You are mistaken about the JVM's complexity leading to vulnerabilities. Hardly any vulnerabilities ever have been caused by bugs in the JVM itself. They are usually caused by bugs in JNI code or fringe issues like security policies and configuration.
JVM's primary strength isn't actually in providing a sandbox for untrusted code - it is in allowing trusted code to run securely so that bugs in the trusted code do not lead to vulnerabilities.
You need to have a secure trusted API that you provide to the untrusted code you load from the Internet. If that API is implemented in C, it will _never_ be secure.
Similarly, while I do like the concept of a OS-level application sandbox (seccomp or other means), it doesn't solve the problem. Firstly, it is very inconvenient and costly, and secondly, at least in Chrome's case, the secure API available to it are still implemented in C. I prefer the approach taken by NaCl.