Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2007-2239

Published: May 07, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2007-2239
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

Stack-based buffer overflow in the SaveBMP method in the AXIS Camera Control (aka CamImage) ActiveX control before 2.40.0.0 in AxisCamControl.ocx in AXIS 2100, 2110, 2120, 2130 PTZ, 2420, 2420-IR, 2400, 2400+, 2401, 2401+, 2411, and Panorama PTZ allows remote attackers to cause a denial of service (Internet Explorer crash) or execute arbitrary code via a long argument.

Affected Software

Name Vendor Start Version End Version
2100_network_camera Axis * 2.39 (including)
2110_network_camera Axis * 2.39 (including)
2120_network_camera Axis * 2.39 (including)
2130_ptz_network_camera Axis * 2.39 (including)
2400_video_server Axis * 2.39 (including)
2401_video_server Axis * 2.39 (including)
2411_video_server Axis * 2.39 (including)
2420-ir_network_camera Axis * 2.39 (including)
2420_network_camera Axis * 2.39 (including)
Panorama_ptz_camera Axis * 2.39 (including)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use