CVE-2009-4326
N/A
N/A
Summary
The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces "repeating" return values, which might allow attackers to defeat protection mechanisms based on randomization by predicting a value.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC63946
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
- http://www-01.ibm.com/support/docview.wss?uid=swg21293566
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ44872
- http://www.vupen.com/english/advisories/2009/3520
- http://www.securityfocus.com/bid/37332
- http://www-01.ibm.com/support/docview.wss?uid=swg21412902
- http://secunia.com/advisories/37759
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC63946
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
- http://www-01.ibm.com/support/docview.wss?uid=swg21293566
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ44872
- http://www.vupen.com/english/advisories/2009/3520
- http://www.securityfocus.com/bid/37332
- http://www-01.ibm.com/support/docview.wss?uid=swg21412902
- http://secunia.com/advisories/37759
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.