CVE-2017-18350

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-18350
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-18350.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-18350
Published
2020-03-12T21:15:12.373Z
Modified
2026-03-13T23:34:00.380878Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name.

References

Affected packages

Git / github.com/bitcoin/bitcoin

Affected ranges

Type
GIT
Repo
https://github.com/bitcoin/bitcoin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
7b57bc998f334775b50ebc8ca5e78ca728db4c58
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.15.1"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-18350.json"