Slush

**Name of the Vulnerable Software and Affected Versions** bitcoind and Bitcoin-Qt versions 0.8.0 through 0.8.1 **Description** The issue allows remote attackers to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product versions. **Recommendations** For versions 0.8.0 through 0.8.1, update to version 0.8.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** bitcoind and Bitcoin-Qt versions prior to 0.4.9rc2 bitcoind and Bitcoin-Qt versions 0.5.x prior to 0.5.8rc2 bitcoind and Bitcoin-Qt versions 0.6.x prior to 0.6.5rc2 bitcoind and Bitcoin-Qt versions 0.7.x prior to 0.7.3rc2 wxBitcoin (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service and enable certain double-spending capabilities via a large block that triggers incorrect Berkeley DB locking, due to improper consideration of whether a block's size could require an excessive number of database locks. **Recommendations** For bitcoind and Bitcoin-Qt versions prior to 0.4.9rc2, update to version 0.4.9rc2 or later. For bitcoind and Bitcoin-Qt versions 0.5.x prior to 0.5.8rc2, update to version 0.5.8rc2 or later. For bitcoind and Bitcoin-Qt versions 0.6.x prior to 0.6.5rc2, update to version 0.6.5rc2 or later. For bitcoind and Bitcoin-Qt versions 0.7.x prior to 0.7.3rc2, update to version 0.7.3rc2 or later. For wxBitcoin, at the moment, there is no information about a newer version that contains a fix for this issue.