Vulnerability Description
The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability."
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Forefront Threat Management Gateway | 2010 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/44857Broken Link
- http://www.securityfocus.com/bid/48181Broken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1025637Broken LinkThird Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-04PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67736Third Party AdvisoryVDB Entry
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken Link
- http://secunia.com/advisories/44857Broken Link
- http://www.securityfocus.com/bid/48181Broken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1025637Broken LinkThird Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-04PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67736Third Party AdvisoryVDB Entry
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken Link
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-US Government Resource
FAQ
What is CVE-2011-1889?
CVE-2011-1889 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests...
How severe is CVE-2011-1889?
CVE-2011-1889 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2011-1889?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Forefront Threat Management Gateway.