What is the severity of CVE-2008-4283?

CVE-2008-4283 has a medium severity level due to its potential to cause HTTP response splitting attacks.

How do I fix CVE-2008-4283?

To fix CVE-2008-4283, upgrade IBM WebSphere Application Server to a version later than 5.1.1.19.

What types of attacks can be executed via CVE-2008-4283?

CVE-2008-4283 allows remote attackers to conduct HTTP response splitting attacks.

Which versions of IBM WebSphere Application Server are affected by CVE-2008-4283?

CVE-2008-4283 affects IBM WebSphere Application Server versions up to and including 5.1.1.19.

Is CVE-2008-4283 still a threat if I am running the latest version of IBM WebSphere Application Server?

If you are running a version of IBM WebSphere Application Server later than 5.1.1.19, CVE-2008-4283 is not a threat.

Vulnerability/
CVE-2008-4283

critical

CWE

20 93

10/2/2009

7/8/2024

CVE-2008-4283: Input Validation

First published: Tue Feb 10 2009(Updated: )

CRLF injection vulnerability in the WebContainer component in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.1.x versions allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.0
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.0.5
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.10
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.14
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.5
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.1
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.2
IBM WebSphere Application Server Feature Pack for Web Services	=5.0
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.11
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.6
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.0
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.3
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.15
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.15
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.3
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.13
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.12
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.10
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.8
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.17
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.7
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.0.4
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.16
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.18
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.2
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.1
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.9
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.6
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.13
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.12
IBM WebSphere Application Server Feature Pack for Web Services	=5.0
IBM WebSphere Application Server Feature Pack for Web Services	<=5.1.1.19
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.8
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.4
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.16
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.9
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.14
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.11
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=5.0.2.7
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.5
IBM WebSphere Application Server Feature Pack for Web Services	=5.1.1.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-4283?
CVE-2008-4283 has a medium severity level due to its potential to cause HTTP response splitting attacks.
How do I fix CVE-2008-4283?
To fix CVE-2008-4283, upgrade IBM WebSphere Application Server to a version later than 5.1.1.19.
What types of attacks can be executed via CVE-2008-4283?
CVE-2008-4283 allows remote attackers to conduct HTTP response splitting attacks.
Which versions of IBM WebSphere Application Server are affected by CVE-2008-4283?
CVE-2008-4283 affects IBM WebSphere Application Server versions up to and including 5.1.1.19.
Is CVE-2008-4283 still a threat if I am running the latest version of IBM WebSphere Application Server?
If you are running a version of IBM WebSphere Application Server later than 5.1.1.19, CVE-2008-4283 is not a threat.

agent/references
agent/weakness
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/first-publish-date
agent/description
agent/author
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/ibm
canonical/ibm websphere application server feature pack for web services
version/ibm websphere application server feature pack for web services/5.0.0
version/ibm websphere application server feature pack for web services/5.1.0.5
version/ibm websphere application server feature pack for web services/5.0.2.10
version/ibm websphere application server feature pack for web services/5.1.1.14
version/ibm websphere application server feature pack for web services/5.0.2.5
version/ibm websphere application server feature pack for web services/5.0.2.1
version/ibm websphere application server feature pack for web services/5.1.1.2
version/ibm websphere application server feature pack for web services/5.0
version/ibm websphere application server feature pack for web services/5.0.2.11
version/ibm websphere application server feature pack for web services/5.1.1
version/ibm websphere application server feature pack for web services/5.1.1.6
version/ibm websphere application server feature pack for web services/5.1.0
version/ibm websphere application server feature pack for web services/5.0.1
version/ibm websphere application server feature pack for web services/5.0.2.3
version/ibm websphere application server feature pack for web services/5.0.2.15
version/ibm websphere application server feature pack for web services/5.1.1.15
version/ibm websphere application server feature pack for web services/5.1.1.3
version/ibm websphere application server feature pack for web services/5.1.1.13
version/ibm websphere application server feature pack for web services/5.0.2.12
version/ibm websphere application server feature pack for web services/5.1.1.10
version/ibm websphere application server feature pack for web services/5.0.2.8
version/ibm websphere application server feature pack for web services/5.1.1.17
version/ibm websphere application server feature pack for web services/5.1.1.7
version/ibm websphere application server feature pack for web services/5.1.0.4
version/ibm websphere application server feature pack for web services/5.0.2.16
version/ibm websphere application server feature pack for web services/5.1.0.2
version/ibm websphere application server feature pack for web services/5.1.1.18
version/ibm websphere application server feature pack for web services/5.0.2.2
version/ibm websphere application server feature pack for web services/5.1.1.1
version/ibm websphere application server feature pack for web services/5.0.2.9
version/ibm websphere application server feature pack for web services/5.0.2.6
version/ibm websphere application server feature pack for web services/5.0.2.13
version/ibm websphere application server feature pack for web services/5.1.1.12
version/ibm websphere application server feature pack for web services/5.1.1.19
version/ibm websphere application server feature pack for web services/5.1.1.8
version/ibm websphere application server feature pack for web services/5.0.2.4
version/ibm websphere application server feature pack for web services/5.1.1.16
version/ibm websphere application server feature pack for web services/5.0.2
version/ibm websphere application server feature pack for web services/5.1.1.9
version/ibm websphere application server feature pack for web services/5.0.2.14
version/ibm websphere application server feature pack for web services/5.1.1.11
version/ibm websphere application server feature pack for web services/5.1.0.3
version/ibm websphere application server feature pack for web services/5.0.2.7
version/ibm websphere application server feature pack for web services/5.1.1.5
version/ibm websphere application server feature pack for web services/5.1.1.4