Home

CVE-2008-3464

Description

afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka AFD Kernel Overwrite Vulnerability.

Risk Information

Base Score
7.3
MODERATE
Vector
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.347

Associated Vulnerability

VulnerabilityOS Platform
ms08-066: vulnerability in the microsoft ancillary function driver could allow elevation of privilege for Windows XP (KB956803) x86 based systemsWindows
ms08-066: vulnerability in the microsoft ancillary function driver could allow elevation of privilege for Windows XP (KB956803) x86 based systems for SP3Windows
ms08-066: vulnerability in the microsoft ancillary function driver could allow elevation of privilege for Windows Server 2003 (KB956803) x86 based systemsWindows
ms08-066: vulnerability in the microsoft ancillary function driver could allow elevation of privilege for Windows Server 2003 (KB956803) x86 based systems for SP3Windows
ms08-066: vulnerability in the microsoft ancillary function driver could allow elevation of privilege for Windows XP x64 Edition (KB956803)Windows
ms08-066: vulnerability in the microsoft ancillary function driver could allow elevation of privilege for Windows Server 2003 x64 Edition (KB956803)Windows
ms08-066: vulnerability in the microsoft ancillary function driver could allow elevation of privilege for Windows Server 2003 x64 Edition (KB956803) for SP2Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-6564Security Update for Windows XP x64 Edition (KB956803)
PATCH-6566Security Update for Windows Server 2003 x64 Edition (KB956803)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234