CVE-2012-0148 Information

Description

afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 Windows Server 2003 SP2 Windows Vista SP2 Windows Server 2008 SP2 R2 and R2 SP1 and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate user-mode input passed to kernel mode which allows local users to gain privileges via a crafted application aka \AfdPoll Elevation of Privilege Vulnerability.\

Reference

http://www.us-cert.gov/cas/techalerts/TA12-045A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-009 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14852