CVE-2014-3042 Information

Description

IBM CICS Transaction Server 3.1 3.2 4.1 4.2 and 5.1 on z/OS does not properly implement CEMT transactions which allows remote authenticated users to cause a denial of service (storage overlay) by using a 3270 emulator to send an invalid 3270 data stream.

Reference

http://secunia.com/advisories/59242 http://www.securityfocus.com/bid/67944 http://www-01.ibm.com/support/docview.wss?uid=swg1PI16710 http://www-01.ibm.com/support/docview.wss?uid=swg1PI16726 http://www-01.ibm.com/support/docview.wss?uid=swg1PI16727 http://www-01.ibm.com/support/docview.wss?uid=swg21675195 https://exchange.xforce.ibmcloud.com/vulnerabilities/93338