Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAriele Caltabiano (kimiya)ZDI-15-094
HistoryMar 12, 2015 - 12:00 a.m.

Hewlett-Packard POS Keyboard OPOS Drivers opostoneindicator.ocx Open Method Remote Code Execution Vulnerability

2015-03-1200:00:00
Ariele Caltabiano (kimiya)
www.zerodayinitiative.com
13

EPSS

0.952

Percentile

99.4%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard POS Keyboard OPOS Drivers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Open method in opostoneindicator.ocx. By supplying an overly long string to this method, an attacker can exploit this condition to achieve code execution under the context of the browser process.

Related

checkpoint_advisories 1
cvelist 1
cve 1
nvd 1
prion 1
securityvulns 2
nessus 1
checkpoint_advisories
checkpoint_advisories
HP Point of Sale OPOS Driver opostoneindicator.ocx Open Method Stack Buffer Overflow (CVE-2014-7890)
2015-03-30 00:00:00
cvelist
cvelist
CVE-2014-7890
2015-03-09 17:00:00
cve
cve
CVE-2014-7890
2015-03-09 17:59:02
nvd
nvd
CVE-2014-7890
2015-03-09 17:59:02
prion
prion
Code injection
2015-03-09 17:59:00
securityvulns
securityvulns
[security bulletin] HPSBHF03279 rev.1 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code
2015-03-16 00:00:00
HP Point of Sale multiple security vulnerabilities
2015-03-16 00:00:00
nessus
nessus
HP OPOS CCO Drivers RCE Vulnerabilities
2015-03-16 00:00:00

EPSS

0.952

Percentile

99.4%

JSON
Related for ZDI-15-094
checkpoint_advisories1cvelist1cve1nvd1prion1securityvulns2nessus1