Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SET_LABEL, or SQL*Predicate is being used, allows local users to gain additional access.
http://www.securityfocus.com/bid/3465
http://www.iss.net/security_center/static/7344.php