Magento ECommerce Local File Disclosure Network Vulnerability

Summary

Magento eCommerce platform uses a vulnerable version of Zend framework which is prone to XML eXternal Entity Injection attacks. The SimpleXMLElement class of Zend framework (SimpleXML PHP extension) is used in an insecure way to parse XML data. External entities can be specified by adding a specific DOCTYPE element to XML-RPC requests. By exploiting this vulnerability an application may be coerced to open arbitrary files and/or TCP connections.

Solution

Updates are available. Please see the references for more information.

References

http://bot24.blogspot.de/2012/07/sec-consult-sa-20120712-0-magento.html
http://www.magentocommerce.com/blog/comments/update-zend-framework-vulnerability-security-update/
http://www.magentocommerce.com/download
http://www.magentocommerce.com/downloads/assets/1.7.0.2/CE_1.4.0.0-1.4.1.1.patch
http://www.magentocommerce.com/downloads/assets/1.7.0.2/CE_1.4.2.0.patch
http://www.magentocommerce.com/downloads/assets/1.7.0.2/CE_1.5.0.0-1.7.0.1.patch
https://www.magentocommerce.com/products/customer/account/index/

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe ColdFusion Multiple Vulnerabilities-02 May-2014
Adobe ColdFusion Components (CFC) Denial Of Service Vulnerability
AIOCP 'cp_html2xhtmlbasic.php' Remote File Inclusion Vulnerability
Arkeia Appliance Path Traversal Vulnerability
Admbook PHP Code Injection Flaw

Magento eCommerce Local File Disclosure

Take action and discover your vulnerabilities