CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-4283

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1090%
EPSS Percentile38.36th
Published2009年2月10日
Last Modified2026年4月23日

Vulnerability Description

CRLF injection vulnerability in the WebContainer component in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.1.x versions allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Affected Platforms (CPE)

📦
Ibm

Websphere Application Server

<= 5.1.1.19
📦
Ibm

Websphere Application Server

= 5.0
📦
Ibm

Websphere Application Server

= 5.0
📦
Ibm

Websphere Application Server

= 5.0.0
📦
Ibm

Websphere Application Server

= 5.0.1
📦
Ibm

Websphere Application Server

= 5.0.2
📦
Ibm

Websphere Application Server

= 5.0.2.1
📦
Ibm

Websphere Application Server

= 5.0.2.2
📦
Ibm

Websphere Application Server

= 5.0.2.3
📦
Ibm

Websphere Application Server

= 5.0.2.4
📦
Ibm

Websphere Application Server

= 5.0.2.5
📦
Ibm

Websphere Application Server

= 5.0.2.6
📦
Ibm

Websphere Application Server

= 5.0.2.7
📦
Ibm

Websphere Application Server

= 5.0.2.8
📦
Ibm

Websphere Application Server

= 5.0.2.9
📦
Ibm

Websphere Application Server

= 5.0.2.10
📦
Ibm

Websphere Application Server

= 5.0.2.11
📦
Ibm

Websphere Application Server

= 5.0.2.12
📦
Ibm

Websphere Application Server

= 5.0.2.13
📦
Ibm

Websphere Application Server

= 5.0.2.14
📦
Ibm

Websphere Application Server

= 5.0.2.15
📦
Ibm

Websphere Application Server

= 5.0.2.16
📦
Ibm

Websphere Application Server

= 5.1.0
📦
Ibm

Websphere Application Server

= 5.1.0.2
📦
Ibm

Websphere Application Server

= 5.1.0.3
📦
Ibm

Websphere Application Server

= 5.1.0.4
📦
Ibm

Websphere Application Server

= 5.1.0.5
📦
Ibm

Websphere Application Server

= 5.1.1
📦
Ibm

Websphere Application Server

= 5.1.1.1
📦
Ibm

Websphere Application Server

= 5.1.1.2
📦
Ibm

Websphere Application Server

= 5.1.1.3
📦
Ibm

Websphere Application Server

= 5.1.1.4
📦
Ibm

Websphere Application Server

= 5.1.1.5
📦
Ibm

Websphere Application Server

= 5.1.1.6
📦
Ibm

Websphere Application Server

= 5.1.1.7
📦
Ibm

Websphere Application Server

= 5.1.1.8
📦
Ibm

Websphere Application Server

= 5.1.1.9
📦
Ibm

Websphere Application Server

= 5.1.1.10
📦
Ibm

Websphere Application Server

= 5.1.1.11
📦
Ibm

Websphere Application Server

= 5.1.1.12
📦
Ibm

Websphere Application Server

= 5.1.1.13
📦
Ibm

Websphere Application Server

= 5.1.1.14
📦
Ibm

Websphere Application Server

= 5.1.1.15
📦
Ibm

Websphere Application Server

= 5.1.1.16
📦
Ibm

Websphere Application Server

= 5.1.1.17
📦
Ibm

Websphere Application Server

= 5.1.1.18

References & Advisories

🔗 http://www-1.ibm.com/support/docview.wss?uid=isg1SE35864
🔗 http://www-1.ibm.com/support/docview.wss?uid=swg1PK69929
🔗 http://www.securityfocus.com/bid/33700
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/47199
🔗 http://www-1.ibm.com/support/docview.wss?uid=isg1SE35864
🔗 http://www-1.ibm.com/support/docview.wss?uid=swg1PK69929
🔗 http://www.securityfocus.com/bid/33700
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/47199

相关漏洞威胁

CVE-2006-242910.0

Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and...

CVE-2006-243010.0

IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plainte...

CVE-2000-084810.0

Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Hos...

CVE-2006-243310.0

Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and...