CVE-2014-7897

{"id": "CVE-2014-7897", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-03-09T17:59:08.500", "references": [{"url": "http://www.securitytracker.com/id/1031840", "source": "hp-security-alert@hp.com"}, {"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04583185", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04583185", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://www.securitytracker.com/id/1031840", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04583185", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04583185", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSScanner.ocx for Imaging Barcode scanners, Linear Barcode scanners, Presentation Barcode scanners, Retail Integrated Barcode scanners, Wireless Barcode scanners, and 2D Value Wireless scanners."}, {"lang": "es", "value": "Los controladores OLE Point of Sale (OPOS) anterior a 1.13.003 en los PCs de Windows HP Point of Sale permiten a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores que involucran OPOSScanner.ocx para los esc\u00e1neres Imaging Barcode, Linear Barcode, Presentation Barcode, Retail Integrated Barcode, Wireless Barcode, y 2D Value Wireless."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:ole_point_of_sale_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3BD6000-9ED7-4A61-A45D-030F2E428404", "versionEndIncluding": "1.13.001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:2d_value_wireless_scanner_k3l28aa:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "239075F7-7DC5-40AB-8899-D57F18A10DAA"}, {"criteria": "cpe:2.3:h:hp:imaging_barcode_scanner_bw868aa:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "22BF9354-B456-4C2B-BB6E-EC930265F933"}, {"criteria": "cpe:2.3:h:hp:linear_barcode_scanner_qy405aa:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6517DB2F-CB70-41B2-B5AA-C9411DF57BD3"}, {"criteria": "cpe:2.3:h:hp:presentation_barcode_scanner_qy439aa:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6679147A-5869-4FCC-997D-CB478748F530"}, {"criteria": "cpe:2.3:h:hp:retail_integrated_barcode_scanner_e1l07aa:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D5F9CE8E-20CA-458D-A561-40FC1EED8A0E"}, {"criteria": "cpe:2.3:h:hp:wireless_barcode_scanner_e6p34aa:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "25663873-D516-428F-AE62-1EF489EEA6C1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hp-security-alert@hp.com"}