MS13-075: Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2878687)

The version of Microsoft Office Input Method Editor Chinese installed on the remote host has a privilege escalation vulnerability. A local attacker could exploit this by utilizing the MSPY IME toolbar in an unspecified manner, resulting in arbitrary code execution in kernel mode. C Tenable Networ...

Microsoft Office Pinyin IME 2010本地权限提升漏洞(CVE-2013-3859)

BUGTRAQ ID: 62181 CVECAN ID: CVE-2013-3859 Microsoft Office Pinyin IME是微软开发的拼音输入方法。 Office 2010 中文版默认安装的MSPY IME（中文）没有正确开放某些配置选项，如果登录攻击者从 Microsoft Pinyin IME 简体中文版的工具栏中启动 Internet Explorer，则该漏洞可能允许特权提升。成功利用此漏洞的攻击者可以运行内核模式中的任意代码。 0 Microsoft Office 2010 Microsoft Pinyin IME 2010 厂商补丁： Microsoft...