← back
CVE-2009-1672

CVE-2009-1672

EPSS 9.6%
The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/8665unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/50629https://www.exploit-db.com/exploits/8665http://www.securityfocus.com/bid/34931http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.html