This module exploits a stack-based buffer overflow vulnerability in Java Web Start (javaws.exe), a program installed with the Java Runtime Environment responsible for managing Java applications. The exploit is triggered when a user downloads a specially crafted JNLP file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
CVE Link
Exploit Platform
Exploit Type
Product Name