CVE-2009-1672

2009-05-18T14:30:01
ID CVE-2009-1672
Type cve
Reporter NVD
Modified 2017-09-28T21:34:30

Description

The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method.