Vulnerability Details CVE-2018-13218
The sell function of a smart contract implementation for ICO Dollar (ICOD), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md
- https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ICODollar
- https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md
- https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ICODollar
Products affected by CVE-2018-13218
-
cpe:2.3:a:ico_dollar_project:ico_dollar:-