CVE-2014-4077

CVSS 7.8 HIGHEPSS 47.7%● KEV

In short

A flaw in Microsoft's Japanese input method (IME) allows attackers to escape sandbox restrictions by sending a specially crafted PDF file. This lets malicious code run with higher privileges than it should have.

Technical detail

The vulnerability exists in IMJPDCT.EXE (Japanese IME) on affected Windows and Office versions, where a malicious PDF triggers a sandbox bypass. Remote attackers can escalate privileges without user interaction beyond opening the document; the flaw was actively exploited in the wild during 2014.

Summary generated and translated by AI from the official description.

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," as exploited in the wild in 2014.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspx https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-078 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-4077 http://www.securitytracker.com/id/1031196 http://www.securitytracker.com/id/1031197