PT-2018-11705 · R · R Time Token V3

Published

2018-07-05

Updated

2018-09-02

CVE-2018-13223

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions R Time Token v3 (RS)

Description The issue concerns an integer overflow in the sell function of the RTokenMain smart contract implementation. Specifically, when amount * sellPrice equals zero, it can lead to a reduction in a seller's assets.

Recommendations For R Time Token v3 (RS), consider temporarily disabling the sell function in the RTokenMain contract until a patch is available to prevent potential asset reduction due to the integer overflow issue.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2018-13223

Affected Products

R Time Token V3

PT-2018-11705 · R · R Time Token V3

CVE-2018-13223

Weakness Enumeration

Related Identifiers

Affected Products

References · 3