Oracle DB Server 9/10 - Proof-of-concept Exploit published
A new proof-of-concept exploit has been published which could be turned into a more harmful attack by malicious individuals.
Advisory ID : FrSIRT/ADV-2006-0243
CVE ID : CVE-2006-0272
Rated as : High Risk
The exploit code can be viewed at FrSIRT's site as noted below Please only view the source code if interested and do not test with it:
2006-01-26 : Oracle Database Server 9i/10g XML Database Component Buffer Overflow Exploit