CVE-2011-1249

EXPLOITED

Microsoft Windows 2003 Server - Access Control

Title source: rule

Description

The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."

Exploits (5)

exploitdb WORKING POC VERIFIED

by Tomislav Paskalev · clocalwindows_x86

https://www.exploit-db.com/exploits/40564

View Code ZIP pw:eip

exploitdb WORKING POC

by fb1h2s · cdoswindows

https://www.exploit-db.com/exploits/18755

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by h3x0v3rl0rd · poc

https://github.com/h3x0v3rl0rd/CVE-2011-1249

View Code ZIP pw:eip

nomisec STUB

by Madusanka99 · poc

https://github.com/Madusanka99/OHTS

View Code ZIP pw:eip

patchapalooza NO CODE

by Ascotbe · local

https://github.com/Ascotbe/Kernelhub

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/40564/

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-046

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12731

Scores

EPSS 0.0329

EPSS Percentile 87.2%

Details

VulnCheck KEV 2011-06-30

CWE

CWE-264

Status published

Products (7)

microsoft/windows_2003_server

microsoft/windows_7 (2 CPE variants)

microsoft/windows_server_2003

microsoft/windows_server_2008 (6 CPE variants)

microsoft/windows_server_2008 r2 (2 CPE variants)

microsoft/windows_vista (2 CPE variants)

microsoft/windows_xp (2 CPE variants)

Published Jun 16, 2011

Tracked Since Feb 18, 2026