VYPR
Unrated severityNVD Advisory· Published Dec 16, 2009· Updated Jun 16, 2026

CVE-2009-4326

CVE-2009-4326

Description

The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces "repeating" return values, which might allow attackers to defeat protection mechanisms based on randomization by predicting a value.

Affected products

9
  • IBM/Db29 versions
    cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*
    • (no CPE)range: 9.5 < FP5, 9.7 < FP1

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.