CVE-2006-2505
Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via a reference to a malicious package in the TYPENAME argument in the 1 GETDOMAININDEXTABLES or 2 GETV2DOMAININDEXTABLES function in the DBMSEXPORTEXTENSION package...