It's possible to pass <property name="NAME" value="VALUE"/> with names different from jnlp. and javaws., it allows to leave sandbox.
vulners.com/securityvulns/securityvulns:doc:2642