This module exploits a flaw in the Web Start component of the Sun Java
Runtime Environment. Parameters initial-heap-size and max-heap-size in a JNLP
file can contain a double quote which is not properly sanitized when creating
the command line for javaw.exe. This allows the injection of the -XXaltjvm
option to load a jvm.dll from a remote UNC path into the java process. Thus
an attacker can execute arbitrary code in the context of a browser user.
This flaw was fixed in Oct. 2012 and affects JRE <= 1.6.35 and <= 1.7.07.
In order for this module to work, it must be run as root on a server that
does not serve SMB (In most cases, this means non-Windows hosts). Additionally,
the target host must have the WebClient service (WebDAV Mini-Redirector) enabled.
Alternatively, a UNC path containing a jvm.dll can be specified, bypassing
the Windows limitation for the Metasploit host.