Like Dave says, print out the actual SQL your Java code is trying to execute. Right now you do not know what is in the string that is being sent to the database, so you don't know what is causing the problem.
When you have the actual SQL string that is being sent to the database, execute that SQL directly via your SQL*Plus or SQL Developer client.
If you do not have a proper SQL client (e.g. SQL*Plus, SQL Developer, etc) then you do not have the tools to do your job properly, so install one ASAP and start using it to test your SQL before you put it into your Java code.
Incidentally, you don't need single-quotes around your values if they are numbers.
Finally, do not build SQL strings like this, but use prepared statements instead - see the Oracle JDBC docs.
No more Blub for me, thank you, Vicar.
Your mind is under my control .... your will is now mine .... read this tiny ad
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop