Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1671

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-1671
Last Modified 19 May 2009 12:00:00
Published 18 May 2009 02:30:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-1671

Summary

Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allow remote attackers to execute arbitrary code via a long string argument to the (1) setInstallerType, (2) setAdditionalPackages, (3) compareVersion, (4) getStaticCLSID, or (5) launch method.

Vulnerable Systems

Application

  • Sun Jre 6


References

MISC - http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.html

BID - 34931

MILW0RM - 8665


Last Updated: 27 May 2016 10:50:38