PT-2015-5266 · Magento · Magento Community Edition+1

Netanel Rubin

Publicado

2015-04-29

Atualizado

2016-04-01

CVE-2015-1399

CVSS v2.0

6.5

Média

Vetor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Magento Community Edition (CE) version 1.9.1.0 Magento Enterprise Edition (EE) version 1.14.1.0

Description A remote file inclusion issue exists in the fetchView function within the Mage Core Block Template Zend class, allowing remote administrators to execute arbitrary PHP code. This is achieved via a URL in unspecified vectors involving the setScriptPath function. It is unclear whether this issue crosses privilege boundaries, as administrators may already have privileges to include arbitrary files.

Recommendations For Magento Community Edition (CE) version 1.9.1.0, consider disabling the fetchView function in the Mage Core Block Template Zend class as a temporary workaround until a patch is available. For Magento Enterprise Edition (EE) version 1.14.1.0, restrict access to the setScriptPath function to minimize the risk of exploitation.

Exploit

Correção

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2015-1399

Produtos afetados

Magento Community Edition

Magento Enterprise Edition

PT-2015-5266 · Magento · Magento Community Edition+1

CVE-2015-1399

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5