Vulnerabilities > CVE-2006-5037 - Unspecified vulnerability in Squiz Mysource Matrix
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
MySource Matrix after 3.8 allows remote attackers to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 8 |
References
- http://secunia.com/advisories/22060
- http://secunia.com/advisories/22060
- http://securityreason.com/securityalert/1635
- http://securityreason.com/securityalert/1635
- http://www.aushack.com/advisories/200607-mysourcematrix.txt
- http://www.aushack.com/advisories/200607-mysourcematrix.txt
- http://www.securityfocus.com/archive/1/446722/100/0/threaded
- http://www.securityfocus.com/archive/1/446722/100/0/threaded