[From Oracle Technology Network
A set of potential buffer overflows has been discovered in the XML Database (XDB)
functionality of the Oracle9i Database Release 2. A knowledgeable and malicious user
can exploit these buffer overflows to cause a Denial of Service (DoS) attack against
and/or capture an active user session of the Oracle9i Database Server.
- Oracle9i Database Release 2
Oracle9i Database Release 1 and earlier versions are not affected.
The article continues at