Although Oracle 9 was proven not to be Unbreakable as their marketing campaign claimed, the product had passed fourteen independent security evaluations, demonstrating Oracles commitment to producing a secure product.
In this paper we aim to bring Oracle customers to the secure environment they were promised by examining the ways that an attacker can break into an Oracle-based site and gain control of the web front end and from the the database server. For each attack the paper will also provide the defence against it.