diff --git a/jdk/src/share/classes/com/sun/jmx/mbeanserver/MBeanInstantiator.java b/jdk/src/share/classes/com/sun/jmx/mbeanserver/MBeanInstantiator.java
index ab62660be49..1adb4dd9373 100644
--- a/jdk/src/share/classes/com/sun/jmx/mbeanserver/MBeanInstantiator.java
+++ b/jdk/src/share/classes/com/sun/jmx/mbeanserver/MBeanInstantiator.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,6 +32,7 @@ import java.io.IOException;
 import java.io.ObjectInputStream;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Modifier;
 import java.security.Permission;
 import java.util.Map;
 import java.util.logging.Level;
@@ -213,7 +214,6 @@ public class MBeanInstantiator {
 
         Object moi;
 
-
         // ------------------------------
         // ------------------------------
         Constructor<?> cons = findConstructor(theClass, null);
@@ -224,6 +224,7 @@ public class MBeanInstantiator {
         // Instantiate the new object
         try {
             ReflectUtil.checkPackageAccess(theClass);
+            ensureClassAccess(theClass);
             moi= cons.newInstance();
         } catch (InvocationTargetException e) {
             // Wrap the exception.
@@ -270,7 +271,6 @@ public class MBeanInstantiator {
         checkMBeanPermission(theClass, null, null, "instantiate");
 
         // Instantiate the new object
-
         // ------------------------------
         // ------------------------------
         final Class<?>[] tab;
@@ -300,6 +300,7 @@ public class MBeanInstantiator {
         }
         try {
             ReflectUtil.checkPackageAccess(theClass);
+            ensureClassAccess(theClass);
             moi = cons.newInstance(params);
         }
         catch (NoSuchMethodError error) {
@@ -741,4 +742,13 @@ public class MBeanInstantiator {
             sm.checkPermission(perm);
         }
     }
+
+    private static void ensureClassAccess(Class clazz)
+            throws IllegalAccessException
+    {
+        int mod = clazz.getModifiers();
+        if (!Modifier.isPublic(mod)) {
+            throw new IllegalAccessException("Class is not public and can't be instantiated");
+        }
+    }
 }