CVE-2007-2239
published 2007-05-07CVE-2007-2239: Stack-based buffer overflow in the SaveBMP method in the AXIS Camera Control (aka CamImage) ActiveX control before 2.40.0.0 in AxisCamControl.ocx in AXIS 2100…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
EXPLOIT
Stack-based buffer overflow in the SaveBMP method in the AXIS Camera Control (aka CamImage) ActiveX control before 2.40.0.0 in AxisCamControl.ocx in AXIS 2100, 2110, 2120, 2130 PTZ, 2420, 2420-IR, 2400, 2400+, 2401, 2401+, 2411, and Panorama PTZ allows remote attackers to cause a denial of service (Internet Explorer crash) or execute arbitrary code via a long argument.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| axis | 2100_network_camera | <= 2.39 | — |
| axis | 2110_network_camera | <= 2.39 | — |
| axis | 2120_network_camera | <= 2.39 | — |
| axis | 2130_ptz_network_camera | <= 2.39 | — |
| axis | 2400_video_server | <= 2.39 | — |
| axis | 2401_video_server | <= 2.39 | — |
| axis | 2411_video_server | <= 2.39 | — |
| axis | 2420-ir_network_camera | <= 2.39 | — |
| axis | 2420_network_camera | <= 2.39 | — |
| axis | panorama_ptz_camera | <= 2.39 | — |