CVE-2008-3464

Windows XP SP2/SP3 and Windows Server 2003 SP1/SP2 - Local Privilege Escalation via AFD Kernel Input Validation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-3464. PoCs published by Ruben Santamarta.

AI-analyzed exploit summary The provided content is a brief announcement pointing to external downloads for an exploit related to CVE-2008-3464 (MS08-066). It lacks technical details or actual exploit code, instead directing users to external links, which is characteristic of suspicious repositories.

Description

afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka "AFD Kernel Overwrite Vulnerability."

Exploits (1)

exploitdb SUSPICIOUS VERIFIED

by Ruben Santamarta · textlocalwindows

https://www.exploit-db.com/exploits/6757

View Code ZIP pw:eip

The provided content is a brief announcement pointing to external downloads for an exploit related to CVE-2008-3464 (MS08-066). It lacks technical details or actual exploit code, instead directing users to external links, which is characteristic of suspicious repositories.

Classification

Suspicious 90%

Attack Type

Other

Complexity

N/a

Reliability

N/a

Target: Microsoft Windows (AFD.sys)

No auth needed

devstral-2 · analyzed Feb 18, 2026 Full analysis →