Oracle Java Rhino Script Engine Remote Code Execution Exploit

The Rhino Script Engine of Oracle Java fails to properly check for permissions on JavaScript error objects. This flaw allows an unprivileged applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2011-3544
Product Version: 
12.0
Released Date: 
Thursday, November 10, 2011 - 00:00