Vulnerabilities > CVE-2012-1909 - Configuration vulnerability in Bitcoin Core and Wxbitcoin
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The Bitcoin protocol, as used in bitcoind before 0.4.4, wxBitcoin, Bitcoin-Qt, and other programs, does not properly handle multiple transactions with the same identifier, which allows remote attackers to cause a denial of service (unspendable transaction) by leveraging the ability to create a duplicate coinbase transaction.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://r6.ca/blog/20120206T005236Z.html
- http://r6.ca/blog/20120206T005236Z.html
- http://sourceforge.net/mailarchive/forum.php?thread_name=CAPg%2BsBhmGHnMResVxPDZdfpmWTb9uqD0RrQD7oSXBQq7oHpm8g%40mail.gmail.com&forum_name=bitcoin-development
- http://sourceforge.net/mailarchive/forum.php?thread_name=CAPg%2BsBhmGHnMResVxPDZdfpmWTb9uqD0RrQD7oSXBQq7oHpm8g%40mail.gmail.com&forum_name=bitcoin-development
- https://bitcointalk.org/index.php?topic=67738.0
- https://bitcointalk.org/index.php?topic=67738.0
- https://bugs.gentoo.org/show_bug.cgi?id=407793
- https://bugs.gentoo.org/show_bug.cgi?id=407793
- https://en.bitcoin.it/wiki/BIP_0030
- https://en.bitcoin.it/wiki/BIP_0030
- https://en.bitcoin.it/wiki/CVEs
- https://en.bitcoin.it/wiki/CVEs
- https://github.com/sipa/bitcoin/commit/a206b0ea12eb4606b93323268fc81a4f1f952531
- https://github.com/sipa/bitcoin/commit/a206b0ea12eb4606b93323268fc81a4f1f952531