Jouko Pynnönen has discovered an argument injection vulnerability in Java Web Start. I’ve just created a new Blackdown security advisory about this problem. Note that our current releases are not affected.
New Blackdown Security Advisory
This article Jürgen Kreileder is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.
Permissions beyond the scope of this license may be available at https://blog.blackdown.de/contact/.