Microsoft Windows AFD driver privilege escalation - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Microsoft Windows AFD driver privilege escalation
updated since 15.10.2008
Published: 16.10.2008
Source: BUGTRAQ
SecurityVulns ID: 9369
Type: local
Level: 7/10
Description: Kernel memory access is possible.

Affected: MICROSOFT : Windows XP
MICROSOFT : Windows 2003 Server
CVE: CVE-2008-3464 (afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka "AFD Kernel Overwrite Vulnerability.")

Original document Reversemode, Exploit for MS08-066 - AFD.sys kernel memory overwrite. (16.10.2008)

MICROSOFT, Microsoft Security Bulletin MS08-066 – Important Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803) (15.10.2008)

Files: Microsoft Security Bulletin MS08-066 – Important Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod