CVE-2014-4077

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 11, 2014
Updated: Dec 20, 2024

Summary

CVE-2014-4077 is a vulnerability affecting Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3. When IMJPDCT.EXE, also known as the IME for Japanese, is installed, attackers can bypass a sandbox protection mechanism through a specially crafted PDF document. This issue, also referred to as the "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," was exploited in the wild in 2014, allowing remote attackers to gain elevated privileges.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows Server 2008
  • Microsoft Windows 7
  • Microsoft Windows Server 2003
  • Microsoft Windows Vista

Affected Vendors

  • Microsoft