The host is installed with Oracle Java JDK and JRE 6 Update 6 or earlier, 5.0 Update 15 or earlier and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors involving processing of XML data by an untrusted application or applet. Successful exploitation could allow attackers to access URLs via unknown vectors.