7.2

CVE-2011-2010

The Microsoft Office Input Method Editor (IME) for Simplified Chinese in Microsoft Pinyin IME 2010, Office Pinyin SimpleFast Style 2010, and Office Pinyin New Experience Style 2010 does not properly restrict access to configuration options, which allows local users to gain privileges via the Microsoft Pinyin (aka MSPY) IME toolbar, aka "Pinyin IME Elevation Vulnerability."

Data is provided by the National Vulnerability Database (NVD)
MicrosoftPinyin Ime Version2010 Editionx64
MicrosoftPinyin Ime Version2010 Editionx86
MicrosoftPinyin New Experience Style Version2010 Editionx64
MicrosoftPinyin New Experience Style Version2010 Editionx86
MicrosoftPinyin Simple Fast Style Version2010 Editionx64
MicrosoftPinyin Simple Fast Style Version2010 Editionx86
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.52% 0.642
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C