CVE-2018-13836

HIGH

Rocket Coin - Integer Overflow in multiTransfer Function

Title source: llm

Description

An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. An attacker could use it to set any user's balance.

References (2)

Core 2

Core References

Various Sources x_refsource_misc

https://github.com/VenusADLab/EtherTokens/tree/master/Rocket%20Coin%28XRC%29

View Writeup ZIP pw:eip

Exploit, Third Party Advisory x_refsource_misc

https://github.com/VenusADLab/EtherTokens/blob/master/SHARKTECH/SHARKTECH.md

View Exploit ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0120

EPSS Percentile 64.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-190

Status published

Products (1)

rocket_coin_project/rocket_coin

Published Jul 12, 2018

Tracked Since Feb 18, 2026