CVE-2014-7890
Summary
| CVE | CVE-2014-7890 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-03-09 17:59:00 UTC |
| Updated | 2019-10-09 23:12:00 UTC |
| Description | The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSToneIndicator.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2510. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hp | Ole Point Of Sale Driver | All | All | All | All |
| Hardware | Hp | Pos Keyboard Fk221aa | All | All | All | All |
| Hardware | Hp | Pos Keyboard Fk221aa | All | All | All | All |
| Hardware | Hp | Pos Keyboard With Msr Fk218aa | All | All | All | All |
| Hardware | Hp | Pos Keyboard With Msr Fk218aa | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| HP Point of Sale PCs Have Unspecified Bugs That Let Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| SSRT101694 | HP | h20564.www2.hp.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.