A flaw exist in Java 'performSSVValidation' method that if combined with JNLP will allow to launch an unsigned Java applet bypassing Security Warning pop-up window. There is undocumented parameter the flawed method accepts and if set to 'true' will instruct Java not to perform applet's signature check.
Sample of specially crafted JNLP file:
<resources> tag contains the name of the JAR file to launch followed by 'applet-desc' pointing at the class file to start the execution with. Setting parameter '__applet_ssv_validated' to 'true' allows for Security Warning window bypass.
This flaw is fixed with Java 1.7.21 update.