CVE-2014-7891
First published: Mon Mar 09 2015(Updated: )
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSPOSKeyboard.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2509.
Credit: hp-security-alert@hp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hp Ole Point Of Sale Driver | <=1.13.001 | |
| Hp Pos Keyboard Fk221aa | ||
| Hp Pos Keyboard With Msr Fk218aa |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-7891?
CVE-2014-7891 is considered a critical vulnerability due to its potential for remote code execution.
How do I fix CVE-2014-7891?
To fix CVE-2014-7891, update to the latest version of the OLE Point of Sale drivers, specifically version 1.13.003 or later.
What products are affected by CVE-2014-7891?
CVE-2014-7891 affects certain HP Point of Sale Windows PCs using vulnerable versions of the OLE Point of Sale drivers.
Can CVE-2014-7891 be exploited remotely?
Yes, CVE-2014-7891 can be exploited by remote attackers, allowing them to execute arbitrary code on affected systems.
What components are involved in CVE-2014-7891?
CVE-2014-7891 involves vulnerabilities in OPOSPOSKeyboard.ocx related to POS keyboards used in conjunction with HP systems.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/hp
- canonical/hp ole point of sale driver
- version/hp ole point of sale driver/1.13.001
- canonical/hp pos keyboard fk221aa
- canonical/hp pos keyboard with msr fk218aa