Vulnerability Details CVE-2018-13202
The sell function of a smart contract implementation for MyBO, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md
- https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MyBoToken
- https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md
- https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MyBoToken
Products affected by CVE-2018-13202
-
cpe:2.3:a:mybo_project:mybo:-