CVE-2011-1889

EUVD-2011-1887
The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
Common Weakness Enumeration
References
http://secunia.com/advisories/44857
http://www.securityfocus.com/bid/48181
http://www.securitytracker.com/id?1025637
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-040
https://exchange.xforce.ibmcloud.com/vulnerabilities/67736
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12642
http://secunia.com/advisories/44857
http://www.securityfocus.com/bid/48181
http://www.securitytracker.com/id?1025637
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-040
https://exchange.xforce.ibmcloud.com/vulnerabilities/67736
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12642
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-1889