Java Deployment with JNLP and WebStart Mauro Marinilli
Publisher: Sams
Java Web Start is a technology for deploying and updating desktop Java applications easily from a web server. Reports indicate this vulnerability is being actively exploited, and exploit code is publicly available. Java.Deployment.with.JNLP.and.WebStart.pdf. Java Deployment with JNLP and WebStart Publisher: Sams | ISBN: 0672321823 | edition 2001 | PDF | 512 pages | 2,4 mb Java Deployment takes a very practical approach to the topic of deploying Java applications. By convincing a user to load a malicious Java applet or Java Network Launching Protocol (JNLP) file, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process. We periodically put a application Jar up, update the JNLP to point to it, and our users get the new version running on their PC without a re-install process. Java Web Start (JWS) is a one-click deployment solution for Java applications on the desktop. It's much In fact, with the right JNLP, you can turn any existing applet into a JWS app without any modifications. To deploy a processing sketch via java webstart export the sketch as an application (i used my randomlines sketch and exported it as a linux application). The Java Deployment Toolkit plug-in and Java Web Start can also be used as attack vectors. Java Deployment with JNLP and WebStart. Then i wrote a simple jnlp file and copied the files to my webserver. Java Web Start doesn't work for a large number of users. Further technical details are available in Vulnerability Impact.