CVE-2013-3859

CVE Database · CVE-2013-3859

CVE-2013-3859

· N/AModified

CVSS v3.1

N/A

EPSS

1.65%

Published

Sep 11, 2013

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Pinyin IME 2010, when used in conjunction with Microsoft Office 2010 SP1, does not properly restrict configuration options, which allows local users to gain privileges by starting Internet Explorer from the IME toolbar, aka "Chinese IME Vulnerability."

Weaknesses (CWE)

CWE-264

Affected Products (5)

microsoft · officevulnerable

microsoft · pinyin_imevulnerable

References (4)

http://www.us-cert.gov/ncas/alerts/TA13-253A

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-075

http://www.us-cert.gov/ncas/alerts/TA13-253A

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-075

KEV Catalog EPSS Scores Vendors All CVEs