Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-1672
HistoryMay 18, 2009 - 6:30 p.m.

CVE-2009-1672

2009-05-1818:30:01
CWE-119
[email protected]
web.nvd.nist.gov
3

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.018

Percentile

88.1%

JSON

The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method.

Affected configurations

Nvd
Node
sunjreMatch6update_13
VendorProductVersionCPE
sunjre6cpe:2.3:a:sun:jre:6:update_13:*:*:*:*:*:*

Related

cvelist 1
prion 1
cve 1
openvas 2
exploitdb 1
cvelist
cvelist
CVE-2009-1672
2009-05-18 18:00:00
prion
prion
Security feature bypass
2009-05-18 18:30:00
cve
cve
CVE-2009-1672
2009-05-18 18:30:01
openvas
openvas
Java JRE deploytk.dll ActiveX Control Multiple BOF Vulnerabilities
2009-05-22 00:00:00
Java JRE deploytk.dll ActiveX Control Multiple BOF Vulnerabilities
2009-05-22 00:00:00
exploitdb
exploitdb
Java SE Runtime Environment JRE 6 Update 13 - Multiple Vulnerabilities
2009-05-13 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.018

Percentile

88.1%

JSON
Related for NVD:CVE-2009-1672
cvelist1prion1cve1openvas2exploitdb1