Lucene search

[email protected]CVE-2014-7895

HistoryMar 09, 2015 - 5:59 p.m.

CVE-2014-7895

2015-03-0917:59:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2014-7895

ole

point of sale

opos

hp point of sale

windows

remote code execution

oposcashdrawer.ocx

pusb thermal receipt printers

serialusb thermal receipt printers

hybrid pos printers

micr

value pusb receipt printers

value serial/usb receipt printers

usb standard duty cash drawers

zdi-can-2505

nvd

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.947 High

EPSS

Percentile

99.3%

JSON

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCashDrawer.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, Value Serial/USB Receipt printers, and USB Standard Duty cash drawers, aka ZDI-CAN-2505.

CPENameOperatorVersion
hp:ole_point_of_sale_driverhp ole point of sale driverle1.13.001

CPE	Name	Operator	Version
hp:ole_point_of_sale_driver	hp ole point of sale driver	le	1.13.001

References

www.securitytracker.com/id/1031840

h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04583185

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.947 High

EPSS

Percentile

99.3%

JSON

Related for CVE-2014-7895

zdi1 prion1 cvelist1 nessus1 securityvulns2