Buffer overflow in Bitcoin Bitcoin_core
CVE-2010-5140
wxBitcoin and bitcoind before 0.3.13 do not properly handle bitcoins associated with Bitcoin transactions that have zero confirmations, which allows remote attackers to cause a denial of service (invalid-transaction flood) by sending low-v…
Vulnerability class: Buffer Overflow
EPSS: 0.020 (78.3th percentile) — read the EPSS interpretation.
Affected products
- Bitcoin Bitcoin_core — versions 0.3.4, 0.3.5, 0.3.8
- Bitcoin Wxbitcoin — versions 0.3.4, 0.3.5, 0.3.8
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- cve@mitre.org (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2010-5140?
- CVE-2010-5140 is a vulnerability in Bitcoin Bitcoin_core, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-08-06.
- Is CVE-2010-5140 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.