4.3
CVSSv2

CVE-2017-18350

Published: 12/03/2020 Updated: 18/03/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

bitcoind and Bitcoin-Qt before 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name.

Vulnerability Trend

Affected Products

Vendor Product Versions
BitcoinBitcoin Core0.1.5, 0.1.6, 0.2, 0.2.0, 0.2.2, 0.2.4, 0.2.5, 0.2.6, 0.2.7, 0.2.8, 0.2.9, 0.2.10, 0.2.11, 0.2.12, 0.2.13, 0.3, 0.3.0, 0.3.1, 0.3.2, 0.3.3, 0.3.4, 0.3.5, 0.3.6, 0.3.7, 0.3.8, 0.3.10, 0.3.11, 0.3.12, 0.3.13, 0.3.14, 0.3.15, 0.3.17, 0.3.18, 0.3.19, 0.3.20, 0.3.20.01, 0.3.20.2, 0.3.21, 0.3.22, 0.3.23, 0.3.24, 0.3rc1, 0.3rc2, 0.3rc4, 0.4.0, 0.4.00, 0.4.1, 0.4.2, 0.4.3, 0.4.4, 0.4.5, 0.4.6, 0.4.7, 0.5.0, 0.5.1, 0.5.2, 0.5.3, 0.5.3.1, 0.5.4, 0.5.5, 0.5.6, 0.6.0, 0.6.0.1, 0.6.0.2, 0.6.0.3, 0.6.0.4, 0.6.0.5, 0.6.0.6, 0.6.0.7, 0.6.0.8, 0.6.1, 0.6.2, 0.6.2.1, 0.6.2.2, 0.6.3, 0.7.0, 0.7.1, 0.7.2, 0.8, 0.8.0, 0.8.1, 0.8.2, 0.8.3, 0.8.4, 0.8.5, 0.8.6, 0.9, 0.9.0, 0.9.1, 0.9.2, 0.9.2.1, 0.9.3, 0.9.4, 0.9.5, 0.10.0, 0.10.1, 0.10.2, 0.10.3, 0.10.4, 0.10.5, 0.11.0, 0.11.1, 0.11.2, 0.11.3, 0.12, 0.12.0, 0.12.1, 0.13, 0.13.0, 0.13.1, 0.13.2, 0.14.0, 0.14.1, 0.14.2, 0.14.3, 0.15.0, 0.15.0.1

Github Repositories