9.3 - MS14-078

Executive Summary

Summary
Title	Vulnerability in IME (Japanese) Could Allow Elevation of Privilege (2992719)

Informations
Name	MS14-078	First vendor Publication	2014-11-11
Vendor	Microsoft	Last vendor Modification	2014-11-11
Severity (Vendor)	Moderate	Revision	1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Moderate
Revision Note: V1.0 (November 11, 2014): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Microsoft Input Method Editor (IME) (Japanese). The vulnerability could allow sandbox escape based on the application sandbox policy on a system where an affected version of the Microsoft IME (Japanese) is installed. An attacker who successfully exploited this vulnerability could escape the sandbox of a vulnerable application and gain access to the affected system with logged-in user rights. If the affected system is logged in with administrative rights, an attacker could then install programs; view, change or delete data; or create new accounts with full administrative rights.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS14-078

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:27984

Oval ID:	oval:org.mitre.oval:def:27984
Title:	Microsoft IME (Japanese) elevation of privilege vulnerability - CVE-2014-4077 (MS14-078)
Description:	Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," as exploited in the wild in 2014.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-4077	Version:	3
Platform(s):	Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1	Product(s):	Microsoft Input Method Editor Japanese Microsoft Office IME Japanese 2007
Definition Synopsis:
office 2007 IME Japanese and vulnerable version Microsoft Office 2007 IME Japanese is installed AND Check if the version of Imjputyc.dll is less than 12.0.6704.5000 (Office IME japanese) OR OS and vulnerable version Microsoft Input method editor (IME) Japanese is installed AND OS and Vuln file version 2K3 and vulnerable file version Either OS Microsoft Windows Server 2003 (32-bit) is installed AND Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows Server 2003 for Itanium is installed AND Check if the version of Imjputyc.dll is less than 8.1.7104.0 OR Vista / 2k8 + vulnerable file version Vista / 2K8 Microsoft Windows Vista (32-bit) is installed AND Microsoft Windows Vista x64 Edition is installed AND Microsoft Windows Server 2008 (32-bit) is installed AND Microsoft Windows Server 2008 (64-bit) is installed AND Microsoft Windows Server 2008 (ia-64) is installed AND GDR / LDR Check if the version of Imjputyc.dll is less than 10.0.6002.19154 OR LDR range Check if the version of Imjputyc.dll is less than 10.0.6002.23459 AND Check if the version of Imjputyc.dll is greater than or equal to 10.0.6002.23000 OR Win 7 / 2008 R2 + vulnerable file version Win 7 / 2008 R2 Microsoft Windows 7 (32-bit) is installed AND Microsoft Windows 7 x64 Edition is installed AND Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed AND GDR / LDR Check if the version of Imjputyc.dll is less than 10.1.7601.18556 OR LDR range Check if the version of Imjputyc.dll is less than 10.1.7601.22764 AND Check if the version of Imjputyc.dll is greater than or equal to 10.1.7601.22000

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Office 2007 Ime cpe:2.3:a:microsoft:office_2007_ime:-:::ja::::	1
Os	Microsoft Windows 7 cpe:2.3:o:microsoft:windows_7:-:sp1::::::	1
Os	Microsoft Windows Server 2003 cpe:2.3:o:microsoft:windows_server_2003:-:sp2::::::	1
Os	Microsoft Windows Server 2008 cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:* cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::itanium:* cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::	3
Os	Microsoft Windows Vista cpe:2.3:o:microsoft:windows_vista:-:sp2::::::	1

Information Assurance Vulnerability Management (IAVM)

Date	Description
2014-11-13	IAVM : 2014-A-0179 - Microsoft Input Method Editor (IME) Privilege Escalation Vulnerability Severity : Category I - VMSKEY : V0057395

Nessus® Vulnerability Scanner

Date	Description
2014-11-12	Name : The remote Windows host is affected by a privilege escalation vulnerability. File : smb_nt_ms14-078.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2016-04-27 04:53:58	Multiple Updates
2015-10-18 17:26:24	Multiple Updates
2014-11-12 17:27:17	Multiple Updates
2014-11-12 13:27:29	Multiple Updates
2014-11-12 05:34:53	Multiple Updates
2014-11-11 21:28:12	Multiple Updates
2014-11-11 21:16:55	First insertion

Global Informations

Type	Count
Oval ID(s)	1
CPE ID(s)	7
IAVM(s)	1
Nessus® Exploit(s)	1

	Related
10	MS14-066
10	MS14-057
10	MS14-037
10	MS14-035
10	MS14-026
10	MS14-021
10	MS14-008
9.3	MS15-116
9.3	MS14-084
9.3	MS14-083
9.3	MS14-082
9.3	MS14-081
9.3	MS14-080
9.3	MS14-072
9.3	MS14-069
9.3	MS14-067
9.3	MS14-065
9.3	MS14-064
9.3	MS14-061
9.3	MS14-060
9.3	MS14-058
9.3	MS14-056
9.3	MS14-052
9.3	MS14-051
9.3	MS14-050
9.3	MS14-048
9.3	MS14-038
9.3	MS14-036
9.3	MS14-034
9.3	MS14-029
9.3	MS14-023
9.3	MS14-020
9.3	MS14-018
9.3	MS14-017
9.3	MS14-013
9.3	MS14-012
9.3	MS14-011
9.3	MS14-010
9.3	MS14-009
9.3	MS14-007
9.3	MS14-001
9	MS14-068
9	MS14-025
9	MS14-022
7.8	MS14-006
7.8	CVE-2014-4077
7.6	MS14-039
7.5	MS14-047
7.2	MS14-070
7.2	MS14-063
7.2	MS14-062
7.2	MS14-054
7.2	MS14-049
7.2	MS14-045
7.2	MS14-040
7.2	MS14-027
7.2	MS14-015
7.2	MS14-003
7.2	MS14-002
7.1	MS14-079
7.1	MS14-014
7.1	MS14-005
6.9	MS14-041
6.9	MS14-019
6.8	MS14-044
6.8	MS14-043
6.8	MS14-024
5.4	MS14-016
5.1	MS14-076
5.1	MS14-030
5	MS14-085
5	MS14-077
5	MS14-075
5	MS14-055
5	MS14-053
5	MS14-031
5	MS14-028
4.3	MS14-074
4.3	MS14-073
4.3	MS14-071
4.3	MS14-059
4.3	MS14-046
4.3	MS14-033
4.3	MS14-032
4	MS14-042
4	MS14-004
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 86 more Alert(s)

9.3 - MS14-078

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU