The host is installed with Oracle Java SE 5 before Update 20 or 6 before Update 15 and is prone to security bypass vulnerability. A flaw is present in the applications, which fails to properly handle an untrusted (1) applet or (2) application. Successful exploitation allows context-dependent attackers to obtain sensitive information.