Oracle CSO Mary Ann Davidson said in a blog post that reverse engineering violates Oracle s license agreement. She also said that the company has no need for researchers to look at Oracle’s code for vulnerabilities. The post was removed early Tuesday morning and is still available in an archived form. Davidson has spoken out in the past about not having much use for external researchers, and in the deleted post she said that virtually all of the vulnerabilities found in Oracle products are found internally, so rewarding outside researchers with credit or bug bounties is pointless.
Source: https://threatpost.com/oracle-cso-you-must-not-reverse-engineer-our-code/114220/