CVE-2012-1910 - OpenCVE

Bitcoin-Qt 0.5.0.x before 0.5.0.5; 0.5.1.x, 0.5.2.x, and 0.5.3.x before 0.5.3.1; and 0.6.x before 0.6.0rc4 on Windows does not use MinGW multithread-safe exception handling, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted Bitcoin protocol messages.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Bitcoin	Bitcoin-qt Bitcoin Core
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:bitcoin:bitcoin-qt:0.5.0:rc1::::::
	cpe:2.3:a:bitcoin:bitcoin-qt:0.5.0.4:::::::*
	cpe:2.3:a:bitcoin:bitcoin-qt:0.5.1:rc1::::::
	cpe:2.3:a:bitcoin:bitcoin-qt:0.5.3.0:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.5.0:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.5.1:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.5.2:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.0:::::::*
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.0:rc1::::::
	cpe:2.3:a:bitcoin:bitcoin_core:0.6.0:rc3::::::

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://gavintech.blogspot.com/2012/03/full-disclosure-bitcoin-qt-on-windows.html
https://bitcointalk.org/index.php?topic=69120.0
https://en.bitcoin.it/wiki/CVEs
https://github.com/bitcoin/bitcoin/commit/8864019f6d88b13d3442843d9e6ebeb8dd938831

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-08-06T16:00:00Z

Updated: 2024-09-16T23:16:22.803Z

Reserved: 2012-03-26T00:00:00Z

Link: CVE-2012-1910

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2012-08-06T16:55:01.773

Modified: 2020-03-18T17:31:05.473

Link: CVE-2012-1910

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Bitcoin-Qt 0.5.0.x before 0.5.0.5; 0.5.1.x, 0.5.2.x, and 0.5.3.x before 0.5.3.1; and 0.6.x before 0.6.0rc4 on Windows does not use MinGW multithread-safe exception handling, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted Bitcoin protocol messages."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-08-06T16:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/bitcoin/bitcoin/commit/8864019f6d88b13d3442843d9e6ebeb8dd938831"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bitcointalk.org/index.php?topic=69120.0"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://gavintech.blogspot.com/2012/03/full-disclosure-bitcoin-qt-on-windows.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://en.bitcoin.it/wiki/CVEs"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-1910", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Bitcoin-Qt 0.5.0.x before 0.5.0.5; 0.5.1.x, 0.5.2.x, and 0.5.3.x before 0.5.3.1; and 0.6.x before 0.6.0rc4 on Windows does not use MinGW multithread-safe exception handling, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted Bitcoin protocol messages."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/bitcoin/bitcoin/commit/8864019f6d88b13d3442843d9e6ebeb8dd938831", "refsource": "CONFIRM", "url": "https://github.com/bitcoin/bitcoin/commit/8864019f6d88b13d3442843d9e6ebeb8dd938831"}, {"name": "https://bitcointalk.org/index.php?topic=69120.0", "refsource": "CONFIRM", "url": "https://bitcointalk.org/index.php?topic=69120.0"}, {"name": "http://gavintech.blogspot.com/2012/03/full-disclosure-bitcoin-qt-on-windows.html", "refsource": "CONFIRM", "url": "http://gavintech.blogspot.com/2012/03/full-disclosure-bitcoin-qt-on-windows.html"}, {"name": "https://en.bitcoin.it/wiki/CVEs", "refsource": "CONFIRM", "url": "https://en.bitcoin.it/wiki/CVEs"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:17:27.081Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/bitcoin/bitcoin/commit/8864019f6d88b13d3442843d9e6ebeb8dd938831"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bitcointalk.org/index.php?topic=69120.0"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://gavintech.blogspot.com/2012/03/full-disclosure-bitcoin-qt-on-windows.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://en.bitcoin.it/wiki/CVEs"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-1910", "datePublished": "2012-08-06T16:00:00Z", "dateReserved": "2012-03-26T00:00:00Z", "dateUpdated": "2024-09-16T23:16:22.803Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bitcoin:bitcoin-qt:0.5.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "27CD6BDE-3732-4863-B855-A0FD022DD62F", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitcoin:bitcoin-qt:0.5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "20635DAC-54CF-48C4-979A-7E909A985093", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitcoin:bitcoin-qt:0.5.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "0264EBF9-C104-49C5-9F43-E0CCC73154B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitcoin:bitcoin-qt:0.5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A2233FD0-6F87-4B8B-BDC9-C633F428BA62", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitcoin:bitcoin_core:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "9B27520D-C703-4A15-8C8E-A6250C468ED2", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitcoin:bitcoin_core:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "8B4715C1-22BF-495B-BA99-B4D7D64B5BD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitcoin:bitcoin_core:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D7E79FF3-C56B-4A19-8AE3-4DDA64AC7BCA", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitcoin:bitcoin_core:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EDE5CA7E-C9F2-47ED-9F89-32AC8D664824", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitcoin:bitcoin_core:0.6.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "A292912B-A5F1-4F90-81E6-0A3CA69166D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitcoin:bitcoin_core:0.6.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "7F27334D-1CD6-4002-A5E4-9DA9F21E6FF1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Bitcoin-Qt 0.5.0.x before 0.5.0.5; 0.5.1.x, 0.5.2.x, and 0.5.3.x before 0.5.3.1; and 0.6.x before 0.6.0rc4 on Windows does not use MinGW multithread-safe exception handling, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted Bitcoin protocol messages."}, {"lang": "es", "value": "Bitcoin-Qt 0.5.0.x anterior a 0.5.0.5; 0.5.1.x, 0.5.2.x, y 0.5.3.x anterior a 0.5.3.1; y 0.6.x anterior a 0.6.0rc4 sobre Windows no utiliza ning\u00fan manejador de excepciones MinGW multithread-safe, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente la ejecuci\u00f3n arbitrario de c\u00f3digo a trav\u00e9s de mensajes del protocolo de Bitcoin."}], "id": "CVE-2012-1910", "lastModified": "2020-03-18T17:31:05.473", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-06T16:55:01.773", "references": [{"source": "cve@mitre.org", "url": "http://gavintech.blogspot.com/2012/03/full-disclosure-bitcoin-qt-on-windows.html"}, {"source": "cve@mitre.org", "url": "https://bitcointalk.org/index.php?topic=69120.0"}, {"source": "cve@mitre.org", "url": "https://en.bitcoin.it/wiki/CVEs"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "https://github.com/bitcoin/bitcoin/commit/8864019f6d88b13d3442843d9e6ebeb8dd938831"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}