Lucene search

K

MitreCVELIST:CVE-2009-4326

HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-4326

2022-10-0316:24:04

mitre

www.cve.org

ibm db2

rand function

vulnerability

common code infrastructure

database partitioning feature

prediction

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.4%

The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces “repeating” return values, which might allow attackers to defeat protection mechanisms based on randomization by predicting a value.

References

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT

secunia.com/advisories/37759

www-01.ibm.com/support/docview.wss?uid=swg1IC63946

www-01.ibm.com/support/docview.wss?uid=swg1IZ44872

www-01.ibm.com/support/docview.wss?uid=swg21293566

www-01.ibm.com/support/docview.wss?uid=swg21412902

www.securityfocus.com/bid/37332

www.vupen.com/english/advisories/2009/3520

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.4%

Related for CVELIST:CVE-2009-4326

nvd1 cve1 prion1 openvas4 nessus1