The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces "repeating" return values, which might allow attackers to defeat protection mechanisms based on randomization by predicting a value.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-12-16T18:00:00Z
Updated: 2024-09-16T19:19:15.990Z
Reserved: 2009-12-16T00:00:00Z
Link: CVE-2009-4326
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2009-12-16T18:30:00.377
Modified: 2010-06-29T04:00:00.000
Link: CVE-2009-4326
Redhat
No data.