IBM CICS Transaction Server 3.1, 3.2, 4.1, 4.2, and 5.1 on z/OS does not properly implement CEMT transactions, which allows remote authenticated users to cause a denial of service (storage overlay) by using a 3270 emulator to send an invalid 3270 data stream.
https://exchange.xforce.ibmcloud.com/vulnerabilities/93338
http://www.securityfocus.com/bid/67944
http://www-01.ibm.com/support/docview.wss?uid=swg21675195
http://www-01.ibm.com/support/docview.wss?uid=swg1PI16727
http://www-01.ibm.com/support/docview.wss?uid=swg1PI16726