CVE-2013-3220

Name of the Vulnerable Software and Affected Versions bitcoind and Bitcoin-Qt versions prior to 0.4.9rc2 bitcoind and Bitcoin-Qt versions 0.5.x prior to 0.5.8rc2 bitcoind and Bitcoin-Qt versions 0.6.x prior to 0.6.5rc2 bitcoind and Bitcoin-Qt versions 0.7.x prior to 0.7.3rc2 wxBitcoin (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service and enable certain double-spending capabilities via a large block that triggers incorrect Berkeley DB locking, due to improper consideration of whether a block's size could require an excessive number of database locks.

Recommendations For bitcoind and Bitcoin-Qt versions prior to 0.4.9rc2, update to version 0.4.9rc2 or later. For bitcoind and Bitcoin-Qt versions 0.5.x prior to 0.5.8rc2, update to version 0.5.8rc2 or later. For bitcoind and Bitcoin-Qt versions 0.6.x prior to 0.6.5rc2, update to version 0.6.5rc2 or later. For bitcoind and Bitcoin-Qt versions 0.7.x prior to 0.7.3rc2, update to version 0.7.3rc2 or later. For wxBitcoin, at the moment, there is no information about a newer version that contains a fix for this issue.