DNS: Microsoft Threat Management Gateway Client Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Microsoft Forefront Threat Management Gateway 2010 Client. A successful attack can lead to arbitrary code execution.
Extended Description
The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability."
Affected Products
Microsoft forefront_threat_management_gateway
Short Name
DNS:MS-THREAT-MGMT-RCE
Severity
Major
Recommended
False
Recommended Action
None
Category
DNS
Keywords
CVE-2011-1889 Client Code Execution Gateway Management Microsoft Remote Threat bid:48181
Release Date
10/22/2024
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3751
False Positive
Frequently
Vendors
Microsoft