[From Oracle Technology Network
A potential security vulnerability has been discovered in Oracle9i Application Server and Oracle9i
Database Server. The vulnerability involves the processing of SOAP (Simple Object Access
Protocol) messages whose XML contains carefully constructed Data Type Definitions (DTDs).
Note that SOAP is the basis of Web Services that are therefore also affected.
The article continues at