Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Binary Planting Goes "Any File Type"

From: Mitja Kolsek <mitja.kolsek () acrossecurity com>
Date: Sat, 9 Jul 2011 10:15:06 +0200
Tim,

We haven't, but I like your idea. However, if this is possible via applet parameters, I would be very disappointed that 
it hasn't been found/reported already. Or has everyone already given up on Java security? ;)

Mitja



On Jul 8, 2011, at 9:41 PM, Tim <tim-security () sentinelchicken org> wrote:


Mitja,

A question/suggestion:

Have you guys tried influencing where the .hotspotrc files are loaded
from by supplying your own System properties (e.g. "user.dir")?  You
can do this in .jnlp files and probably applet tags as well.  This has
allowed for JRE RCE in the past.

If there is a way to influence it, then you would have a more solid
RCE vector.

tim



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: