ID CVE-2009-1672
Type cve
Reporter NVD
Modified 2017-09-28T21:34:30


The Deployment Toolkit ActiveX control in deploytk.dll in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method.