CA plugs holes in licensing software

Buffer overflow flaws in common component could let intruders run code on compromised machines.

Will Sturgeon Special to CNET News.com

March 2, 2005 12:59 p.m. PT

Software giant Computer Associates released patches on Wednesday for buffer overflow vulnerabilities in its licensing software.

The flaws affect a common component, which runs across a range of CA software on open-source, Microsoft Windows and Apple Computer's Mac platforms.

Simon Perry, a vice president in security strategy at CA, said the company has been working closely with eEye Digital Security and iDefense on identifying the vulnerabilities and testing the patches for robustness.

If exploited, the flaws could enable malicious third parties to run code on a compromised machine.

For full details on the patches and the vulnerabilities, CA advises all customers to visit its support page, where they can download patches.

Will Sturgeon of Silicon.com reported from London.