CVE-2009-1671
Last modified
CVE-2009-1671 is a vulnerability of currently unknown severity. Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allow remote attackers to execute arbitrary code via a long string argument to the (1) setInstallerType, (2) setAdditionalPackages, (3) compareVersion, (4) getStaticCLSID, or (5) launch method.. EPSS estimates a 10.34% chance of exploitation in the next 30 days.
Description
Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allow remote attackers to execute arbitrary code via a long string argument to the (1) setInstallerType, (2) setAdditionalPackages, (3) compareVersion, (4) getStaticCLSID, or (5) launch method.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Sun | Jre | 6 | Update 13 |
References
- http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.htmlExploit, URL Repurposed
- http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.htmlExploit, URL Repurposed
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-1671?
How severe is CVE-2009-1671?
How do I fix CVE-2009-1671?
Are you affected by CVE-2009-1671?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST