IBM CICS Transaction Server 3.1, 3.2, 4.1, 4.2, and 5.1 on z/OS does not properly implement CEMT transactions, which allows remote authenticated users to cause a denial of service (storage overlay) by using a 3270 emulator to send an invalid 3270 data stream.
secunia.com/advisories/59242
www-01.ibm.com/support/docview.wss?uid=swg1PI16710
www-01.ibm.com/support/docview.wss?uid=swg1PI16726
www-01.ibm.com/support/docview.wss?uid=swg1PI16727
www-01.ibm.com/support/docview.wss?uid=swg21675195
www.securityfocus.com/bid/67944
exchange.xforce.ibmcloud.com/vulnerabilities/93338