The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.

Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.