Magento eCommerce versions 1.9.0 and below are compiled with a vulnerable version of Adobe Flex SDK allowing for same-origin request forgery and cross-site content hijacking.
2abdab09c60b62e14aaa6b4c47c3f0c149c4561cf4f13a7a1514da1b9474cc0aThis is actually a Flex bug. Magento eCommerence <= 1.9.0 is compiled
with a vulnerable Adobe Flex SDK. (CVE-2011-2461) which can lead to
Same-Origin Request Forgery
and Cross-Site Content Hijacking.
Although adobe patched this bug, it is possible to exploit it in fully
patched browsers with
the latest version of Adobe Flash Player;
CVE-2011-2461 is best explained by Mindedsecurity at
http://blog.mindedsecurity.com/2015/03/the-old-is-new-again-cve-2011-2461-is.html
This also leads to a Flash XSS in some older browsers.
an attacker will create a malicious HTML page and embed the vulneable flash.
When successfully exploited a Same Origin Request Forgery attack
allows a malicious web site to perform arbitrary requests to the
vulnerable site, and read its response without restrictions.
You can test vulnerable flash files with https://github.com/ikkisoft/ParrotNG/
Vulnerable files:
http://[magento_url]/skin/adminhtml/default/default/media/editor.swf
http://[magento_url]/skin/adminhtml/default/default/media/Uploader.swf
http://[magento_url]/skin/adminhtml/default/default/media/UploaderSingle.swf
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed