Because of the programmable nature of the Oracle RDBMS, you can see that once the system has been compromised it becomes a powerful tool in the hands of an attacker. With a little bit of knowledge of programming Java and PL/SQL, the attacker's activities are not just limited to the RDBMS itselfhe can program his way out to the OS and onto the rest of the network.