I have read a few articles about researchers being able to use flash or java vulnerability to bypass web browsers sandbox and hack a system. Can someone explain how such attacks work?
Here is an example article Chrome Sandbox Cracker (2011). If question seems broad, explaining only how one would achieve this will be enough for me to start with.