Bitcoin Core prior to 0.19.0 might allow remote malicious users to execute arbitrary code when another application unsafely passes the -platformpluginpath argument to the bitcoin-qt program, as demonstrated by an x-scheme-handler/bitcoin handler for a .desktop file or a web browser. NOTE: the discoverer states "I believe that this vulnerability cannot actually be exploited."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bitcoin bitcoin |