CVE-2009-1672

Metadata

CVE-2009-1672
9.3
securityfocus.com, shinnai.net, exchange.xforce.ibmcloud.com, exploit-db.com
2009-05-18
2017-09-29 06:09

Description

The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method.

Related Vulnerabilities