CVE-2008-3464

Microsoft Windows 2003 Server - Access Control

Title source: rule

Description

afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka "AFD Kernel Overwrite Vulnerability."

Exploits (1)

exploitdb SUSPICIOUS VERIFIED

by Ruben Santamarta · textlocalwindows

https://www.exploit-db.com/exploits/6757

View Code ZIP pw:eip

References (13)

Core 13

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/6757

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/45578

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/2817

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/497375/100/0/threaded

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=122479227205998&w=2

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/31673

Various Sources x_refsource_misc

http://blogs.technet.com/swi/archive/2008/10/14/ms08-066-how-to-correctly-validate-and-capture-user-mode-data.aspx

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1021053

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5825

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/45582

US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA08-288A.html

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-066

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32261

Scores

EPSS 0.0135

EPSS Percentile 80.2%

Details

CWE

CWE-264

Status published

Products (3)

microsoft/windows_2003_server (5 CPE variants)

microsoft/windows_2003_server professional sp3

microsoft/windows_xp (4 CPE variants)

Published Oct 15, 2008

Tracked Since Feb 18, 2026