CVE-2014-7892

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2014-7892
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2015-03-09 17:59:00 UTC
Updated2019-10-09 23:12:00 UTC
DescriptionThe OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMSR.ocx for Mini MSR magnetic stripe readers, Retail Integrated Dual-Head MSR magnetic stripe readers, Integrated Single Head MSR w/o SRED magnetic stripe readers, Integrated Single Head w/o MSR SRED magnetic stripe readers, RP7 Single Head MSR w/o SRED magnetic stripe readers, POS keyboards, and POS keyboards with MSR, aka ZDI-CAN-2508.

Risk And Classification

Problem Types: NVD-CWE-noinfo

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Hardware Hp Integrated Single Head Msr W/o Sred J1a33aa All All All All
Hardware Hp Integrated Single Head Msr W/o Sred J1a33aa All All All All
Hardware Hp Integrated Single Head Msr W/o Sred J1a33aa All All All All
Hardware Hp Integrated Single Head W/o Msr Sred J1a34aa All All All All
Hardware Hp Integrated Single Head W/o Msr Sred J1a34aa All All All All
Hardware Hp Integrated Single Head W/o Msr Sred J1a34aa All All All All
Hardware Hp Mini Msr Fk186aa All All All All
Hardware Hp Mini Msr Fk186aa All All All All
Application Hp Ole Point Of Sale Driver All All All All
Hardware Hp Pos Keyboard Fk221aa - All All All
Hardware Hp Pos Keyboard Fk221aa - All All All
Hardware Hp Pos Keyboard With Msr Fk218aa - All All All
Hardware Hp Pos Keyboard With Msr Fk218aa - All All All
Hardware Hp Retail Integrated Dual-head Msr Qz673aa All All All All
Hardware Hp Retail Integrated Dual-head Msr Qz673aa All All All All
Hardware Hp Rp7 Single Head Msr W/o Sred K1k15aa All All All All
Hardware Hp Rp7 Single Head Msr W/o Sred K1k15aa All All All All
Hardware Hp Rp7 Single Head Msr W/o Sred K1k15aa All All All All

References

ReferenceSourceLinkTags
SSRT101692 HP h20564.www2.hp.com Vendor Advisory
HP Point of Sale PCs Have Unspecified Bugs That Let Remote Users Execute Arbitrary Code - SecurityTracker SECTRACK www.securitytracker.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report