Vulnerability Name: CVE-2007-2239 (CCN-34133) Assigned: 2007-05-07 Published: 2007-05-07 Updated: 2017-07-29 Summary: Stack-based buffer overflow in the SaveBMP method in the AXIS Camera Control (aka CamImage) ActiveX control before 2.40.0.0 in AxisCamControl.ocx in AXIS 2100, 2110, 2120, 2130 PTZ, 2420, 2420-IR, 2400, 2400+, 2401, 2401+, 2411, and Panorama PTZ allows remote attackers to cause a denial of service (Internet Explorer crash) or execute arbitrary code via a long argument. CVSS v3 Severity: 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): HighPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 7.3 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C 6.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): HighAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: MITRECVE-2007-2239 35602 AXIS Camera Control "SaveBMP()" Method Buffer Overflow 25093 AXIS Camera Control ActiveX Update http://www.axis.com/techsup/software/acc/files/acc_security_update_1_00.pdf Axis Communications - AXIS Camera Control Support Axis Communications CamImage ActiveX control stack buffer overflow VU#355809 AXIS Camera Control (aka CamImage) AxisCamControl.ocx ActiveX SaveBMP Method Overflow 23816 Axis Camera Control ActiveX Control AxisCamControl.OCX Remote Buffer Overflow Vulnerability ADV-2007-1663 axis-activex-savebmp-bo(34133) axis-activex-savebmp-bo(34133) Vulnerable Configuration: Configuration 1 :cpe:/h:axis:2100_network_camera:*:*:*:*:*:*:*:* (Version <= 2.39)OR cpe:/h:axis:2110_network_camera:*:*:*:*:*:*:*:* (Version <= 2.39) OR cpe:/h:axis:2120_network_camera:*:*:*:*:*:*:*:* (Version <= 2.39) OR cpe:/h:axis:2130_ptz_network_camera:*:*:*:*:*:*:*:* (Version <= 2.39) OR cpe:/h:axis:2400_video_server:*:*:*:*:*:*:*:* (Version <= 2.39) OR cpe:/h:axis:2401_video_server:*:*:*:*:*:*:*:* (Version <= 2.39) OR cpe:/h:axis:2411_video_server:*:*:*:*:*:*:*:* (Version <= 2.39) OR cpe:/h:axis:2420-ir_network_camera:*:*:*:*:*:*:*:* (Version <= 2.39) OR cpe:/h:axis:2420_network_camera:*:*:*:*:*:*:*:* (Version <= 2.39) OR cpe:/h:axis:panorama_ptz_camera:*:*:*:*:*:*:*:* (Version <= 2.39) Configuration CCN 1 :cpe:/h:axis:2100_network_camera:2.39:*:*:*:*:*:*:* OR cpe:/h:axis:2110_network_camera:2.39:*:*:*:*:*:*:* OR cpe:/h:axis:2120_network_camera:2.39:*:*:*:*:*:*:* OR cpe:/h:axis:2130_ptz_network_camera:2.39:*:*:*:*:*:*:* OR cpe:/h:axis:2400_video_server:2.39:*:*:*:*:*:*:* OR cpe:/h:axis:2401_video_server:2.39:*:*:*:*:*:*:* OR cpe:/h:axis:2420-ir_network_camera:2.39:*:*:*:*:*:*:* OR cpe:/h:axis:2420_network_camera:2.39:*:*:*:*:*:*:* OR cpe:/h:axis:panorama_ptz_camera:2.39:*:*:*:*:*:*:* OR cpe:/h:axis:2411_video_server:2.39:*:*:*:*:*:*:* BACK
axis 2100 network camera *
axis 2110 network camera *
axis 2120 network camera *
axis 2130 ptz network camera *
axis 2400 video server *
axis 2401 video server *
axis 2411 video server *
axis 2420-ir network camera *
axis 2420 network camera *
axis panorama ptz camera *
axis 2100 network camera 2.39
axis 2110 network camera 2.39
axis 2120 network camera 2.39
axis 2130 ptz network camera 2.39
axis 2400 video server 2.39
axis 2401 video server 2.39
axis 2420-ir network camera 2.39
axis 2420 network camera 2.39
axis panorama ptz camera 2.39
axis 2411 video server 2.39
Denotes that component is vulnerable