The Ancillary Function Driver (AFD.sys) present in Microsoft Windows is vulnerable to a double-fetch that causes an integer overflow, which can result in out-of-bounds memory write to non-paged pool memory. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by calling to the WSASendMsg function with crafted parameters.
CVE Link
Exploit Platform
Product Name