← Back

CVE-2013-2272

nvd nist
Published: Mar 12, 2013Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

The penny-flooding protection mechanism in the CTxMemPool::accept method in bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5rc1, and 0.7.x before 0.7.3rc1 allows remote attackers to determine associations between wallet addresses and IP addresses via a series of large Bitcoin transactions with insufficient fees.

Affected (54)

Bitcoin
3 products
Bitcoin Qt
Bitcoin Core
Bitcoind
Configuration A
54 vulnerable
Vulnerable SoftwareAffected Versions
Bitcoin
Bitcoin Qt
Up to 0.4.8
Bitcoin Qt
Version 0.4 rc4
Bitcoin Qt
Version 0.5.0.4
Bitcoin Qt
Version 0.5.0 rc1
Bitcoin Qt
Version 0.5.1 rc1
Bitcoin Qt
Version 0.5.3.0
Bitcoin Qt
Version 0.5.7
Bitcoin Qt
Version 0.6.0.10 rc4
Bitcoin Qt
Version 0.6.3
Bitcoin Qt
Version 0.7.0 rc1
Bitcoin Qt
Version 0.7.1
Bitcoin Qt
Version 0.7.2
Bitcoin
Bitcoin Core
All versions
Bitcoin Core
Version 0.3.10
Bitcoin Core
Version 0.3.11
Bitcoin Core
Version 0.3.12
Bitcoin Core
Version 0.3.4
Bitcoin Core
Version 0.3.5
Bitcoin Core
Version 0.3.8
Bitcoin Core
Version 0.4.0
Bitcoin Core
Version 0.4.1
Bitcoin Core
Version 0.4.1 rc6
Bitcoin Core
Version 0.4.2
Bitcoin Core
Version 0.4.3
Bitcoin Core
Version 0.4.4
Bitcoin Core
Version 0.4.4 rc2
Bitcoin Core
Version 0.4.5
Bitcoin Core
Version 0.4.6
Bitcoin Core
Version 0.4.7 rc2
Bitcoin Core
Version 0.5.0 rc
Bitcoin Core
Version 0.5.3.1
Bitcoin Core
Version 0.5.3
Bitcoin Core
Version 0.5.4
Bitcoin Core
Version 0.5.5
Bitcoin Core
Version 0.5.6 rc2
Bitcoin Core
Version 0.6.0.1
Bitcoin Core
Version 0.6.0.2
Bitcoin Core
Version 0.6.0.3
Bitcoin Core
Version 0.6.0.4
Bitcoin Core
Version 0.6.0.5
Bitcoin Core
Version 0.6.0.6
Bitcoin Core
Version 0.6.0.7
Bitcoin Core
Version 0.6.0.8
Bitcoin Core
Version 0.6.1
Bitcoin Core
Version 0.6.2
Bitcoin
Bitcoind
Up to 0.4.4
Bitcoind
Version 0.5.7
Bitcoind
Version 0.6.0.0
Bitcoind
Version 0.6.0.10 rc4
Bitcoind
Version 0.6.3
Bitcoind
Version 0.6.4 rc4
Bitcoind
Version 0.7.0 rc1
Bitcoind
Version 0.7.1
Bitcoind
Version 0.7.2

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.