CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-4077

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score55.9320%
EPSS Percentile95.61th
Published2014年11月11日
Last Modified2026年4月22日

Vulnerability Description

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," as exploited in the wild in 2014.

Affected Platforms (CPE)

📦
Microsoft

Office 2007 Ime

= sp3
💻
Microsoft

Windows 7

All versions
💻
Microsoft

Windows Server 2003

All versions
💻
Microsoft

Windows Server 2008

All versions
💻
Microsoft

Windows Server 2008

= r2
💻
Microsoft

Windows Server 2008

= r2
💻
Microsoft

Windows Vista

All versions

References & Advisories

🔗 http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspx
🔗 http://www.securitytracker.com/id/1031196
🔗 http://www.securitytracker.com/id/1031197
🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-078
🔗 http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspx
🔗 http://www.securitytracker.com/id/1031196
🔗 http://www.securitytracker.com/id/1031197
🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-078

関連する脆弱性情報

CVE-2015-25039.3

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...