The host is installed with Oracle Java SE 5.0 before Update 20 or 6 before Update 15 and is prone to security bypass vulnerability. A flaw is present in the applications, which fails to properly handle unspecified vectors, related to a declaration that lacks the final keyword. Successful exploitation allows remote attackers to bypass intended access restrictions.