1. Home
  2. CVE Database
  3. CVE-2009-4326
MEDIUM · 4.3

CVE-2009-4326

The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces "repeating" return val...

Vulnerability Description

The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces "repeating" return values, which might allow attackers to defeat protection mechanisms based on randomization by predicting a value.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IbmDb29.5

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2009-4326?

CVE-2009-4326 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces "repeating" return val...

How severe is CVE-2009-4326?

CVE-2009-4326 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-4326?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2.