2 matches found
Bugged Smart Contract FuturXE: How Could Someone Mess up with Boolean? (CVE-2018–12025)
Recently SECBIT team found a serious bug about the if condition in a deployed ERC20 smart contract called FuturXE FXE and here is the bugged part: //Function for transer the coin from one address to another function transferFromaddress from, address to, uint value returns bool success //checking...
CVE-2018-12025
The CVE-2018-12025 entry concerns FuturXE (FXE) ERC20 token. Connected sources provide concrete details: transferFrom is vulnerable due to a logic error in the allowance check—the condition if (allowed[from][msg.sender] >= value) return false misorders the logic, allowing an underflow on allow...