The host is installed with Oracle Java SE 6 before Update 15 or 5 before Update 20 and is prone to integer overflow vulnerability. A flaw is present in the applications, which fails to properly handle unspecified length fields. Successful exploitation allows context-dependent attackers to execute arbitrary code .