Oracle Database Server Vulnerability - CVE-2006-1874

Unspecified vulnerability in Oracle Database Server 8.1.7.4 9.0.1.5 and 9.2.0.6 has unknown impact and attack vectors in the Oracle Spatial component aka Vuln DB09. NOTE: Oracle has not disputed reliable claims that this issue is SQL injection in MDSYS.PRVT_IDX using the (1) EXECUTE_INSERT (2) EXECUTE_DELETE (3) EXECUTE_UPDATE (4) EXECUTE UPDATE and (5) CRT_DUMMY functions.