lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20081025081816.5569.qmail@securityfocus.com> Date: 25 Oct 2008 08:18:16 -0000 From: varun.srivastav@...il.com To: bugtraq@...urityfocus.com Subject: Java Web start vulnerability Hi, There is vulnerability in Java Web Start. Already there is some vulnerability posted for persistenceservice service of java web start. But in Basicservice also we can run any file on the client using showDocument method. Just give the URL of file on client computer. If the browser has software attached to run that filetype it will be run automatically without user knowledge. Regards Varun Srivastava