CVE-2011-1271

HIGH

Microsoft .NET Framework 3.5 Gold/SP1, 3.5.1, 4.0 - Remote Code Execution via JIT Compiler Null String Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-1271. PoCs published by Brian Mancini.

AI-analyzed exploit summary The provided code snippet is a minimal conditional check related to CVE-2011-1271, a JIT compiler optimization vulnerability in the Microsoft .NET Framework. It lacks executable exploit logic and appears to be a placeholder or incomplete example.

Description

The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary code, in opportunistic circumstances by leveraging a crafted application, as demonstrated by (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka ".NET Framework JIT Optimization Vulnerability."

Exploits (1)

exploitdb STUB VERIFIED
by Brian Mancini · textremotewindows
https://www.exploit-db.com/exploits/35740

The provided code snippet is a minimal conditional check related to CVE-2011-1271, a JIT compiler optimization vulnerability in the Microsoft .NET Framework. It lacks executable exploit logic and appears to be a placeholder or incomplete example.

Classification
Stub 30%
Attack Type
Rce
Complexity
Theoretical
Reliability
Theoretical
Target: Microsoft .NET Framework (versions affected by CVE-2011-1271)
No auth needed
Prerequisites: Target system running vulnerable .NET Framework version · Ability to deliver malicious code to the JIT compiler
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 7.7
EPSS 0.2010
EPSS Percentile 97.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-264 CWE-476
Status published
Products (4)
microsoft/.net_framework 4.0
microsoft/.net_framework 3.5.1
microsoft/.net_framework 2.0 sp2 (2 CPE variants)
microsoft/.net_framework 3.5 sp1 (2 CPE variants)
Published May 10, 2011
Tracked Since Feb 18, 2026