Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAriele Caltabiano (kimiya)ZDI-15-101
HistoryMar 12, 2015 - 12:00 a.m.

Hewlett-Packard POS USB Line Display OPOS Drivers OPOSLineDisplay.ocx Open Method Remote Code Execution Vulnerability

2015-03-1200:00:00
Ariele Caltabiano (kimiya)
www.zerodayinitiative.com
15

EPSS

0.952

Percentile

99.4%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard POS USB Line Display OPOS Drivers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Open method in OPOSLineDisplay.ocx. By supplying an overly long string to this method, an attacker can exploit this condition to achieve code execution under the context of the browser process.

Related

cve 1
prion 1
nvd 1
cvelist 1
securityvulns 2
nessus 1
cve
cve
CVE-2014-7889
2015-03-09 17:59:01
prion
prion
Design/Logic Flaw
2015-03-09 17:59:00
nvd
nvd
CVE-2014-7889
2015-03-09 17:59:01
cvelist
cvelist
CVE-2014-7889
2015-03-09 17:00:00
securityvulns
securityvulns
[security bulletin] HPSBHF03279 rev.1 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code
2015-03-16 00:00:00
HP Point of Sale multiple security vulnerabilities
2015-03-16 00:00:00
nessus
nessus
HP OPOS CCO Drivers RCE Vulnerabilities
2015-03-16 00:00:00

EPSS

0.952

Percentile

99.4%

JSON
Related for ZDI-15-101
cve1prion1nvd1cvelist1securityvulns2nessus1