Stack-based Buffer Overflow in bitcoind and Bitcoin-Qt with Attacker-controlled SOCKS Proxy Server
CVE-2017-18350 · MEDIUM Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name.
Learn more about our Cis Benchmark Audit For Server Software.