PT-2018-12335 · Stex · Stex White List

Published

2018-07-16

Updated

2018-09-12

CVE-2018-14088

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions STeX White List (STE(WL)) (affected versions not specified)

Description An issue was discovered in the smart contract implementation, where an integer overflow occurs. This happens when the owner sets a large value for the amount variable, causing an overflow in the withdrawToFounders() function due to the calculation amount * 1000000000000000.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2018-14088

Affected Products

Stex White List

PT-2018-12335 · Stex · Stex White List

CVE-2018-14088

Weakness Enumeration

Related Identifiers

Affected Products

References · 2