CVE-2012-4684

high

Published 2013-03-12 · Modified 2026-04-29

CVSS v3

—

CVSS v2

7.8

VIR risk

7.8

Description

The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote attackers to cause a denial of service (resource consumption) via a valid modified signature for a circulating alert.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

Application impact

Vendor	Product	Versions
bitcoin	bitcoin-qt	`0.6.3`
bitcoin	bitcoin_core	`0.3.4`
bitcoin	bitcoin_core	`0.3.5`
bitcoin	bitcoin_core	`0.3.8`
bitcoin	bitcoin_core	`0.3.10`
bitcoin	bitcoin_core	`0.3.11`
bitcoin	bitcoin_core	`0.3.12`
bitcoin	bitcoin_core	`0.4.0`
bitcoin	bitcoin_core	`0.4.1`
bitcoin	bitcoin_core	`0.4.2`
bitcoin	bitcoin_core	`0.4.3`
bitcoin	bitcoin_core	`0.4.4`
bitcoin	bitcoin_core	`0.4.5`
bitcoin	bitcoin_core	`0.4.6`
bitcoin	bitcoin_core	`0.4.7`
bitcoin	bitcoin_core	`0.5.0`
bitcoin	bitcoin_core	`0.5.3`
bitcoin	bitcoin_core	`0.5.3.1`
bitcoin	bitcoin_core	`0.5.4`
bitcoin	bitcoin_core	`0.5.5`
bitcoin	bitcoin_core	`0.5.6`
bitcoin	bitcoin_core	`0.6.0.1`
bitcoin	bitcoin_core	`0.6.0.2`
bitcoin	bitcoin_core	`0.6.0.3`
bitcoin	bitcoin_core	`0.6.0.4`
bitcoin	bitcoin_core	`0.6.0.5`
bitcoin	bitcoin_core	`0.6.0.6`
bitcoin	bitcoin_core	`0.6.0.7`
bitcoin	bitcoin_core	`0.6.0.8`
bitcoin	bitcoin_core	`0.6.1`
bitcoin	bitcoin_core	`0.6.2`
bitcoin	bitcoind	`0.6.3`
bitcoin	wxbitcoin	`0.3.4`
bitcoin	wxbitcoin	`0.3.5`
bitcoin	wxbitcoin	`0.3.8`
bitcoin	wxbitcoin	`0.3.10`
bitcoin	wxbitcoin	`0.3.11`
bitcoin	wxbitcoin	`0.4.0`
bitcoin	wxbitcoin	`0.4.1`
bitcoin	wxbitcoin	`0.5.0`

References

CWEs

CWE-399

Verify integrity in audit chain (admin only). AS-IS.