2 matches found
CVE-2017-14457
An exploitable information leak/denial of service vulnerability exists in the libevm Ethereum Virtual Machine create2 opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An attacker can...
CVE-2017-14457
The CVE-2017-14457 issue impacts CPP-Ethereum’s libevm create2 opcode handler. A crafted contract can set an extremely large initSize passed to the bytesConstRef used to compute the create2 hash, enabling an out-of-bounds read that can cause memory disclosure or a denial of service. Talos and CVE...