For block ciphers, a chosen ciphertext attack is no better than a chosen plaintext attack and harder to mount in practice. For a self-synchronizing stream cipher, a chosen ciphertext attack can be useful as the key used to encipher each byte depends on the previous ciphertext. It is possible to use a chosen ciphertext attack to get an arbitrary message signed with RSA, if messages are signed without hashing.
An adaptive chosen ciphertext attack sends a large number of ciphertexts to be decrypted, using the results of these decryptions to select subsequent ciphertexts, and gradually reveal information about an encrypted message, or about the encryption key itself. These attacks can be mounted against various public-key schemes, including RSA. They can be prevented through the correct use of hashing and redundancy checks.