CVE-2009-1672
published 2009-05-18CVE-2009-1672: The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1)…
PriorityP354critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
9.64%
94.9th percentile
The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sun | jre | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/34931http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/50629https://www.exploit-db.com/exploits/8665http://www.securityfocus.com/bid/34931http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/50629https://www.exploit-db.com/exploits/8665
2009-05-18
Published