1. CVE-Search
  2. CVE-2012-1909
ID CVE-2012-1909
Summary The Bitcoin protocol, as used in bitcoind before 0.4.4, wxBitcoin, Bitcoin-Qt, and other programs, does not properly handle multiple transactions with the same identifier, which allows remote attackers to cause a denial of service (unspendable transaction) by leveraging the ability to create a duplicate coinbase transaction.
References
Vulnerable Configurations
  • cpe:2.3:a:bitcoin:bitcoin_core:*:*:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:*:*:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.3.10:*:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.3.11:*:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.3.12:*:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.3.12:*:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.4.1:rc6:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.4.1:rc6:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.2:rc2:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.3:rc2:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.3:rc2:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.3.22:rc2:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.3.22:rc2:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.3.24:rc2:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.3.24:rc2:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.3rc2:rc2:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.3rc2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.4.00:rc2:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.4.00:rc2:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:bitcoin_core:0.4.4:rc2:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:bitcoin_core:0.4.4:rc2:*:*:*:*:*:*
  • cpe:2.3:a:bitcoin:wxbitcoin:*:*:*:*:*:*:*:*
    cpe:2.3:a:bitcoin:wxbitcoin:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 18-03-2020 - 17:37)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
confirm
misc http://r6.ca/blog/20120206T005236Z.html
mlist [bitcoin-development] 20120228 Duplicate transactions vulnerability
Last major update 18-03-2020 - 17:37
Published 06-08-2012 - 16:55
Last modified 18-03-2020 - 17:37
Back to Top