The host is installed with Oracle Java SE 5.0 before update 22, 6 before update 17, 1.3.x before 1.3.1_27 or 1.4.x before 1.4.2_24 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the applications, which does not properly handle a long file: URL in an argument. Successful exploitation allows remote attackers to execute arbitrary code.