Oracle versions 9.2.0.0-10.2.0.3 suffer from an unpatched vulnerability which allows users with SELECT only privileges on a base table to insert/update/ delete data via a specially crafted view.
52fce6051885e4c90f88131ef99b44526f5d4aaf91684d6e8bede57d2e41a144