Unrated severityNVD Advisory· Published Feb 10, 2009· Updated Jun 16, 2026
CVE-2008-4283
CVE-2008-4283
Description
CRLF injection vulnerability in the WebContainer component in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.1.x versions allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Affected products
47cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*+ 46 more
- cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*range: <=5.1.1.19
- cpe:2.3:a:ibm:websphere_application_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.14:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.16:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0:*:z_os:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.9:*:*:*:*:*:*:*
- (no CPE)range: <=5.1.1.19
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.