CVE-2018-11239
An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- May 18, 2018
- Published Date
- May 19, 2018
- Last Updated
- August 05, 2024
- Vendor
- n/a
- Product
- Hexagon (HXG) ERC20 Token
- Description
- An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as exploited in the wild in May 2018, aka the "burnOverflow" issue.
CVSS Scores
CVSS v3.0
7.5 - HIGH
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS v2.0
5.0
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploit Status
- Exploited in the Wild
- Yes (2018-05-19 18:00:00 UTC) Source
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CVE | 2018-05-19 18:00:00 UTC |
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel