Trend Micro Security

(MS14-078) Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (2992719)

  危険度: :
  CVE識別番号: CVE-2014-4077

  概要

This update resolves a vulnerability that exists in Microsoft IME for Japanese. It corrects the way Microsoft IME (Japanese) component loads dictionary files. For an attacker to successfully exploit this vulnerability, the attacker must have write access to the vulnerable system.

  影響を受けるソフトウェア

  • Windows Vista x64 Edition Service Pack 2
  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
  • Microsoft Office 2007 IME (Japanese) in Microsoft Office 2007 Service Pack 3
  • Windows Server 2003 Service Pack 2
  • Windows Server 2003 x64 Edition Service Pack 2
  • Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for Itanium-based Systems Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)