source:
http://blog.hanmir.com/sedere/244813
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert
http://lsd-pl.net/java_security.html

Following code snippet is the excerpt from JDK 1.4.1_03 or earlier.

public synchronized Class loadClass(String s, boolean flag)
throws ClassNotFoundException
{
   int i = s.lastIndexOf('.');
   if(i != -1)
   {
      SecurityManager securitymanager = 
          System.getSecurityManager();
      if(securitymanager != null)
         securitymanager.checkPackageAccess(s.substring(0, i));
   }
   return super.loadClass(s, flag);
}

This code is vulnerable cuz it simply checks the existence of package using ‘.’; however, you can designate the name of package using ‘/’.

In this manner, you can escape the limitation of sandbox security model. If you are at intermediate level or higher in JAVA, you will understand what this means. Attacks can not be done only if the client installed new version of JVM; however, such a possibility is very low. I hope you do not exploit this vulerality.