Vulnerability Details CVE-2018-13205
The sell function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md
- https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Ohni
- https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md
- https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Ohni