Peter Silberman

**Name of the Vulnerable Software and Affected Versions** CA Software Delivery versions r11.2 C1 through r11.2 SP4 Unicenter Software Delivery version 4.0 C3 CA Advantage Data Transport version 3.0 C1 CA IT Client Manager version r12 **Description** The issue is a stack-based buffer overflow in the dtscore library, specifically in a token searching function within Data Transport Services. This allows remote attackers to execute arbitrary code via crafted data. **Recommendations** For CA Software Delivery versions r11.2 C1 through r11.2 SP4, update to a version that includes a fix for the buffer overflow issue in the dtscore library. For Unicenter Software Delivery version 4.0 C3, update to a version that includes a fix for the buffer overflow issue in the dtscore library. For CA Advantage Data Transport version 3.0 C1, update to a version that includes a fix for the buffer overflow issue in the dtscore library. For CA IT Client Manager version r12, update to a version that includes a fix for the buffer overflow issue in the dtscore library.