Common Vulnerabilities and Exposures: Difference between revisions

From Bitcoin Wiki
Jump to navigation Jump to search
← Older editNewer edit →
Luke-jr (talk | contribs)
Clerks, Administrators, Editors
3,074 edits
Include unaffected in Fix %
Luke-jr (talk | contribs)
Clerks, Administrators, Editors
3,074 edits
Decluttering
Line 1: Line 1:
{| class="wikitable"
{| class="wikitable"
!style="width:14ex"| CVE
!style="width:14ex"| CVE
! Announced !! Affects !! Flaw !! Fixed in versions !! Links !! Live
! Announced !! Affects !! Flaw !! Live
|-
|-
| CVE-2010-5137
| [[CVE-2010-5137]]
| 2010-07-28
| 2010-07-28
| wxBitcoin and bitcoind
| wxBitcoin and bitcoind
| OP_LSHIFT crash
| OP_LSHIFT crash
| 0.3.5
| [[Incidents#LSHIFT and RETURN bugs|Incident]]
|bgcolor=lime| 100%
|bgcolor=lime| 100%
|-
|-
Line 15: Line 13:
| wxBitcoin and bitcoind
| wxBitcoin and bitcoind
| Unlimited SigOp DoS
| Unlimited SigOp DoS
| 0.3.?
| [[Incidents#OP CHECKSIG abuse|Incident]]
|bgcolor=lime| 100%
|bgcolor=lime| 100%
|-
|-
Line 23: Line 19:
| wxBitcoin and bitcoind
| wxBitcoin and bitcoind
| Combined output overflow
| Combined output overflow
| 0.3.11
| [[Incidents#Value overflow|Incident]] [https://bitcointalk.org/index.php?topic=822.0 Discovery]
|bgcolor=lime| 100%
|bgcolor=lime| 100%
|-
|-
Line 31: Line 25:
| wxBitcoin and bitcoind
| wxBitcoin and bitcoind
| Sending coins w/o sufficient fees
| Sending coins w/o sufficient fees
| 0.3.13
| [[Incidents#Micropayment contamination|Incident]] [http://www.bitcoin.org/smf/index.php?topic=1306.0 Initial reports]
|bgcolor=lime| 100%
|bgcolor=lime| 100%
|-
|-
Line 39: Line 31:
| wxBitcoin and bitcoind
| wxBitcoin and bitcoind
| Wallet (non-)encryption
| Wallet (non-)encryption
| 0.4.1, 0.5.0
| [https://bitcointalk.org/index.php?topic=51604.0 Announcement] [https://bitcointalk.org/index.php?topic=51474.0 Finding] [http://bitcoin.org/releases/2011/11/21/v0.5.0.html 0.5.0]
|bgcolor=yellow| 88.5%
|bgcolor=yellow| 88.5%
|-
|-
Line 47: Line 37:
| Bitcoin protocol
| Bitcoin protocol
| Transaction overwriting
| Transaction overwriting
| BIP 30, 0.4.4, 0.5.0.4, 0.5.3, 0.6.0rc3
| [https://bitcointalk.org/index.php?topic=67738.0 Announcement] [https://en.bitcoin.it/wiki/BIP_0030 Fix]
|bgcolor=pink| 28.9%
|bgcolor=pink| 28.9%
|-
|-
Line 55: Line 43:
| Bitcoin-Qt for Windows
| Bitcoin-Qt for Windows
| MingW non-multithreading
| MingW non-multithreading
| 0.5.0.5, 0.5.3.1, 0.5.4, 0.6.0rc4
| [https://bitcointalk.org/index.php?topic=69120.0 Announcement]
|bgcolor=pink| 82.2%
|bgcolor=pink| 82.2%
|-
|-
Line 63: Line 49:
| bitcoind and Bitcoin-Qt
| bitcoind and Bitcoin-Qt
| TBD
| TBD
| 0.4.6, 0.5.5, 0.6.0.7, and 0.6.2
| [https://bitcointalk.org/index.php?topic=81749.0 Announcement]
|bgcolor=pink| 17.8%
|bgcolor=pink| 17.8%
|}
|}

Revision as of 22:13, 29 May 2012

CVE Announced Affects Flaw Live
CVE-2010-5137 2010-07-28 wxBitcoin and bitcoind OP_LSHIFT crash 100%
CVE-2010-5138 2010-07-29 wxBitcoin and bitcoind Unlimited SigOp DoS 100%
CVE-2010-5139 2010-08-15 wxBitcoin and bitcoind Combined output overflow 100%
CVE-2010-5140 2010-09-29 wxBitcoin and bitcoind Sending coins w/o sufficient fees 100%
CVE-2011-4447 2011-11-11 wxBitcoin and bitcoind Wallet (non-)encryption 88.5%
CVE-2012-1909 2012-03-07 Bitcoin protocol Transaction overwriting 28.9%
CVE-2012-1910 2012-03-17 Bitcoin-Qt for Windows MingW non-multithreading 82.2%
CVE-2012-2459 2012-05-14 bitcoind and Bitcoin-Qt TBD 17.8%
Retrieved from "https://en.bitcoin.it/w/index.php?title=Common_Vulnerabilities_and_Exposures&oldid=27322"