Lucene search
RootSSV:20644HistoryJun 17, 2011 - 12:00 a.m.
Microsoft .NET Framework JIT编译器优化NULL字符串远程代码执行漏洞(MS11-044)
2011-06-1700:00:00
Root
www.seebug.org
8
0.007 Low
EPSS
Percentile
78.8%
BUGTRAQ ID: 47834
CVE ID: CVE-2011-1271
.NET Framework是用于Windows的新托管代码编程模型。
Microsoft .NET Framework在实现上存在JIT编译器优化NULL字符串远程代码执行漏洞,远程攻击者可利用此漏洞执行任意代码。
此漏洞源于.NET JIT编译器错误地验证了对象中的某些值,通过诱使用户访问带有XBAP的特制网站加以利用。
Microsoft .NET Framework 4.x
Microsoft .NET Framework 3.x
Microsoft .NET Framework 2.x
厂商补丁:
Microsoft
Microsoft已经为此发布了一个安全公告(MS11-044)以及相应补丁:
MS11-044:Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814)
链接:http://www.microsoft.com/technet/security/bulletin/MS11-044.asp
if ((value == null || value == new string[0]) == false)
Related
openvas
openvas
Microsoft .NET Framework Security Bypass Vulnerability
2011-05-26 00:00:00
Microsoft .NET Framework Remote Code Execution Vulnerability (2538814)
2011-06-15 00:00:00
Microsoft .NET Framework Security Bypass Vulnerability
2011-05-26 00:00:00
cve
cve
CVE-2011-1271
2011-05-10 19:55:00
prion
prion
Design/Logic Flaw
2011-05-10 19:55:00
cvelist
cvelist
CVE-2011-1271
2011-05-10 19:00:00
nessus
nessus
securityvulns
securityvulns
Microsoft .Net Framework multiple security vulnerabilities
2011-06-15 00:00:00