{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70590?format=json","vulnerability_id":"VCID-4daa-vvd4-4kdw","summary":"","aliases":[{"alias":"CVE-2011-2005"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2005","reference_id":"","reference_type":"","scores":[{"value":"0.67089","scoring_system":"epss","scoring_elements":"0.98577","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2005"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/18176.py","reference_id":"CVE-2011-2005;OSVDB-76232;MS11-080","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/18176.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/21844.rb","reference_id":"CVE-2011-2005;OSVDB-76232;MS11-080","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/21844.rb"},{"reference_url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-080","reference_id":"ms11-080","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-10T19:02:58Z/"}],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-080"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13114","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A13114","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-10T19:02:58Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13114"}],"weaknesses":[],"exploits":[{"date_added":"2022-03-28","description":"afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application.","required_action":"Apply updates per vendor instructions.","due_date":"2022-04-18","notes":"https://nvd.nist.gov/vuln/detail/CVE-2011-2005","known_ransomware_campaign_use":false,"source_date_published":null,"exploit_type":null,"platform":null,"source_date_updated":null,"data_source":"KEV","source_url":null},{"date_added":null,"description":"This module exploits a flaw in the AfdJoinLeaf function of the\n            afd.sys driver to overwrite data in kernel space.  An address\n            within the HalDispatchTable is overwritten and when triggered\n            with a call to NtQueryIntervalProfile will execute shellcode.\n\n            This module will elevate itself to SYSTEM, then inject the payload\n            into another SYSTEM process before restoring its own token to\n            avoid causing system instability.","required_action":null,"due_date":null,"notes":"Stability:\n  - crash-os-restarts\nReliability: []\nSideEffects:\n  - ioc-in-logs\n  - artifacts-on-disk\n","known_ransomware_campaign_use":false,"source_date_published":"2011-11-30","exploit_type":null,"platform":"Windows","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/local/ms11_080_afdjoinleaf.rb"},{"date_added":"2011-11-30","description":"Microsoft Windows XP/2003 - 'afd.sys' Local Privilege Escalation (MS11-080)","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":true,"source_date_published":"2011-11-30","exploit_type":"local","platform":"windows","source_date_updated":"2011-11-30","data_source":"Exploit-DB","source_url":""}],"severity_range_score":"7.8 - 7.8","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4daa-vvd4-4kdw"}