Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote malicious users to cause a denial of service via a long HTTP GET request.
oracle http server 2.1