2 matches found
erc20 contract KoreaShow bug(CVE-2018-10973)
An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted value parameters. Lets see where this issue is: function transferMultiaddress to,...
CVE-2018-10973
KoreaShow (an Ethereum ERC20 token) is affected by CVE-2018-10973 due to an integer overflow in the transferMulti function. The vulnerability arises from accumulating _value into amount with a for loop and then transferring funds, allowing a crafted _value array to overflow the total and bypass b...