CVE-2011-2005
| CVE Published | 2011-10-12 |
|---|---|
| Related Vendor(s) | microsoft |
| Related Product(s) | windows_server_2003, windows_xp, windows_2003_server |
| Exploitation Reported (CISA KEV) | 2022-03-28 |
| CVSS 3 Base Score | 7.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | LOCAL |
afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph