CVE Vulnerabilities

CVE-2011-2005

Published: Oct 12, 2011 | Modified: Dec 19, 2024
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka Ancillary Function Driver Elevation of Privilege Vulnerability.

Affected Software

Name Vendor Start Version End Version
Windows_server_2003 Microsoft –sp2 (including) –sp2 (including)
Windows_xp Microsoft –sp2 (including) –sp2 (including)
Windows_xp Microsoft –sp3 (including) –sp3 (including)

References