CVE-2011-4447
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not properly interact with the deletion functionality of BSDDB, which allows context-dependent attackers to obtain unencrypted private keys from Bitcoin wallet files by bypassing the BSDDB interface and reading entries that are marked for deletion.
La característica "encrypt wallet" en wxBitcoin y en bitcoind v0.4.x y anteriores a v0.4.1, y v0.5.0rc no interactúa adecuadamente con la funcionalidad de eliminación de BSDDB, lo cual permite a atacantes dependiendo del contexto obtener claves privadas no encriptadas desde un fichero de monedero Bitcoin mediante el puenteo de la interfaz de BSDDB y a través de la lectura de entradas que han sido marcadas para su borrado.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-11-14 CVE Reserved
- 2012-08-06 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-310: Cryptographic Issues
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://bitcoin.org/releases/2011/11/21/v0.5.0.html | X_refsource_confirm | |
| https://bitcointalk.org/index.php?topic=51474.0 | X_refsource_confirm | |
| https://bitcointalk.org/index.php?topic=51604.0 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://en.bitcoin.it/wiki/CVEs | 2020-03-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Bitcoin Search vendor "Bitcoin" | Bitcoin Core Search vendor "Bitcoin" for product "Bitcoin Core" | 0.4.0 Search vendor "Bitcoin" for product "Bitcoin Core" and version "0.4.0" | - |
Affected
| ||||||
| Bitcoin Search vendor "Bitcoin" | Bitcoin Core Search vendor "Bitcoin" for product "Bitcoin Core" | 0.4.1 Search vendor "Bitcoin" for product "Bitcoin Core" and version "0.4.1" | rc6 |
Affected
| ||||||
| Bitcoin Search vendor "Bitcoin" | Bitcoin Core Search vendor "Bitcoin" for product "Bitcoin Core" | 0.5.0 Search vendor "Bitcoin" for product "Bitcoin Core" and version "0.5.0" | rc |
Affected
| ||||||
| Bitcoin Search vendor "Bitcoin" | Wxbitcoin Search vendor "Bitcoin" for product "Wxbitcoin" | 0.4.0 Search vendor "Bitcoin" for product "Wxbitcoin" and version "0.4.0" | - |
Affected
| ||||||
| Bitcoin Search vendor "Bitcoin" | Wxbitcoin Search vendor "Bitcoin" for product "Wxbitcoin" | 0.4.1 Search vendor "Bitcoin" for product "Wxbitcoin" and version "0.4.1" | rc6 |
Affected
| ||||||
| Bitcoin Search vendor "Bitcoin" | Wxbitcoin Search vendor "Bitcoin" for product "Wxbitcoin" | 0.5.0 Search vendor "Bitcoin" for product "Wxbitcoin" and version "0.5.0" | rc |
Affected
| ||||||