Integer Overflow Vulnerability in SingaporeCoinOrigin (SCO) Smart Contract

Integer Overflow Vulnerability in SingaporeCoinOrigin (SCO) Smart Contract

CVE-2018-14086 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell().

Learn more about our Web Application Penetration Testing UK.