CISA/NIST NVD Alert - CVE-2014-4077

Input Method Editor (IME) Japanese - Microsoft IME Japanese Privilege Escalation Vulnerability

CISA/NIST Known Exploited Vulnerability Alert

CVE Identification Number

CVE-2014-4077

Vendor Name

Microsoft

Product

Input Method Editor (IME) Japanese

Vulnerability Name

Microsoft IME Japanese Privilege Escalation Vulnerability

Description of Vulnerability

Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation.

Date Added to CISA Known Exploited Vulnerability Database

2022-05-25

Remediation

Apply updates per vendor instructions.

Link to NIST NVD CVE Listing

National Vulnerability Database Source