CVE-2008-3464 Information

Description

afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel which allows local users to gain privileges via a crafted application as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions aka \AFD Kernel Overwrite Vulnerability.\

Reference

http://blogs.technet.com/swi/archive/2008/10/14/ms08-066-how-to-correctly-validate-and-capture-user-mode-data.aspx http://marc.info/?l=bugtraq&m=122479227205998&w=2 http://secunia.com/advisories/32261 http://www.securityfocus.com/archive/1/497375/100/0/threaded http://www.securityfocus.com/bid/31673 http://www.securitytracker.com/id?1021053 http://www.us-cert.gov/cas/techalerts/TA08-288A.html http://www.vupen.com/english/advisories/2008/2817 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-066 https://exchange.xforce.ibmcloud.com/vulnerabilities/45578 https://exchange.xforce.ibmcloud.com/vulnerabilities/45582 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5825 https://www.exploit-db.com/exploits/6757