Oracle Application Server PL/SQL Module Format String Vulnerability

info
discussion
exploit
solution
references

Oracle Application Server PL/SQL Module Format String Vulnerability

Application Server is a commercially available web application development package distributed by Oracle.

A format string vulnerability has been discovered in the Application Server. This problem may allow an attacker to write data to arbitrary addresses in memory, and potentially execute arbitrary code.