Honeywell OPOS Suite Multiple ActiveX Controls Open Method Stack Buffer Overflow (CVE-2014-8269)

A buffer overflow vulnerability has been reported in Honeywell OPOS Suite. The vulnerability is due to improper bounds checking while processing the Open method calls within the HWOPOSScale.ocx ActiveX control and the HWOPOSSCANNER.ocx ActiveX control. An attacker can exploit this vulnerability b...

Honeywell PoS Software Vulnerable to Stack Buffer Overflows

There are stack buffer overflows in two components of a Honeywell point-of-sale software package that can allow attackers to run arbitrary code on vulnerable systems. The vulnerabilities lie in the HWOPOSScale.ocx and HWOPOSSCANNER.ocx components of Honeywell’s OLE for Retail Point-of-Sale packag...

CVE-2014-8269

Honeywell OPOS Suite (pre-1.13.4.15) contains two ActiveX controls, HWOPOSScale.ocx and HWOPOSSCANNER.ocx, with a stack-based buffer overflow in the Open method. The flaw does not validate the length of an attacker-supplied string before copying into a fixed-size stack buffer, enabling remote cod...

Honeywell OPOS Suite HWOPOSScale.ocx Open Method Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Honeywell OPOS Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...