Java security sandbox tricked into granting full computer access to Applet:
A Java applet, code-signed to only run in the Java security sandbox, and run on one very particular web site -- can be repurposed and run with all-permissions from the local file system.