CVE-2009-2026

Name of the Vulnerable Software and Affected Versions CA Software Delivery versions r11.2 C1 through r11.2 SP4 Unicenter Software Delivery version 4.0 C3 CA Advantage Data Transport version 3.0 C1 CA IT Client Manager version r12

Description The issue is a stack-based buffer overflow in the dtscore library, specifically in a token searching function within Data Transport Services. This allows remote attackers to execute arbitrary code via crafted data.

Recommendations For CA Software Delivery versions r11.2 C1 through r11.2 SP4, update to a version that includes a fix for the buffer overflow issue in the dtscore library. For Unicenter Software Delivery version 4.0 C3, update to a version that includes a fix for the buffer overflow issue in the dtscore library. For CA Advantage Data Transport version 3.0 C1, update to a version that includes a fix for the buffer overflow issue in the dtscore library. For CA IT Client Manager version r12, update to a version that includes a fix for the buffer overflow issue in the dtscore library.