eWeek - Critical Flaw Uncovered in Oracle E-Business Suite, Applications

"The vulnerabilities were uncovered by Stephen Kost from the security firm Integrigy Corp. An alert put out by Integrigy last week described the flaw as being exploitable by a remote user who can send a specially crafted URL to a Web server via a browser."

The link address is: http://www.eweek.com/article2/0,,1609275,00.asp