Trailrunner7 writes "There is a serious vulnerability in Java that makes all current browsers vulnerable to simple Web-based attacks that could lead to a complete compromise of the affected system. Two separate researchers released information on the vulnerability on Friday, saying that it has been present in Java for years. The problem lies in the Java Web Start framework, a technology that Sun Microsystems developed to enable the simplified deployment of Java applications. In essence, the JavaWS technology fails to validate parameters passed to it from the command line, and attackers can control those parameters using specific HTML tags on a Web page, researcher Ruben Santamarta said in an advisory posted Friday morning."pa href="http://www.facebook.com/sharer.php?u=http%3A%2F%2Fdevelopers.slashdot.org% 2Fstory%2F10%2F04%2F09%2F2017232%2FSerious-New-Java-Flaw-Affects-All-Browsers" target="_blank" title="Share on Facebook"img src="http://a.fsdn.com/sd/facebook_icon_large.png"/a a href="http://twitter.com/home?status=Serious+New+Java+Flaw+Affects+All+Brow sers%3A+http%3A%2F%2Fbit.ly%2FcdAUee" target="_blank" title="Share on Twitter"img src="http://a.fsdn.com/sd/twitter_icon_large.png"/a/ppa href="http://developers.slashdot.org/story/10/04/09/2017232/Serious-New-Java-Flaw-Affects-All-Browsers?from=rss"Read more of this story/a at Slashdot./p pa href="http://feedads.g.doubleclick.net/~at/rS10CdQzdLkwDUW30t9FzVgVpi8/0/da"img src="http://feedads.g.doubleclick.net/~at/rS10CdQzdLkwDUW30t9FzVgVpi8/0/di" border="0" ismap="true"/img/abr/ a href="http://feedads.g.doubleclick.net/~at/rS10CdQzdLkwDUW30t9FzVgVpi8/1/da"img src="http://feedads.g.doubleclick.net/~at/rS10CdQzdLkwDUW30t9FzVgVpi8/1/di" border="0" ismap="true"/img/a/pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotDevelopers/~4/fdBAHyEhyZ0" height="1" width="1"/
More...