The host is installed with Oracle Java JDK and JRE 6 before Update 4, 5.0 before Update 16, 1.4.x before 1.4.2_18 and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle an untrusted application. Successful exploitation could allow context-dependent attackers to gain privileges via an untrusted application.