Security vulnerabilities in Computer Associates' message-queuing technology could expose corporate systems to denial-of-service and code execution attacks. All versions of the CAM / CAFT software prior to version 1.07 build 220_13 and 1.11 build 29_13 on multiple platforms are affected, the Islandia, N.Y.-based software maker said in an advisory Friday. The French Security Incident Response Team rates the issue as "critical"--its highest threat level.
There are three flaws in the technology, and CA is urging people to apply the available patches as soon as possible. Many CA products are affected, including Unicenter management software, eTrust security software, and BrightStor backup products, the company said.