| Name | ms14_040 |
| CVE | CVE-2014-1767 |
| Exploit Pack | CANVAS |
| Description | AFD.SYS dangling pointer vulnerability |
| Notes | Repeatability: Infinite Notes: This vulnerability affects Microsoft Windows from XP to 8.1, although the exploit is not available for every version. This module automatically migrates to lsass.exe. Tested on: Windows 7 x86 This vulnerability was found and documented by Sebastian Apelt from Siberas. Our exploitation technique for windows 8.1 is based on his work, although for other version vary. See http://TODO/Pwn2own_2014_AFD.sys_privilege_escalation.pdf VENDOR: Microsoft CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1767 CVE Name: CVE-2014-1767 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |