CVE-2011-1889
Summary
| CVE | CVE-2011-1889 |
|---|---|
| State | PUBLISHED |
| Assigner | microsoft |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2011-06-16 20:55:02 UTC |
| Updated | 2026-04-22 10:35:29 UTC |
| Description | The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability." |
Risk And Classification
Primary CVSS: v3.1 9.8 CRITICAL from [email protected]
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS: 0.872380000 probability, percentile 0.994550000 (date 2026-04-23)
CISA KEV: Listed on 2022-03-03; due 2022-03-24; ransomware use Unknown
Problem Types: CWE-119 | n/a | CWE-119 CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | ADP | DECLARED | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | Secondary | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 2.0 | [email protected] | Primary | 10 | AV:N/AC:L/Au:N/C:C/I:C/A:C |
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:N/AC:L/Au:N/C:C/I:C/A:C
CISA Known Exploited Vulnerability
| Vendor | Microsoft |
|---|---|
| Product | Forefront Threat Management Gateway (TMG) |
| Name | Microsoft Forefront TMG Remote Code Execution Vulnerability |
| Required Action | Apply updates per vendor instructions. |
| Notes | https://nvd.nist.gov/vuln/detail/CVE-2011-1889 |
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Forefront Threat Management Gateway | 2010 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | Third Party Advisory, VDB Entry |
| Microsoft Forefront Threat Management Gateway (TMG) Firewall Client Memory Corruption Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Broken Link, Third Party Advisory, VDB Entry |
| www.cisa.gov/known-exploited-vulnerabilities-catalog | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | www.cisa.gov | US Government Resource |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | Broken Link |
| Microsoft Security Bulletin MS11-040 - Critical | Microsoft Docs | af854a3a-2127-422b-91ae-364da2661108 | docs.microsoft.com | Patch, Vendor Advisory |
| Microsoft Forefront Threat Management Gateway Bounds Validation Flaw in Winsock Provider Lets Remote Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Broken Link, Third Party Advisory, VDB Entry |
| Microsoft Threat Management Gateway Firewall Client Vulnerability - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Broken Link |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
| CISA Known Exploited Vulnerabilities catalog | CISA | www.cisa.gov | kev |
No vendor comments have been submitted for this CVE.
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| ADP | 2022-03-03T00:00:00.000Z | CVE-2011-1889 added to CISA KEV |
There are currently no legacy QID mappings associated with this CVE.