CA has acted to patch security flaws in its CA Message Queuing software, which include allowing malicious attackers to trigger denial of service attacks in systems.
All CAM (CA Message Queuing) software prior to v1.07 Build 220_13 and v1.11 Build 29_13 on multiple platforms are vulnerable to attack, said CA.
One flaw opens the CAM TCP network port to potential denial of service attacks.
In addition, another flaw allows attackers to create a buffer overflow in the software to allow them to execute their own malicious code. A third vulnerability allows attackers to potentially take control of systems.
CAM is a messaging framework used for various CA applications, including CA Advantage Data Transport, CA CleverPath, CA BrightStor Portal, CA eTrust Admin and CA Unicenter.
The CA advisory on the flaws is available here: