First published: Mon May 18 2009(Updated: )
The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sun JRE | =6-update_13 | |
=6-update_13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.