The host is installed with Sun Java Runtime Environment JDK or JRE 6 Update 3 or earlier and is prone to a XML External entity attack vulnerability. A flaw is present in the applications, which processes external entity references even when the "external general entities" property is false,. Successful exploitation could allow attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources.