Microsoft .NET Framework JIT Compiler – Optimization NULL String Remote Code Execution

• Exploit Database
• 16 阅读

• 作者： Brian Mancini
  日期： 2011-03-04
• 类别：

  • remote
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/35740/

• source: https://www.securityfocus.com/bid/47834/info
  
  The Microsoft .NET Framework is prone to a remote code-execution vulnerability that affects the Just-In-Time (JIT) compiler optimization on x86 architectures.
  
  Successful exploits may allow an attacker to execute arbitrary code in the context of the browser; this may aid in further attacks.
  
  if ((value == null || value == new string[0]) == false)