PT-2009-4480 · Ca · Ca It Client Manager+4
Orlando Padilla
+1
·
Published
2009-08-10
·
Updated
2018-10-10
·
CVE-2009-2026
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
CA Software Delivery versions r11.2 C1 through r11.2 SP4
Unicenter Software Delivery version 4.0 C3
CA Advantage Data Transport version 3.0 C1
CA IT Client Manager version r12
Description
The issue is a stack-based buffer overflow in the dtscore library, specifically in a token searching function within Data Transport Services. This allows remote attackers to execute arbitrary code via crafted data.
Recommendations
For CA Software Delivery versions r11.2 C1 through r11.2 SP4, update to a version that includes a fix for the buffer overflow issue in the dtscore library.
For Unicenter Software Delivery version 4.0 C3, update to a version that includes a fix for the buffer overflow issue in the dtscore library.
For CA Advantage Data Transport version 3.0 C1, update to a version that includes a fix for the buffer overflow issue in the dtscore library.
For CA IT Client Manager version r12, update to a version that includes a fix for the buffer overflow issue in the dtscore library.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ca Advantage Data Transport
Ca It Client Manager
Ca Software Delivery
Unicenter Software Delivery
Dtscore Library