Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-2010
HistoryDec 14, 2011 - 12:55 a.m.

CVE-2011-2010

2011-12-1400:55:01
CWE-264
[email protected]
web.nvd.nist.gov
2

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0

Percentile

9.5%

JSON

The Microsoft Office Input Method Editor (IME) for Simplified Chinese in Microsoft Pinyin IME 2010, Office Pinyin SimpleFast Style 2010, and Office Pinyin New Experience Style 2010 does not properly restrict access to configuration options, which allows local users to gain privileges via the Microsoft Pinyin (aka MSPY) IME toolbar, aka โ€œPinyin IME Elevation Vulnerability.โ€

Affected configurations

Nvd
Node
microsoftpinyin_imeMatch2010x64
OR
microsoftpinyin_imeMatch2010x86
OR
microsoftpinyin_new_experience_styleMatch2010x64
OR
microsoftpinyin_new_experience_styleMatch2010x86
OR
microsoftpinyin_simple_fast_styleMatch2010x64
OR
microsoftpinyin_simple_fast_styleMatch2010x86
VendorProductVersionCPE
microsoftpinyin_ime2010cpe:2.3:a:microsoft:pinyin_ime:2010:*:x64:*:*:*:*:*
microsoftpinyin_ime2010cpe:2.3:a:microsoft:pinyin_ime:2010:*:x86:*:*:*:*:*
microsoftpinyin_new_experience_style2010cpe:2.3:a:microsoft:pinyin_new_experience_style:2010:*:x64:*:*:*:*:*
microsoftpinyin_new_experience_style2010cpe:2.3:a:microsoft:pinyin_new_experience_style:2010:*:x86:*:*:*:*:*
microsoftpinyin_simple_fast_style2010cpe:2.3:a:microsoft:pinyin_simple_fast_style:2010:*:x64:*:*:*:*:*
microsoftpinyin_simple_fast_style2010cpe:2.3:a:microsoft:pinyin_simple_fast_style:2010:*:x86:*:*:*:*:*

Related

seebug 1
prion 1
cve 1
symantec 1
mskb 1
nessus 1
cvelist 1
openvas 2
securityvulns 1
seebug
seebug
Microsoftไธญๆ–‡่พ“ๅ…ฅ็ณป็ปŸ๏ผˆPinyin IME๏ผ‰ๆœฌๅœฐๆƒ้™ๆๅ‡ๆผๆดž(MS11-088)
2011-12-15 00:00:00
prion
prion
Privilege escalation
2011-12-14 00:55:00
cve
cve
CVE-2011-2010
2011-12-14 00:55:01
symantec
symantec
Microsoft Pinyin IME (CVE-2011-2010) Local Privilege Escalation Vulnerability
2011-12-13 00:00:00
mskb
mskb
MS11-088: Vulnerability in Microsoft Office IME (Chinese) could allow elevation of privilege: December 13, 2011
2011-12-13 00:00:00
nessus
nessus
MS11-088: Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016)
2011-12-13 00:00:00
cvelist
cvelist
CVE-2011-2010
2011-12-14 00:00:00
openvas
openvas
Microsoft Office IME (Chinese) Privilege Elevation Vulnerability (2652016)
2011-12-14 00:00:00
Microsoft Office IME (Chinese) Privilege Elevation Vulnerability (2652016)
2011-12-14 00:00:00
securityvulns
securityvulns
Microsoft Office multiple security vulnerabilities
2011-12-15 00:00:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0

Percentile

9.5%

JSON
Related for NVD:CVE-2011-2010
seebug1prion1cve1symantec1mskb1nessus1cvelist1openvas2securityvulns1