A potential security vulnerability has been discovered in the "oracle" and "oracleO" (the letter O) binaries in the Oracle Database Server. This buffer overflow may allow a malicious local user to run code of their choice on the server machine.
Oracle 9i Database Release 2, Version 9.2.x
Oracle 9i Database Release 1, Version 9.0.x
Oracle 8i Database Release 8.1.x
All supported UNIX and Linux operating system variants.
The article continues at http://otn.oracle.com/deploy/security/pdf/2003Alert59.pdf