4 matches found
EUVD-2014-3640
Malware in sbrugna...
openSUSE Security Update : pidgin (openSUSE-SU-2014:1397-1)
Update to version 2.10.10 : + General : - Check the basic constraints extension when validating SSL/TLS certificates. This fixes a security hole that allowed a malicious man-in-the-middle to impersonate an IM server or any other https endpoint. This affected both the NSS and GnuTLS plugins...
CVE-2014-3694
The 1 bundled GnuTLS SSL/TLS plugin and the 2 bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...
UBUNTU-CVE-2014-3694
The 1 bundled GnuTLS SSL/TLS plugin and the 2 bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...