Unrated severityNVD Advisory· Published May 18, 2009· Updated Jun 16, 2026
CVE-2009-1672
CVE-2009-1672
Description
The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:sun:jre:6:update_13:*:*:*:*:*:*
- Range: =6 Update 13 (deploytk.dll 6.0.130.3)
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.