This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
The remote Unix host has an application that is affected by a security
According to its version number, the Sun Java Runtime Environment (JRE)
installed on the remote host reportedly allows processing of external
entity references even when the 'external general entities' property is
set to 'FALSE'. This could allow an application to access certain URL
resources, such as files or web pages, or to launch a denial of service
attack against the system.
Note that successful exploitation requires that specially crafted XML
data be processed by a trusted application rather than by an untrusted
applet or Java Web Start application.
See also :
Upgrade to Sun JDK and JRE 6 Update 4 or later.
Risk factor :
Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.0
Public Exploit Available : false