CVE-2009-4326 Information

Feb 14, 2021 cve

Description

The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1 when the Database Partitioning Feature (DPF) is used produces \repeating\ return values which might allow attackers to defeat protection mechanisms based on randomization by predicting a value.

Reference

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT http://secunia.com/advisories/37759 http://www.securityfocus.com/bid/37332 http://www.vupen.com/english/advisories/2009/3520 http://www-01.ibm.com/support/docview.wss?uid=swg1IC63946 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ44872 http://www-01.ibm.com/support/docview.wss?uid=swg21293566 http://www-01.ibm.com/support/docview.wss?uid=swg21412902

Share on: