CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-1671

Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allow remote attackers to execute arbitrary code via a long string argument to the (1) setInstallerType, (2) setAdditionalPackages, (3) compareVersion, (4) getStaticCLSID, or (5) launch method.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.067

EPSS Ranking 90.9%

CVSS Severity

CVSS v2 Score 9.3

References

http://www.securityfocus.com/bid/34931
http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.html
https://www.exploit-db.com/exploits/8665
http://www.securityfocus.com/bid/34931
http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.html
https://www.exploit-db.com/exploits/8665

Products affected by CVE-2009-1671

Sun » Jre » Version: 6

cpe:2.3:a:sun:jre:6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-1671

Products

Pricing

Contact Us