CVE-2010-5140

EUVD-2010-5100
wxBitcoin and bitcoind before 0.3.13 do not properly handle bitcoins associated with Bitcoin transactions that have zero confirmations, which allows remote attackers to cause a denial of service (invalid-transaction flood) by sending low-valued transactions without transaction fees.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
Affected Products (NVD)
VendorProductVersion
bitcoinbitcoin_core
𝑥
≤ 0.3.12
bitcoinbitcoin_core
0.3.4
bitcoinbitcoin_core
0.3.5
bitcoinbitcoin_core
0.3.8
bitcoinbitcoin_core
0.3.10
bitcoinbitcoin_core
0.3.11
bitcoinwxbitcoin
𝑥
≤ 0.3.12
bitcoinwxbitcoin
0.3.4
bitcoinwxbitcoin
0.3.5
bitcoinwxbitcoin
0.3.8
bitcoinwxbitcoin
0.3.10
bitcoinwxbitcoin
0.3.11
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bitcoin
hardy
dne
lucid
dne
natty
dne
oneiric
not-affected
precise
not-affected
Common Weakness Enumeration
References
http://www.bitcoin.org/smf/index.php?topic=1306.0
https://en.bitcoin.it/wiki/CVEs
http://www.bitcoin.org/smf/index.php?topic=1306.0
https://en.bitcoin.it/wiki/CVEs