Researchers have found a security hole in Oracle's 8i database program that could let an outside attacker take over the software and--in the case of a Windows computer--the entire system.
Researchers at Covert Labs, part of Network Associates' PGP Security group, discovered the vulnerability and ranked its risk as "high." Oracle has acknowledged the problem, fixed it in the newest 9i version of its software and issued a patch for the earlier releases.
The following is from the Oracle Metalink website concerning the 8i patch for Solaris:
This patch is obsolete. Please see the reason stated below. If a replacement patch is not mentioned, contact Oracle Support for help.
Reason for Obsolescence
This patch is being withdrawn because of a regression of bug 1654631 which is fixed as bug 1814117 . The patch will be made available again with the new fix included as soon as possible.