Microsoft » Windows Xp : Security Vulnerabilities, CVEs, Published In 2012 (Gain Privilege) CVSS score >= 2
afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "AfdPoll Elevation of Privilege Vulnerability."
Max CVSS
7.2
EPSS Score
0.05%
Published
2012-02-14
Updated
2023-12-07
The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2, when a Chinese, Japanese, or Korean system locale is used, can access uninitialized memory during the processing of Unicode characters, which allows local users to gain privileges via a crafted application, aka "CSRSS Elevation of Privilege Vulnerability."
Max CVSS
6.9
EPSS Score
0.39%
Published
2012-01-10
Updated
2023-12-07
2 vulnerabilities found