CVE-2012-4684

The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote attackers to cause a denial of service (resource consumption) via a valid modified signature for a circulating alert.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://bitcointalk.org/index.php?topic=148109.0
https://bitcointalk.org/index.php?topic=8392.0
https://en.bitcoin.it/wiki/CVE-2012-4684
https://en.bitcoin.it/wiki/CVEs
https://bitcointalk.org/index.php?topic=148109.0
https://bitcointalk.org/index.php?topic=8392.0
https://en.bitcoin.it/wiki/CVE-2012-4684
https://en.bitcoin.it/wiki/CVEs

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:bitcoin:bitcoin-qt:0.6.3:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.3.4:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.3.5:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.3.8:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.3.10:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.3.11:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.3.12:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.4.0:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.4.1:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.4.1:rc6::::::
	cpe:2.3:a:bitcoin:bitcoin_core:0.4.2:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.4.3:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.4.4:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.4.4:rc2::::::
	cpe:2.3:a:bitcoin:bitcoin_core:0.4.5:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.4.6:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.4.7:rc2::::::
	cpe:2.3:a:bitcoin:bitcoin_core:0.5.0:rc::::::
	cpe:2.3:a:bitcoin:bitcoin_core:0.5.3:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.5.3.1:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.5.4:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.5.5:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.5.6:rc2::::::
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.1:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.2:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.3:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.4:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.5:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.6:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.7:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.8:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.1:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.2:::::::*
	cpe:2.3:a:bitcoin:bitcoind:0.6.3:::::::*
	cpe:2.3:a:bitcoin:wxbitcoin:0.3.4:::::::*
	cpe:2.3:a:bitcoin:wxbitcoin:0.3.5:::::::*
	cpe:2.3:a:bitcoin:wxbitcoin:0.3.8:::::::*
	cpe:2.3:a:bitcoin:wxbitcoin:0.3.10:::::::*
	cpe:2.3:a:bitcoin:wxbitcoin:0.3.11:::::::*
	cpe:2.3:a:bitcoin:wxbitcoin:0.4.0:::::::*
	cpe:2.3:a:bitcoin:wxbitcoin:0.4.1:::::::*
	cpe:2.3:a:bitcoin:wxbitcoin:0.4.1:rc6::::::
	cpe:2.3:a:bitcoin:wxbitcoin:0.5.0:rc::::::

History

21 Nov 2024, 01:43

Type	Values Removed	Values Added
References	~~() https://bitcointalk.org/index.php?topic=148109.0 -~~	() https://bitcointalk.org/index.php?topic=148109.0 -
References	~~() https://bitcointalk.org/index.php?topic=8392.0 -~~	() https://bitcointalk.org/index.php?topic=8392.0 -
References	~~() https://en.bitcoin.it/wiki/CVE-2012-4684 -~~	() https://en.bitcoin.it/wiki/CVE-2012-4684 -
References	~~() https://en.bitcoin.it/wiki/CVEs -~~	() https://en.bitcoin.it/wiki/CVEs -

Information

Published : 2013-03-12 11:28

Updated : 2024-11-21 01:43

NVD link : CVE-2012-4684

Mitre link : CVE-2012-4684

CVE.ORG link : CVE-2012-4684

JSON object : View

Products Affected

bitcoin

bitcoin_core
wxbitcoin
bitcoin-qt
bitcoind

CWE

CWE-399

Resource Management Errors

7.8 /10