Unspecified vulnerability in the Oracle Data Pump component in Oracle Database 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
http://www.us-cert.gov/cas/techalerts/TA10-012A.html
http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html