CVE-2013-2272
Bitcoin-Qt < 0.4.8 - Unauthorized Wallet Address and IP Association via Penny-Flooding Bypass
Title source: llmDescription
The penny-flooding protection mechanism in the CTxMemPool::accept method in bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5rc1, and 0.7.x before 0.7.3rc1 allows remote attackers to determine associations between wallet addresses and IP addresses via a series of large Bitcoin transactions with insufficient fees.
References (2)
Core 2
Core References
Various Sources x_refsource_confirm
https://bitcointalk.org/?topic=135856
Third Party Advisory x_refsource_confirm
https://en.bitcoin.it/wiki/CVEs
Scores
EPSS
0.0189
EPSS Percentile
77.1%
Details
CWE
CWE-200
Status
published
Products (48)
bitcoin/bitcoin-qt
0.4 rc4
bitcoin/bitcoin-qt
0.5.0 rc1
bitcoin/bitcoin-qt
0.5.0.4
bitcoin/bitcoin-qt
0.5.1 rc1
bitcoin/bitcoin-qt
0.5.3.0
bitcoin/bitcoin-qt
0.5.7
bitcoin/bitcoin-qt
0.6.0.10 rc4
bitcoin/bitcoin-qt
0.6.3
bitcoin/bitcoin-qt
0.7.0 rc1
bitcoin/bitcoin-qt
0.7.1
... and 38 more
Published
Mar 12, 2013
Tracked Since
Feb 18, 2026