CVE-2014-7895

Published: Mar 9, 2015Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCashDrawer.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, Value Serial/USB Receipt printers, and USB Standard Duty cash drawers, aka ZDI-CAN-2505.

Affected (1)

Products: Hp: Ole Point Of Sale Driver

1 product

Ole Point Of Sale Driver

Configuration A

1 vulnerable · 6 platform

Vulnerable Software	Affected Versions
Hp Ole Point Of Sale Driver	Up to 1.13.001

Running on/with	Platform Versions
Hp Hybrid Pos Printer With Micr Us Fk184aa	All versions
Hp Pusb Thermal Receipt Printer F7m67aa	All versions
Hp Pusb Thermal Receipt Printer Fk224aa	All versions
Hp Serialusb Thermal Receipt Printer Bm476aa	All versions
Hp Usb Standard Duty Cash Drawer E8e45aa	All versions
Hp Value Serial/usb Receipt Printer F7m66aa	All versions

References (4)

http://www.securitytracker.com/id/1031840

Source: hp-security-alert@hp.com

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04583185

Source: hp-security-alert@hp.com

Vendor Advisory

http://www.securitytracker.com/id/1031840

Source: af854a3a-2127-422b-91ae-364da2661108

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04583185

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.