job Manager1.0sp2******
    2.3ApplicationCaUnicenter Jasmine3.0*******
    2.3ApplicationCaUnicenter Management4.0*lotus_notes_domino*****
    2.3ApplicationCaUnicenter Management4.0*microsoft_exchange*****
    2.3ApplicationCaUnicenter Management4.1*microsoft_exchange*****
    2.3ApplicationCaUnicenter Management5.0*web_servers*****
    2.3ApplicationCaUnicenter Management5.0.1*web_servers*****
    2.3ApplicationCaUnicenter Network And Systems Management3.0*******
    2.3ApplicationCaUnicenter Network And Systems Management3.1*******
    2.3ApplicationCaUnicenter Nsm Wireless Network Management Option3.0*******
    2.3ApplicationCaUnicenter Remote Control6.0*******
    2.3ApplicationCaUnicenter Remote Control6.0sp1******
    2.3ApplicationCaUnicenter Service Level Management3.0*******
    2.3ApplicationCaUnicenter Service Level Management3.0.1*******
    2.3ApplicationCaUnicenter Service Level Management3.0.2*******
    2.3ApplicationCaUnicenter Service Level Management3.5*******
    2.3ApplicationCaUnicenter Software Delivery3.0*******
    2.3ApplicationCaUnicenter Software Delivery3.1*******
    2.3ApplicationCaUnicenter Software Delivery3.1sp1******
    2.3ApplicationCaUnicenter Software Delivery3.1sp2******
    2.3ApplicationCaUnicenter Software Delivery4.0*******
    2.3ApplicationCaUnicenter Software Delivery4.0sp1******
    2.3ApplicationCaUnicenter Tng2.1*******
    2.3ApplicationCaUnicenter Tng2.2*******
    2.3ApplicationCaUnicenter Tng2.2**ja****
    2.3ApplicationCaUnicenter Tng2.4*******
    2.3ApplicationCaUnicenter Tng2.4.2*******

Vulnerable Software List

Ca Unicenter Remote Control 6.0
Ca Brightstor Portal 11.1
Ca Brightstor San Manager 11.1, 11.5
Ca Cleverpath Ecm 3.5
Ca Cleverpath Olap 5.1
Ca Cleverpath Predictive Analysis Server 2.0, 3.0
Ca Etrust Admin 2.1, 2.4, 2.7, 2.9, 8.0, 8.1
Ca Unicenter Application Performance Monitor 3.0, 3.5
Ca Unicenter Data Transport Option 2.0
Ca Unicenter Enterprise Job Manager 1.0
Ca Unicenter Jasmine 3.0
Ca Unicenter Management 4.0, 4.1, 5.0, 5.0.1
Ca Unicenter Tng 2.1, 2.2, 2.4, 2.4.2
Ca Unicenter Service Level Management 3.0, 3.0.1, 3.0.2, 3.5
Ca Unicenter Network And Systems Management 3.0, 3.1
Ca Unicenter Software Delivery 3.0, 3.1, 4.0
Ca Cleverpath Aion 10.0
Ca Unicenter Nsm Wireless Network Management Option 3.0
Ca Unicenter Asset Management 3.1, 3.2, 4.0
Ca Advantage Data Transport 3.0


26190 Party Advisory Advisory Advisory
20070724 CA Message Queuing Server (Cam.exe) Overflow Link
20070725 [CAID 35527]: CA Message Queuing (CAM / CAFT) Buffer Overflow Vulnerability
25051 Party Advisory VDB Entry
1018449 Party Advisory VDB Entry
ADV-2007-2638 Party Advisory
systems-management-bo(32234) Party Advisory VDB Entry