The Byte Code Verifier (BCV) is one of the most important security element in the Java Card environment. Indeed, embedded applets must be verified prior installation to prevent ill-formed applet loading. In this article, we disclose a flaw in the Oracle BCV which affects the applet linking process and can be exploited on real world Java Card smartcards. We describe our exploitation of this flaw on a Java Card implementation that enables injecting and executing arbitrary native malicious code in the communication buffer from a verified applet. This native execution allows snapshotting the smart card memory with OS rights.