[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Windows IME Elevation of Privilege Vulnerability - CVE-2017-8566

ID: oval:org.secpod.oval:def:41206Date: (C)2017-07-12   (M)2024-03-06
Class: VULNERABILITYFamily: windows




An elevation of privilege vulnerability exists in Windows Input Method Editor (IME) when IME improperly handles parameters in a method of a DCOM class.The DCOM server is a Windows component installed regardless of which languages/IMEs are enabled. An attacker can instantiate the DCOM class and exploit the system even if IME is not enabled.To exploit this vulnerability, a locally authenticated attacker could run a specially crafted application.The security update addresses this vulnerability by correcting how Windows IME handles parameters in a method of a DCOM class.

Platform:
Microsoft Windows Server 2016
Microsoft Windows 10
Reference:
CVE-2017-8566
CVE    1
CVE-2017-8566
CPE    7
cpe:/o:microsoft:windows_10:1703:::x64
cpe:/o:microsoft:windows_10:1703:::x86
cpe:/o:microsoft:windows_10:1703
cpe:/o:microsoft:windows_server_2016:::x64
...

© SecPod Technologies