The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulnerability."
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12642
https://exchange.xforce.ibmcloud.com/vulnerabilities/67736
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-040
http://www.securitytracker.com/id?1025637