Back to search
CVE-2007-1608
Published: Mar 22, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
CRLF injection vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.19 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a single CRLF sequence in a context that is not a valid multi-line header.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
34484
vdb-entry
x_refsource_OSVDB
PK39732
vendor-advisory
x_refsource_AIXAPAR
ADV-2007-1062
vdb-entry
x_refsource_VUPEN
23086
vdb-entry
x_refsource_BID
websphere-unspecified-response-splitting(33123)
vdb-entry
x_refsource_XF
24552
third-party-advisory
x_refsource_SECUNIA
1017806
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now