Using Oracle Forensics to determine vulnerability to Zero Day exploits

The aim of this paper is to explain the threat of PLSQL injection on Oracle databases and show how principles from the world of computer forensics can be transferred to Oracle in order to deduce vulnerability to past and future exploits with a high level of certainty. This paper will enable the reader to assess the effects of applying an oracle security patch (CPU), and identify windows of past vulnerability that can be usefully correlated with archived audit logs in order to locate previous attacks.