CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-2010

The Microsoft Office Input Method Editor (IME) for Simplified Chinese in Microsoft Pinyin IME 2010, Office Pinyin SimpleFast Style 2010, and Office Pinyin New Experience Style 2010 does not properly restrict access to configuration options, which allows local users to gain privileges via the Microsoft Pinyin (aka MSPY) IME toolbar, aka "Pinyin IME Elevation Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.9%

CVSS Severity

CVSS v2 Score 7.2

References

http://www.us-cert.gov/cas/techalerts/TA11-347A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-088
http://www.us-cert.gov/cas/techalerts/TA11-347A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-088

Products affected by CVE-2011-2010

Microsoft » Pinyin Ime » Version: 2010

cpe:2.3:a:microsoft:pinyin_ime:2010
Microsoft » Pinyin New Experience Style » Version: 2010

cpe:2.3:a:microsoft:pinyin_new_experience_style:2010
Microsoft » Pinyin Simple Fast Style » Version: 2010

cpe:2.3:a:microsoft:pinyin_simple_fast_style:2010

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2010

Products

Pricing

Contact Us