Lucene search

[email protected]CVE-2014-7891

HistoryMar 09, 2015 - 5:59 p.m.

CVE-2014-7891

2015-03-0917:59:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2014-7891

ole point of sale

opos drivers

hp point of sale

remote code execution

oposposkeyboard.ocx

pos keyboards

msr

zdi-can-2509

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.948 High

EPSS

Percentile

99.3%

JSON

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSPOSKeyboard.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2509.

CPENameOperatorVersion
hp:ole_point_of_sale_driverhp ole point of sale driverle1.13.001

CPE	Name	Operator	Version
hp:ole_point_of_sale_driver	hp ole point of sale driver	le	1.13.001

References

www.securitytracker.com/id/1031840

h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04583185

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.948 High

EPSS

Percentile

99.3%

JSON

Related for CVE-2014-7891

checkpoint_advisories1 prion1 zdi1 securityvulns2 nessus1