CVEs-PoC/2011/CVE-2011-2005.md

### [CVE-2011-2005](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2005)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/3sc4p3/oscp-notes
- https://github.com/Al1ex/WindowsElevation
- https://github.com/Ascotbe/Kernelhub
- https://github.com/BLACKHAT-SSG/EXP-401-OSEE
- https://github.com/Cruxer8Mech/Idk
- https://github.com/DotSight7/Cheatsheet
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/PwnAwan/EXP-401-OSEE
- https://github.com/alizain51/OSCP-Notes-ALL-CREDITS-TO-OPTIXAL-
- https://github.com/briceayan/Opensource88888
- https://github.com/cpardue/OSCP-PWK-Notes-Public
- https://github.com/fei9747/WindowsElevation
- https://github.com/kicku6/Opensource88888
- https://github.com/lyshark/Windows-exploits
- https://github.com/sphinxs329/OSCP-PWK-Notes-Public
- https://github.com/xcsrf/OSCP-PWK-Notes-Public
- https://github.com/ycdxsb/WindowsPrivilegeEscalation