CVE-2011-1249
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2011-1249
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Windows 'AFD.sys'驱动程序特权提升漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Microsoft Windows的辅助功能驱动程序(afd.sys)错误地验证从用户模式传递到内核的输入的方式,导致存在特权提升漏洞。攻击者可利用此漏洞执行任意代码,并可完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2011-1249
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Microsoft Windows - 'afd.sys' Local Kernel Privilege Escalation Exploit Report (CVE-2011-1249) | https://github.com/Madusanka99/OHTS | POC Details |
| 2 | None | https://github.com/crypticdante/CVE-2011-1249 | POC Details |
| 3 | None | https://github.com/H3xL00m/CVE-2011-1249 | POC Details |
| 4 | None | https://github.com/n3ov4n1sh/CVE-2011-1249 | POC Details |
| 5 | None | https://github.com/c0d3cr4f73r/CVE-2011-1249 | POC Details |
| 6 | None | https://github.com/Sp3c73rSh4d0w/CVE-2011-1249 | POC Details |
| 7 | None | https://github.com/0xwh1pl4sh/CVE-2011-1249 | POC Details |
| 8 | None | https://github.com/N3rdyN3xus/CVE-2011-1249 | POC Details |
| 9 | None | https://github.com/NyxByt3/CVE-2011-1249 | POC Details |
| 10 | None | https://github.com/h3xcr4ck3r/CVE-2011-1249 | POC Details |
| 11 | None | https://github.com/n3rdh4x0r/CVE-2011-1249 | POC Details |
| 12 | None | https://github.com/h3x0v3rl0rd/CVE-2011-1249 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2011-1249
Please Login to view more intelligence information
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-046vendor-advisoryx_refsource_MS
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12731vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2011-1249
Same Patch Batch · n/a · 2011-06-16 · 77 CVEs total
| CVE-2011-1251 | Microsoft Internet Explorer DOM操作内存破坏漏洞 | |
| CVE-2011-1279 | Microsoft Excel越界WriteAV漏洞 | |
| CVE-2011-1262 | Microsoft Internet Explorer HTTP重定向内存破坏漏洞 | |
| CVE-2011-1261 | Microsoft Internet Explorer Selection对象内存破坏漏洞 | |
| CVE-2011-1260 | Microsoft Internet Explorer布局内存破坏漏洞 | |
| CVE-2011-1258 | Microsoft Internet Explorer拖放操作信息泄露漏洞 | |
| CVE-2011-1256 | Microsoft Internet Explorer DOM编辑内存破坏漏洞 | |
| CVE-2011-1255 | Microsoft Internet Explorer Time元素内存破坏漏洞 | |
| CVE-2011-1254 | Microsoft Internet Explorer拖放事件内存破坏漏洞 | |
| CVE-2011-1252 | Microsoft Internet Explorer 'toStaticHTML()' HTML过滤信息泄露漏洞 | |
| CVE-2011-1264 | Microsoft Active Directory Certificate Services Web注册跨站脚本攻击漏洞 | |
| CVE-2011-1250 | Microsoft Internet Explorer Link属性远程代码执行漏洞 | |
| CVE-2011-1246 | Microsoft Internet Explorer MIME Sniffing信息泄露漏洞 | |
| CVE-2011-0664 | Microsoft .NET Framework和Silverlight数组偏移漏洞 | |
| CVE-2011-0658 | Microsoft Windows OLE自动协议实现WMF图形解析漏洞 | |
| CVE-2011-2202 | PHP main/rfc1867.c rfc1867_post_handler函数文件路径注入漏洞 | |
| CVE-2011-2128 | Adobe Shockwave Player 缓冲区错误漏洞 | |
| CVE-2011-2127 | Adobe Shockwave Player 缓冲区错误漏洞 | |
| CVE-2011-2126 | Adobe Shockwave Player 缓冲区错误漏洞 | |
| CVE-2011-2125 | Adobe Shockwave Player 缓冲区错误漏洞 |
Showing top 20 of 77 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2011-1249
No comments yet