Vulnerability Details CVE-2018-13227
The sell function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md
- https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MoneyChainNetToken
- https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md
- https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MoneyChainNetToken
Products affected by CVE-2018-13227
-
cpe:2.3:a:moneychainnet_project:moneychainnet:-