The Java Management Extensions (JMX) management agent in the Sun Java
Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK
and JRE 5.0 Update 15 and earlier suffer from an authorization flaw.
When local monitoring is enabled, JMX may allow a client running on a
remote host to perform unauthorized operations.