10

CVE-2011-1889

Warnung

The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability."

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Forefront TMG Remote Code Execution Vulnerability

Schwachstelle

A remote code execution vulnerability exists in the Forefront Threat Management Gateway (TMG) Firewall Client Winsock provider that could allow code execution in the security context of the client application.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 87.38% 0.994
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.securityfocus.com/bid/48181
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id?1025637
Third Party Advisory
Broken Link
VDB Entry