Vulnerability Description
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSLineDisplay.ocx for Retail RP7 VFD Customer Display monitors, Retail Integrated 2x20 Display monitors, Retail Integrated 2x20 Complex monitors, POS Pole Display monitors, Graphical POS Pole Display monitors, and LCD Pole Display monitors, aka ZDI-CAN-2511.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Ole Point Of Sale Driver | <= 1.13.001 |
| Hp | Graphical Pos Pole Display Qz704Aa | All versions |
| Hp | Lcd Pole Display F7A93Aa | All versions |
| Hp | Pos Pole Display Fk225Aa | All versions |
| Hp | Retail Integrated 2X20 Complex G7G29Aa | All versions |
| Hp | Retail Integrated 2X20 Display G6U79Aa | All versions |
| Hp | Retail Rp7 Vfd Customer Display Qz701Aa | All versions |
References
- http://www.securitytracker.com/id/1031840
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c0Vendor Advisory
- http://www.securitytracker.com/id/1031840
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c0Vendor Advisory
FAQ
What is CVE-2014-7889?
CVE-2014-7889 is a vulnerability with a CVSS score of 10.0 (HIGH). The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSLineDisplay.ocx for Retail RP7 VFD Custo...
How severe is CVE-2014-7889?
CVE-2014-7889 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-7889?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Ole Point Of Sale Driver, Hp Graphical Pos Pole Display Qz704Aa, Hp Lcd Pole Display F7A93Aa, Hp Pos Pole Display Fk225Aa, Hp Retail Integrated 2X20 Complex G7G29Aa.