The host is installed with Sun JDK or JRE 6 Update 10 or earlier, 5.0 Update 16 or earlier or 1.4.2_18 or earlier and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle untrusted applications and applets. Successful exploitation could allow attackers to list the contents of the operating user's directory via unknown vectors.