CVE-2011-2010
First published: Wed Dec 14 2011(Updated: )
The Microsoft Office Input Method Editor (IME) for Simplified Chinese in Microsoft Pinyin IME 2010, Office Pinyin SimpleFast Style 2010, and Office Pinyin New Experience Style 2010 does not properly restrict access to configuration options, which allows local users to gain privileges via the Microsoft Pinyin (aka MSPY) IME toolbar, aka "Pinyin IME Elevation Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Pinyin Simple Fast Style | =2010 | |
| Microsoft Pinyin Simple Fast Style | =2010 | |
| Microsoft Pinyin Ime | =2010 | |
| Microsoft Pinyin New Experience Style | =2010 | |
| Microsoft Pinyin New Experience Style | =2010 | |
| Microsoft Pinyin Ime | =2010 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/references
- agent/severity
- agent/type
- agent/event
- agent/weakness
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft pinyin simple fast style
- version/microsoft pinyin simple fast style/2010
- canonical/microsoft pinyin ime
- version/microsoft pinyin ime/2010
- canonical/microsoft pinyin new experience style
- version/microsoft pinyin new experience style/2010