A vulnerability in Java Plugin allows an attacker to create an Applet which can disable Java's security restrictions and break out of the Java sandbox. The attack can be launched when a victim views a web page created by the attacker. Further user interaction is not required as Java Applets are normally loaded and started automatically. Versions affected are below 1.4.2_06.
3fc1aebf9c24ebd6d4a7590deec5c1bd21fa4d2e6d42b587ee39c12de45f3036