These bugs can potentially be used to steal confidential data from the machine and intranet, misuse system resources, prevent useful operation of the machine, assist further attacks, and many other malicious activities.
In severe cases local programs may be executed or Java security disabled. Such bugs can inadvertently open the very holes that the security architecture was designed to contain. While the Java security architecture can in many cases help to protect users and systems from hostile or misbehaving code, it cannot defend against implementation bugs that occur in trusted code. Java comes with its own unique set of security challenges. One of the main design considerations for the Java platform is to provide a restricted environment for executing code with different permission levels.
