Full Disclosure: Re: Binary Planting Goes "Any File Type"

[Mitja Kolsek <mitja.kolsek () acrossecurity com>]

Tim,

We haven't, but I like your idea. However, if this is possible via applet parameters, I would be very disappointed that 
it hasn't been found/reported already. Or has everyone already given up on Java security? ;)

Mitja



On Jul 8, 2011, at 9:41 PM, Tim <tim-security () sentinelchicken org> wrote:

> Mitja,
>
> A question/suggestion:
>
> Have you guys tried influencing where the .hotspotrc files are loaded
> from by supplying your own System properties (e.g. "user.dir")?  You
> can do this in .jnlp files and probably applet tags as well.  This has
> allowed for JRE RCE in the past.
>
> If there is a way to influence it, then you would have a more solid
> RCE vector.
>
> tim
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/