This CVE relates to a CSRF vulnerability in the Adobe Flex .swf files used by Magento.
You can find more information regarding the CVE here:
- Peter O'Callaghan - Magento CSRF vulnerability via Adobe Flex
- Minded Security - The old is new, again. CVE-2011-2461 is back!
- Adobe - Flex Security Issue APSB11-25
This repo contains patched versions of editor.swf, uploader.swf and uploaderSingle.swf.
Simply replace the files in skin/adminhtml/default/default/media/ with these.