Scary Oracle Numbers,1217,a=160368,00.asp

On Security, Is Oracle the Next Microsoft?
September 16, 2005
By Paul F. Roberts

While [Oracle CSO Mary Ann Davidson] acknowledges that some of the criticism from Litchfield and others is valid, outsiders aren’t privy to the 75 percent of product holes that Oracle discovers and fixes internally.

OSVDB has listings for roughly 330 Oracle vulnerabilities. If we take Davidson’s comment at face value and believe the number isn’t inflated, that means those 330 represent 25% of the vulnerabilities in their products. So according to Oracle, they have over 1,300 vulnerabilities in their products that they know of.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: