transactions, which move bitcoins from one address to another, must be signed by the sending address.
however, not all parts of a transaction are signed. modifying those parts allows one to create a valid transaction with the same bitcoin transferring effect, but with a different overall hash.
the hash of the entire transaction is used as a transaction id.
so a modified transaction would have a different id.
some bitcoin management software (a wallet) loses track of transfers, because those transfers don't occur under the transaction-id it expected.
the implication is that some bitcoin services could get confused about who they've successfully sent bitcoins to.
an attacker could socially engineer a "robbery" by transmitting a mutation of an official withdrawal transaction, then appealing to the helpdesk of that service that their withdrawal never went through. it did go through - just under a different transaction id.
checking transaction hashes for acceptance into the blockchain was a stupid idea to begin with. clearly the data in a transaction is malleable without affecting the signature. given that mtgox already were using non-canonical transactions, they should have been aware of this.
a transaction only becomes immutable once it has been included in the blockchain. after this point, searching for a tx by hash is ok.
calling this a bug of the bitcoin protocol is akin to saying that array decay in C is a bug in the language spec. it is known, and and has been talked about for a long time. in both cases.
More seriously, if the software was set up to retransmit bitcoin after a "failed" transfer, then that service could be exploited automatically. Mostly, this wasn't a social attack. The seriousness was that many services were set up to retransmit automatically, and did lose a lot of money automatically.
scriptSig (the second part of the script) contains the signature - it can't sign itself, but you can add other opcodes to it and that allows malleability.
however, not all parts of a transaction are signed. modifying those parts allows one to create a valid transaction with the same bitcoin transferring effect, but with a different overall hash.
the hash of the entire transaction is used as a transaction id.
so a modified transaction would have a different id.
some bitcoin management software (a wallet) loses track of transfers, because those transfers don't occur under the transaction-id it expected.
the implication is that some bitcoin services could get confused about who they've successfully sent bitcoins to.
an attacker could socially engineer a "robbery" by transmitting a mutation of an official withdrawal transaction, then appealing to the helpdesk of that service that their withdrawal never went through. it did go through - just under a different transaction id.