3 matches found
CVE-2018-14085
An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit uint public start; function...
CVE-2018-14085
An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit uint public start; function...
CVE-2018-14085
Summary: CVE-2018-14085 describes a vulnerability in a UserWallet smart contract where an attacker-supplied contract address, when added to the owner’s sweepers, can cause the sweep function to set the sweeperList to a fixed value (0x123456789). This indicates an unauthorized modification of the ...