06 Dec 2012
CA XCOM Data Transport r11
This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.
A vulnerability has been reported in CA XCOM Data Transport, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to the application not properly verifying certain requests and can be exploited to execute arbitrary commands.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in versions 11.0 and 11.5.
Apply patch (please see the vendor's advisory for details).
The vendor credits Jurgens van der Merwe and Junaid Loonat, SensePost.