CVE-2013-2293

EUVD-2013-2239
The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before 0.8.0rc1 copies transactions from disk to memory without incrementally checking for spent prevouts, which allows remote attackers to cause a denial of service (disk I/O consumption) via a Bitcoin transaction with many inputs corresponding to many different parts of the stored block chain.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Affected Products (NVD)
VendorProductVersion
bitcoinbitcoin-qt
0.4:rc4
bitcoinbitcoin-qt
0.4.8:rc4
bitcoinbitcoin-qt
0.5.0:rc1
bitcoinbitcoin-qt
0.5.0.4
bitcoinbitcoin-qt
0.5.1:rc1
bitcoinbitcoin-qt
0.5.3.0
bitcoinbitcoin-qt
0.5.7
bitcoinbitcoin-qt
0.6.0.10:rc4
bitcoinbitcoin-qt
0.6.3
bitcoinbitcoin-qt
0.7.0:rc1
bitcoinbitcoin-qt
0.7.1
bitcoinbitcoin_core
𝑥
≤ 0.7.2
bitcoinbitcoin_core
0.3.4
bitcoinbitcoin_core
0.3.5
bitcoinbitcoin_core
0.3.8
bitcoinbitcoin_core
0.3.10
bitcoinbitcoin_core
0.3.11
bitcoinbitcoin_core
0.3.12
bitcoinbitcoin_core
0.4.0
bitcoinbitcoin_core
0.4.1
bitcoinbitcoin_core
0.4.1:rc6
bitcoinbitcoin_core
0.4.2
bitcoinbitcoin_core
0.4.3
bitcoinbitcoin_core
0.4.4
bitcoinbitcoin_core
0.4.4:rc2
bitcoinbitcoin_core
0.4.5
bitcoinbitcoin_core
0.4.6
bitcoinbitcoin_core
0.4.7:rc2
bitcoinbitcoin_core
0.5.0:rc
bitcoinbitcoin_core
0.5.3
bitcoinbitcoin_core
0.5.3.1
bitcoinbitcoin_core
0.5.4
bitcoinbitcoin_core
0.5.5
bitcoinbitcoin_core
0.5.6:rc2
bitcoinbitcoin_core
0.6.0.1
bitcoinbitcoin_core
0.6.0.2
bitcoinbitcoin_core
0.6.0.3
bitcoinbitcoin_core
0.6.0.4
bitcoinbitcoin_core
0.6.0.5
bitcoinbitcoin_core
0.6.0.6
bitcoinbitcoin_core
0.6.0.7
bitcoinbitcoin_core
0.6.0.8
bitcoinbitcoin_core
0.6.1
bitcoinbitcoin_core
0.6.2
bitcoinbitcoind
0.4.4:rc4
bitcoinbitcoind
0.5.7
bitcoinbitcoind
0.6.0.0
bitcoinbitcoind
0.6.0.10:rc4
bitcoinbitcoind
0.6.3
bitcoinbitcoind
0.6.4:rc4
bitcoinbitcoind
0.7.0:rc1
bitcoinbitcoind
0.7.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://bitcointalk.org/?topic=144122
https://en.bitcoin.it/wiki/CVE-2013-2293
https://en.bitcoin.it/wiki/CVEs
https://bitcointalk.org/?topic=144122
https://en.bitcoin.it/wiki/CVE-2013-2293
https://en.bitcoin.it/wiki/CVEs