CVE-2011-1889

The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
microsoftCNA
---
---
CVEADP
---
---
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
Common Weakness Enumeration
References
http://secunia.com/advisories/44857
http://www.securityfocus.com/bid/48181
http://www.securitytracker.com/id?1025637
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-040
https://exchange.xforce.ibmcloud.com/vulnerabilities/67736
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12642
http://secunia.com/advisories/44857
http://www.securityfocus.com/bid/48181
http://www.securitytracker.com/id?1025637
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-040
https://exchange.xforce.ibmcloud.com/vulnerabilities/67736
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12642
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-1889