CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2011-2005

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score67.6980%
EPSS Percentile92.23th
Published2011年10月12日
Last Modified2026年4月22日

Vulnerability Description

afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."

Affected Platforms (CPE)

💻
Microsoft

Windows Server 2003

All versions
💻
Microsoft

Windows Xp

All versions
💻
Microsoft

Windows Xp

All versions

References & Advisories

🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-080
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13114
🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-080
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13114
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-2005

相關漏洞威脅

CVE-2004-020910.0

Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 al...

CVE-2004-042010.0

The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows ...

CVE-2004-020110.0

Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Serve...

CVE-2004-057410.0

The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, ...