According to a security bulletin published by FrSIRT, the flaw in question is critical, and can lead to denial-of-service attacks and even the commandeering of the targeted system.
BTW - the error that makes all of this fun possible is (yet another) buffer overflow. (Maybe we should all start writing our representatives and demand that there be a federal "Developers: Check Your Inputs Day." It might help build some much needed awareness on a very old problem.)
This vulnerability is a big deal by itself, first because of the huge install-base of the affected products, and second because of the nature of these applications. Being able to compromise one of these systems in a corporation could make a quick stepping-stone to more crucial servers - especially considering how mushy-gushy most corporate network security is deep behind the DMZ.
What makes it more interesting, as Roger Thompson points out over at Exploit Prevention Labs is that a working attack exploit has been added to the NeoSploit attack framework.
CA has issued a patch.