With exploit code in circulation and no patch available for a buffer-overflow bug, Oracle Corp.’s flagship database software is open to attack, security researchers said today. The vulnerability was ...