The host is installed with JRE or JDK 6 Update 4 or earlier, 5.0 Update 14 or earlier or 1.4.2_16 or earlier and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle unknown vectors related to XSLT transforms. Successful exploitation could allow attackers to cause a denial of service (JRE crash).