Summary
This host is missing a critical security update according to Microsoft Bulletin MS11-040
Impact
Successful exploitation could allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/bulletin/ms11-040
Insight
The flaw is due to error when setting proper bounds to the 'NSPLookupServiceNext()' function, that allow remote code execution if an attacker leveraged a client computer to make specific requests on a system where the TMG firewall client is used.
Affected
Microsoft Forefront Threat Management Gateway 2010 SP1 and prior.
Detection
Get the vulnerable file version and check appropriate patch is applied or not.
References
Severity
Classification
-
CVE CVE-2011-1889 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (972270)
- Message Queuing Remote Code Execution Vulnerability (951071)
- Buffer Overrun in the ListBox and in the ComboBox (824141)
- Microsoft .NET Framework Privilege Elevation Vulnerability (3005210)
- Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control Vulnerability (2508272)