CVE-2012-5053

Cross-site scripting (XSS) vulnerability in the Receiver Web User Interface on Trimble Infrastructure GNSS Series Receivers NetR3, NetR5, NetR8, and NetR9 before 4.70, and NetRS before 1.3-2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:h:trimble:infrastructure_gnss_series_receiver_netr3:-:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receiver_netr5:-:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receiver_netr8:-:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receiver_netr9:-:*:*:*:*:*:*:*
cpe:2.3:o:trimble:infrastructure_gnss_series_receiver_firmware:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:h:trimble:infrastructure_netrs_receiver:-:*:*:*:*:*:*:*
cpe:2.3:o:trimble:infrastructure_netrs_receiver_firmware:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:43

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2013-01/0063.html - Broken Link () http://archives.neohapsis.com/archives/bugtraq/2013-01/0063.html - Broken Link
References () http://trl.trimble.com/docushare/dsweb/Get/Document-636664/NetRS_1%203-2_RelNotes.pdf - Vendor Advisory () http://trl.trimble.com/docushare/dsweb/Get/Document-636664/NetRS_1%203-2_RelNotes.pdf - Vendor Advisory
References () http://trl.trimble.com/docushare/dsweb/Get/Document-644791/Infrastructure_GNSS-SeriesReceivers_4.70_RelNotes.pdf - Vendor Advisory () http://trl.trimble.com/docushare/dsweb/Get/Document-644791/Infrastructure_GNSS-SeriesReceivers_4.70_RelNotes.pdf - Vendor Advisory

01 Dec 2023, 14:22

Type Values Removed Values Added
CPE cpe:2.3:o:trimble:infrastructure_gnss_series_receivers_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receivers:netr5:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receivers:netr3:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receivers:netrs:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receivers:netr9:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receivers:netr8:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receiver_netr3:-:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_netrs_receiver:-:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receiver_netr8:-:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receiver_netr9:-:*:*:*:*:*:*:*
cpe:2.3:o:trimble:infrastructure_netrs_receiver_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:trimble:infrastructure_gnss_series_receiver_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:trimble:infrastructure_gnss_series_receiver_netr5:-:*:*:*:*:*:*:*
References (MISC) http://trl.trimble.com/docushare/dsweb/Get/Document-636664/NetRS_1%203-2_RelNotes.pdf - (MISC) http://trl.trimble.com/docushare/dsweb/Get/Document-636664/NetRS_1%203-2_RelNotes.pdf - Vendor Advisory
References (MISC) http://trl.trimble.com/docushare/dsweb/Get/Document-644791/Infrastructure_GNSS-SeriesReceivers_4.70_RelNotes.pdf - (MISC) http://trl.trimble.com/docushare/dsweb/Get/Document-644791/Infrastructure_GNSS-SeriesReceivers_4.70_RelNotes.pdf - Vendor Advisory
References (BUGTRAQ) http://archives.neohapsis.com/archives/bugtraq/2013-01/0063.html - (BUGTRAQ) http://archives.neohapsis.com/archives/bugtraq/2013-01/0063.html - Broken Link

Information

Published : 2013-03-07 00:55

Updated : 2024-11-21 01:43


NVD link : CVE-2012-5053

Mitre link : CVE-2012-5053

CVE.ORG link : CVE-2012-5053


JSON object : View

Products Affected

trimble

  • infrastructure_gnss_series_receiver_netr3
  • infrastructure_netrs_receiver
  • infrastructure_gnss_series_receiver_netr8
  • infrastructure_gnss_series_receiver_firmware
  • infrastructure_gnss_series_receiver_netr9
  • infrastructure_gnss_series_receiver_netr5
  • infrastructure_netrs_receiver_firmware
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')