The host is installed with Apple Mac OS X or Apple Mac OS X Server 10.6.8, 10.7 through 10.7.5, or 10.8 before 10.8.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow a Java Web Start application to be launched automatically even if the Java plug-in is disabled