Sun Java Web Start JNLP File Handling Overflow (102996)
Medium Nessus Plugin ID 25693
The remote Windows host has an application that may be prone to a buffer overflow attack.
There is reportedly a buffer overflow in the Java Web Start utility distributed with the version of Sun Java Runtime Environment (JRE) installed on the remote host. If an attacker can convince a user on the affected host to open a specially crafted JNLP file, arbitrary code could be executed subject to the user's privileges.
Upgrade to Sun Java JDK and JRE 6 Update 2 / JDK and JRE 5.0 Update 12 or later and remove, if necessary, any affected versions.