CVE-2011-4447

Name of the Vulnerable Software and Affected Versions bitcoind versions 0.4.0 through 0.4.1 bitcoind version 0.5.0rc wxBitcoin (affected versions not specified)

Description The issue arises from the improper interaction between the "encrypt wallet" feature and the deletion functionality of BSDDB. This allows attackers to obtain unencrypted private keys from Bitcoin wallet files by bypassing the BSDDB interface and reading entries marked for deletion.

Recommendations For bitcoind versions 0.4.0 through 0.4.1, update to version 0.4.1 or later to resolve the issue. For bitcoind version 0.5.0rc, update to a newer version to mitigate the risk. For wxBitcoin, at the moment, there is no information about a newer version that contains a fix for this vulnerability.