Integer Overflow Vulnerability in Play2LivePromo Smart Contract Allows Arbitrary Balance Manipulation

Integer Overflow Vulnerability in Play2LivePromo Smart Contract Allows Arbitrary Balance Manipulation

CVE-2018-13698 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The mintTokens function of a smart contract implementation for Play2LivePromo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Learn more about our User Device Pen Test.