2018-07-16 02:00:00
mitre
PUBLISHED
An issue was discovered in a smart contract implementation for Virgo_ZodiacToken, an Ethereum token. In this contract, bool sufficientAllowance = allowance <= _value will cause an arbitrary transfer in the function transferFrom because <= is used instead of >= (which was intended). An attacker can transfer from any address to his address, and does not need to meet the allowance > value condition.