| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS13-075 | Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2878687) | Microsoft Office | Important | 11-09-2013 |
Technical Information
Brief overview of the risk:
This security update resolves a privately reported vulnerability in Microsoft Office IME (Chinese). The vulnerability could allow elevation of privilege if a logged on attacker launches Internet Explorer from the toolbar in Microsoft Pinyin IME for Simplified Chinese. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Detailed Information on the risk:
An elevation of privilege vulnerability exists in Office IME for Chinese that could allow a low-privilege user to elevate their access privileges.
Further information on this exploit is available at : MS13-075
Affected Software
Microsoft Office 2010 Service Pack 1 (32-bit editions)Microsoft Office 2010 Service Pack 1 (64-bit editions)