Hello all, I’ve noted a weakness in the way DBMS_XMLGEN generates context handles. Due to this weakness it may be possible to gain access to sensitive data using a snarfing attack. Of course, this is totally dependent upon the application in question. You can get the paper here: http://www.davidlitchfield.com/Snarfing_attacks_in_DBMS_XMLGEN_Applications.pdf Cheers! David