CVE-2014-7890

Published: Mar 9, 2015Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSToneIndicator.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2510.

Affected (1)

Products: Hp: Ole Point Of Sale Driver

1 product

Ole Point Of Sale Driver

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Hp Ole Point Of Sale Driver	Up to 1.13.001

Running on/with	Platform Versions
Hp Pos Keyboard Fk221aa	All versions
Hp Pos Keyboard With Msr Fk218aa	All versions

References (4)

http://www.securitytracker.com/id/1031840

Source: hp-security-alert@hp.com

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04583185

Source: hp-security-alert@hp.com

Vendor Advisory

http://www.securitytracker.com/id/1031840

Source: af854a3a-2127-422b-91ae-364da2661108

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04583185

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.