Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows AFD driver privilege escalation
updated since 15.10.2008
Published:16.10.2008
Source:
SecurityVulns ID:9369
Type:local
Threat Level:
7/10
Description:Kernel memory access is possible.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2008-3464 (afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka "AFD Kernel Overwrite Vulnerability.")
Original documentdocumentReversemode, Exploit for MS08-066 - AFD.sys kernel memory overwrite. (16.10.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-066 – Important Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803) (15.10.2008)
Files:Microsoft Security Bulletin MS08-066 – Important Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod