CVE-2007-2239

Name: CVE-2007-2239
Creator: NVD / NIST
Published: 2007-05-07T19:19:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 11.81%

Last modified Jun 16, 2026

CVE-2007-2239 is a vulnerability of currently unknown severity. Stack-based buffer overflow in the SaveBMP method in the AXIS Camera Control (aka CamImage) ActiveX control before 2.40.0.0 in AxisCamControl.ocx in AXIS 2100, 2110, 2120, 2130 PTZ, 2420, 2420-IR, 2400, 2400+, 2401, 2401+, 2411, and Panorama PTZ allows remote attackers to cause a denial of service (Internet Explorer crash) or execute arbitrary code via a long argument.. EPSS estimates a 11.81% chance of exploitation in the next 30 days.

Description

Stack-based buffer overflow in the SaveBMP method in the AXIS Camera Control (aka CamImage) ActiveX control before 2.40.0.0 in AxisCamControl.ocx in AXIS 2100, 2110, 2120, 2130 PTZ, 2420, 2420-IR, 2400, 2400+, 2401, 2401+, 2411, and Panorama PTZ allows remote attackers to cause a denial of service (Internet Explorer crash) or execute arbitrary code via a long argument.

Metrics

EPSS Probability

11.81%

95.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Axis	2100 Network Camera	<= 2.39
Axis	2110 Network Camera	<= 2.39
Axis	2120 Network Camera	<= 2.39
Axis	2130 Ptz Network Camera	<= 2.39
Axis	2400 Video Server	<= 2.39
Axis	2401 Video Server	<= 2.39
Axis	2411 Video Server	<= 2.39
Axis	2420-Ir Network Camera	<= 2.39
Axis	2420 Network Camera	<= 2.39
Axis	Panorama Ptz Camera	<= 2.39

References

http://osvdb.org/35602
http://secunia.com/advisories/25093Patch, Vendor Advisory
http://www.axis.com/techsup/software/acc/files/acc_security_update_1_00.pdfVendor Advisory
http://www.kb.cert.org/vuls/id/355809US Government Resource
http://www.securityfocus.com/bid/23816
http://www.vupen.com/english/advisories/2007/1663
https://exchange.xforce.ibmcloud.com/vulnerabilities/34133
http://osvdb.org/35602
http://secunia.com/advisories/25093Patch, Vendor Advisory
http://www.axis.com/techsup/software/acc/files/acc_security_update_1_00.pdfVendor Advisory
http://www.kb.cert.org/vuls/id/355809US Government Resource
http://www.securityfocus.com/bid/23816
http://www.vupen.com/english/advisories/2007/1663
https://exchange.xforce.ibmcloud.com/vulnerabilities/34133

Timeline

Published: May 7, 2007
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2007-2239?

How severe is CVE-2007-2239?

Severity scoring for CVE-2007-2239 is pending analysis. The EPSS model estimates a 11.81% probability of exploitation in the next 30 days.

How do I fix CVE-2007-2239?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-2239?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST