EUVD-2017-5960

Malware in sbrugna...

CVE-2017-14451

An exploitable out-of-bounds read vulnerability exists in libevm Ethereum Virtual Machine of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read which can subsequently trigger an out-of-bounds write resulting in remote code execution. An attacker can create/send...

CVE-2017-14451

An exploitable out-of-bounds read vulnerability exists in libevm Ethereum Virtual Machine of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read which can subsequently trigger an out-of-bounds write resulting in remote code execution. An attacker can create/send...

CVE-2017-14451

CVE-2017-14451 is an exploitable out-of-bounds read in libevm (CPP‑Ethereum). The root cause, per TALOS/Red Hat/NVD details, is the pow2N function returning exp[_n] without bounds checks, with exp defined as size 6. The _type parameter (0–255) can drive laneCount/laneWidth to values beyond the ar...

Out-of-bounds

An exploitable information leak/denial of service vulnerability exists in the libevm Ethereum Virtual Machine create2 opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An attacker can...

CVE-2017-14457

An exploitable information leak/denial of service vulnerability exists in the libevm Ethereum Virtual Machine create2 opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An attacker can...

CVE-2017-14457

The CVE-2017-14457 issue impacts CPP-Ethereum’s libevm create2 opcode handler. A crafted contract can set an extremely large initSize passed to the bytesConstRef used to compute the create2 hash, enabling an out-of-bounds read that can cause memory disclosure or a denial of service. Talos and CVE...

PT-2018-5654 · Ethereum · Cpp-Ethereum

Name of the Vulnerable Software and Affected Versions: CPP-Ethereum affected versions not specified Description: An exploitable information leak/denial of service issue exists in the libevm Ethereum Virtual Machine create2 opcode handler. A specially crafted smart contract code can cause an...

CPP-Ethereum libevm Information Disclosure Vulnerability

CPP-Ethereum is a C++ client for Ethereum Application Programming Platform. libevm is one of the Ethereum virtual machine libraries. An information disclosure vulnerability exists in create2 of libevm in CPP-Ethereum commit version 4e1015743b95821849d001618a7ce82c7c073768. An attacker could explo...

CPP-Ethereum libevm create2 Information Leak Vulnerability(CVE-2017-14457)

Summary An exploitable information leak / denial of service vulnerability exists in the libevm Ethereum Virtual Machine create2 opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An attacker ca...

CPP-Ethereum libevm pow2N Code Execution Vulnerability

Summary An exploitable out-of-bounds read vulnerability exists in libevm Ethereum Virtual Machine of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read which can subsequently trigger an out-of-bounds write resulting in remote code execution. An attacker can...

CPP-Ethereum libevm create2 Information Leak Vulnerability

Summary An exploitable information leak / denial of service vulnerability exists in the libevm Ethereum Virtual Machine create2 opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An attacker ca...