On 8/20/2017 3:55 AM, Simon Clubley wrote:
> On 2017-08-19, Arne Vajhøj <
ar...@vajhoej.dk> wrote:
>> It is calling thousands of methods in the Java runtime.
>>
>> But I must admit that I have some difficulty understanding
>> what type of vulnerability you are thinking about.
>>
>> Are you worried that the code handling file open for read
>> with some bad characters in the filename instead will delete
>> the file?
>>
>
> That's the kind of thing I am thinking of, although it would be
> unlikely to delete the file unless you were able to inject a rm
> shell command (for example).
>
> The basic idea is that malformed input (or a malformed access sequence)
> is passed from the outside world directly into a Java method and the
> Java method doesn't handle it correctly.
>
> Although I agree that it's much more likely in an applet environment,
> problems with malformed input exist in all environments, including
> in VMS - and sometimes exist in surprising areas.