CVE-2014-7892
First published: Mon Mar 09 2015(Updated: )
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMSR.ocx for Mini MSR magnetic stripe readers, Retail Integrated Dual-Head MSR magnetic stripe readers, Integrated Single Head MSR w/o SRED magnetic stripe readers, Integrated Single Head w/o MSR SRED magnetic stripe readers, RP7 Single Head MSR w/o SRED magnetic stripe readers, POS keyboards, and POS keyboards with MSR, aka ZDI-CAN-2508.
Credit: hp-security-alert@hp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hp Ole Point Of Sale Driver | <=1.13.001 | |
| Hp Integrated Single Head Msr W\/o Sred J1a33aa | ||
| Hp Integrated Single Head W\/o Msr Sred J1a34aa | ||
| Hp Mini Msr Fk186aa | ||
| Hp Pos Keyboard Fk221aa | ||
| Hp Pos Keyboard With Msr Fk218aa | ||
| Hp Retail Integrated Dual-head Msr Qz673aa | ||
| Hp Rp7 Single Head Msr W\/o Sred K1k15aa |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/hp
- canonical/hp ole point of sale driver
- version/hp ole point of sale driver/1.13.001
- canonical/hp integrated single head msr w\/o sred j1a33aa
- canonical/hp integrated single head w\/o msr sred j1a34aa
- canonical/hp mini msr fk186aa
- canonical/hp pos keyboard fk221aa
- canonical/hp pos keyboard with msr fk218aa
- canonical/hp retail integrated dual-head msr qz673aa
- canonical/hp rp7 single head msr w\/o sred k1k15aa