Home / vulnerabilities Magento eCommerce Vulnerable Adobe Flex SDK
Posted on 11 April 2015
Source : packetstormsecurity.org Link
This is actually a Flex bug. Magento eCommerence <= 1.9.0 is compiled
with a vulnerable Adobe Flex SDK. (CVE-2011-2461) which can lead to
Same-Origin Request Forgery
and Cross-Site Content Hijacking.
Although adobe patched this bug, it is possible to exploit it in fully
patched browsers with
the latest version of Adobe Flash Player;
CVE-2011-2461 is best explained by Mindedsecurity at
http://blog.mindedsecurity.com/2015/03/the-old-is-new-again-cve-2011-2461-is.html
This also leads to a Flash XSS in some older browsers.
an attacker will create a malicious HTML page and embed the vulneable flash.
When successfully exploited a Same Origin Request Forgery attack
allows a malicious web site to perform arbitrary requests to the
vulnerable site, and read its response without restrictions.
You can test vulnerable flash files with https://github.com/ikkisoft/ParrotNG/
Vulnerable files:
http://[magento_url]/skin/adminhtml/default/default/media/editor.swf
http://[magento_url]/skin/adminhtml/default/default/media/Uploader.swf
http://[magento_url]/skin/adminhtml/default/default/media/UploaderSingle.swf
