CVE-2012-0149

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2003 SP2

Description The issue arises from improper validation of user-mode input passed to kernel mode by the Ancillary Function Driver (afd.sys) in Microsoft Windows. This could allow a local attacker to execute arbitrary code with elevated privileges, potentially leading to complete control of the affected system. The attacker could then install programs, view, change, or delete data, or create new accounts with full administrative rights.

Recommendations For Microsoft Windows Server 2003 SP2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.