Vulnerability Details CVE-2018-13206
The sell function of a smart contract implementation for ProvidenceCasino (PVE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md
- https://github.com/BlockChainsSecurity/EtherTokens/tree/master/PVE
- https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md
- https://github.com/BlockChainsSecurity/EtherTokens/tree/master/PVE
Products affected by CVE-2018-13206
-
cpe:2.3:a:providencecasino_project:providencecasino:-