Java is an interpreted language that can run on a variety of platforms, also Java has a number of useful features for network. Due to theses features of Java language, Java is used in various fields. In this paper, we will talk about how the malware that threaten the Java Security Manager of the Java Virtual Machine is using the vulnerability of the Java Virtual Machine. And for corresponding measures, this paper suggest Received (January 15, 2015), Review request(January 16, 2015), Review Result(February 03, 2015) Accepted(February 23, 2015), Published(April 30, 2015) 402-751 Hitech building 407, Dept. Information and Communication Engineering, Inha Univ, Yonghyeon-dong, Nam-gu, Incheon, Korea email: mongsiry013@hanmail.net 402-751 Hitech building 407, Dept. Information and Communication Engineering, Inha Univ, Yonghyeon-dong, Nam-gu, Incheon, Korea email: adolmn@naver.com 402-751 Hitech building 407, Dept. Information and Communication Engineering, Inha Univ, Yonghyeon-dong, Nam-gu, Incheon, Korea email: ycwithyou@naver.com (Corresponding Author)402-751 Hitech building 407, Dept. Information and Communication Engineering, Inha Univ, Yonghyeon-dong, Nam-gu, Incheon, Korea email: kchang@inha.ac.kr * 이 논문은 한국연구재단(NRF-2012R1A1A2006653) 및 인하대학교의 지원을 받아 수행된 기초연구사업임. Constructing Java Vulnerable API List based on Java Access Permission Checking Tree Copyright c 2015 HSST 290 vulnerability analysis method of Java system class by using Java Call Graph and Java Access Permission Checking Tree. By suggesting that, we want to lay groundwork for preventing Java security threats in advance.