CVE-2007-0060

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2007-0060
StatePUBLISHED
Assignermitre
Source PriorityCVE Program / NVD first with legacy fallback
Published2007-07-26 00:30:00 UTC
Updated2026-04-23 00:35:47 UTC
DescriptionStack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104.

Risk And Classification

Primary CVSS: v2.0 9.3 from [email protected]

AV:N/AC:M/Au:N/C:C/I:C/A:C

Problem Types: NVD-CWE-Other | n/a

CVSS v2.0 Breakdown

Access Vector
Network
Access Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Application Broadcom Advantage Data Transport 3.0 All All All
Application Broadcom Brightstor Portal 11.1 All All All
Application Broadcom Brightstor San Manager 11.1 All All All
Application Broadcom Brightstor San Manager 11.5 All All All
Application Broadcom Cleverpath Aion 10.0 All All All
Application Broadcom Cleverpath Ecm 3.5 All All All
Application Broadcom Cleverpath Olap 5.1 All All All
Application Broadcom Cleverpath Predictive Analysis Server 2.0 All All All
Application Broadcom Cleverpath Predictive Analysis Server 3.0 All All All
Application Broadcom Etrust Admin 8.0 All All All
Application Broadcom Etrust Admin 8.1 All All All
Application Broadcom Unicenter Application Performance Monitor 3.0 All All All
Application Broadcom Unicenter Application Performance Monitor 3.5 All All All
Application Broadcom Unicenter Asset Management 3.1 All All All
Application Broadcom Unicenter Asset Management 3.2 All All All
Application Broadcom Unicenter Asset Management 3.2 sp1 All All
Application Broadcom Unicenter Asset Management 3.2 sp2 All All
Application Broadcom Unicenter Asset Management 4.0 All All All
Application Broadcom Unicenter Data Transport Option 2.0 All All All
Application Broadcom Unicenter Jasmine 3.0 All All All
Application Broadcom Unicenter Network And Systems Management 3.0 All All All
Application Broadcom Unicenter Network And Systems Management 3.1 All All All
Application Broadcom Unicenter Nsm Wireless Network Management Option 3.0 All All All
Application Broadcom Unicenter Remote Control 6.0 All All All
Application Broadcom Unicenter Remote Control 6.0 sp1 All All
Application Broadcom Unicenter Service Level Management 3.0 All All All
Application Broadcom Unicenter Service Level Management 3.0.1 All All All
Application Broadcom Unicenter Service Level Management 3.0.2 All All All
Application Broadcom Unicenter Service Level Management 3.5 All All All
Application Broadcom Unicenter Software Delivery 3.0 All All All
Application Broadcom Unicenter Software Delivery 3.1 All All All
Application Broadcom Unicenter Software Delivery 3.1 sp1 All All
Application Broadcom Unicenter Software Delivery 3.1 sp2 All All
Application Broadcom Unicenter Software Delivery 4.0 All All All
Application Broadcom Unicenter Tng 2.1 All All All
Application Broadcom Unicenter Tng 2.2 All All All
Application Broadcom Unicenter Tng 2.4 All All All
Application Broadcom Unicenter Tng 2.4.2 All All All
Application Ca Etrust Admin 2.1 All All All
Application Ca Etrust Admin 2.4 All All All
Application Ca Etrust Admin 2.7 All All All
Application Ca Etrust Admin 2.9 All All All
Application Ca Unicenter Asset Management 4.0 sp1 All All
Application Ca Unicenter Enterprise Job Manager 1.0 sp1 All All
Application Ca Unicenter Enterprise Job Manager 1.0 sp2 All All
Application Ca Unicenter Management 4.0 All lotus_notes_domino All
Application Ca Unicenter Management 4.0 All microsoft_exchange All
Application Ca Unicenter Management 4.1 All microsoft_exchange All
Application Ca Unicenter Management 5.0 All web_servers All
Application Ca Unicenter Management 5.0.1 All web_servers All
Application Ca Unicenter Software Delivery 4.0 sp1 All All
Application Ca Unicenter Tng 2.2 All All ja

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Na N/a affected n/a Not specified

References

ReferenceSourceLinkTags
CA Message Queuing Server (Cam.exe) Overflow af854a3a-2127-422b-91ae-364da2661108 www.iss.net Broken Link
eTrust Admin Buffer Overflow in Message Queuing Component Lets Remote Users Execute Arbitrary Code - SecurityTracker af854a3a-2127-422b-91ae-364da2661108 www.securitytracker.com Third Party Advisory, VDB Entry
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH af854a3a-2127-422b-91ae-364da2661108 www.vupen.com Third Party Advisory
CA Message Queuing (CAM / CAFT) Buffer Overflow Vulnerability - CA af854a3a-2127-422b-91ae-364da2661108 www.ca.com Vendor Advisory
Computer Associates Multiple Products Message Queuing Remote Stack Buffer Overflow Vulnerability af854a3a-2127-422b-91ae-364da2661108 www.securityfocus.com Third Party Advisory, VDB Entry
SecurityFocus af854a3a-2127-422b-91ae-364da2661108 www.securityfocus.com
supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp af854a3a-2127-422b-91ae-364da2661108 supportconnectw.ca.com Vendor Advisory
IBM X-Force Exchange af854a3a-2127-422b-91ae-364da2661108 exchange.xforce.ibmcloud.com Third Party Advisory, VDB Entry
CA Message Queuing Server Buffer Overflow Vulnerability - Advisories - Secunia af854a3a-2127-422b-91ae-364da2661108 secunia.com Third Party Advisory
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report