Lucene search

K

MitreCVELIST:CVE-2009-4326

HistoryDec 16, 2009 - 6:00 p.m.

CVE-2009-4326

2009-12-1618:00:00

mitre

www.cve.org

2

ibm db2

rand function

vulnerability

common code infrastructure

database partitioning feature

prediction

AI Score

6.3

Confidence

Low

EPSS

0.005

Percentile

76.7%

The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces “repeating” return values, which might allow attackers to defeat protection mechanisms based on randomization by predicting a value.

References

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT

secunia.com/advisories/37759

www-01.ibm.com/support/docview.wss?uid=swg1IC63946

www-01.ibm.com/support/docview.wss?uid=swg1IZ44872

www-01.ibm.com/support/docview.wss?uid=swg21293566

www-01.ibm.com/support/docview.wss?uid=swg21412902

www.securityfocus.com/bid/37332

www.vupen.com/english/advisories/2009/3520

AI Score

6.3

Confidence

Low

EPSS

0.005

Percentile

76.7%

Related for CVELIST:CVE-2009-4326

prion1 cve1 nvd1 openvas4 nessus1