Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name.
https://exchange.xforce.ibmcloud.com/vulnerabilities/12721
http://www.securityfocus.com/bid/8267
http://www.kb.cert.org/vuls/id/936868
http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf
http://marc.info/?l=ntbugtraq&m=105915485303327&w=2
http://marc.info/?l=bugtraq&m=105916455814904&w=2
http://marc.info/?l=bugtraq&m=105914979629857&w=2
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0105.html