PT-2013-3634 · Bitcoin · Bitcoin-Qt+1
Publicado
2013-03-12
·
Atualizado
2020-03-18
·
CVE-2013-2273
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
bitcoind and Bitcoin-Qt versions 0.4.9rc1 and earlier, 0.5.x versions prior to 0.5.8rc1, 0.6.0 versions prior to 0.6.0.11rc1, 0.6.1 through 0.6.5 versions prior to 0.6.5rc1, 0.7.x versions prior to 0.7.3rc1
Description
The issue makes it easier for remote attackers to obtain potentially sensitive information about returned change by leveraging certain predictability in the outputs of a Bitcoin transaction.
Recommendations
For bitcoind and Bitcoin-Qt versions 0.4.9rc1 and earlier, update to version 0.4.9rc1 or later.
For 0.5.x versions prior to 0.5.8rc1, update to version 0.5.8rc1 or later.
For 0.6.0 versions prior to 0.6.0.11rc1, update to version 0.6.0.11rc1 or later.
For 0.6.1 through 0.6.5 versions prior to 0.6.5rc1, update to version 0.6.5rc1 or later.
For 0.7.x versions prior to 0.7.3rc1, update to version 0.7.3rc1 or later.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Bitcoin-Qt
Bitcoind