Vulnerability Details : CVE-2007-0060
Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104.
Vulnerability category: OverflowExecute code
Products affected by CVE-2007-0060
- cpe:2.3:a:ca:unicenter_management:4.0:*:lotus_notes_domino:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_management:4.0:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_management:4.1:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_management:5.0.1:*:web_servers:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_management:5.0:*:web_servers:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_tng:2.2:*:*:ja:*:*:*:*
- cpe:2.3:a:ca:unicenter_asset_management:4.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:ca:etrust_admin:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ca:etrust_admin:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:ca:etrust_admin:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ca:etrust_admin:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_software_delivery:4.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_remote_control:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_remote_control:6.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_tng:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_tng:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_tng:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_tng:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_asset_management:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_asset_management:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp1:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_asset_management:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp2:*:*:*:*:*:*
- cpe:2.3:a:broadcom:cleverpath_olap:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_admin:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_data_transport_option:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:cleverpath_ecm:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_jasmine:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_software_delivery:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_software_delivery:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:broadcom:advantage_data_transport:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_service_level_management:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_service_level_management:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:cleverpath_aion:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:unicenter_nsm_wireless_network_management_option:3.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-0060
91.89%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-0060
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2007-0060
-
http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp
Vendor Advisory
-
http://www.securitytracker.com/id?1018449
Third Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/32234
Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/archive/1/474602/100/0/threaded
-
http://www.vupen.com/english/advisories/2007/2638
Third Party Advisory
-
http://www.iss.net/threats/272.html
Broken Link
-
http://www.securityfocus.com/bid/25051
Third Party Advisory;VDB Entry
-
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809
Vendor Advisory
Jump to