PT-2018-10984 · Substratum · Substratum
Publicado
2018-06-25
·
Atualizado
2019-10-03
·
CVE-2018-12067
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Substratum (SUB) smart contract implementation (affected versions not specified)
Description
The issue concerns a potential trap in the sell function of the Substratum smart contract implementation. This trap could be exploited to cause financial damage to the seller due to an overflow resulting from the multiplication of the
amount and a manipulable variable sellPrice. This issue is referred to as the "tradeTrap" issue.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Integer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Substratum