Skip to content

Latest commit

 

History

History
27 lines (23 loc) · 980 Bytes

README.md

File metadata and controls

27 lines (23 loc) · 980 Bytes

MS11-046

The Ancillary Function Driver (AFD) supports Windows sockets applications and is contained in the afd.sys file. 
The afd.sys driver runs in kernel mode and manages the Winsock TCP/IP communications protocol. An elevation of 
privilege vulnerability exists where the AFD improperly validates input passed from user mode to the kernel. 
An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerability. 
An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode 
(i.e. with NT AUTHORITY\SYSTEM privileges).

Vulnerability reference:

Usage

c:\\> MS11-046.exe

caidao 2003_k8 2003 local
2003
win7-x86
win7