16 matches found
EUVD-2008-3518
Malware in sbrugna...
SUSE CVE-2008-3532
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service...
openSUSE Security Update : pidgin (openSUSE-SU-2014:1397-1)
Update to version 2.10.10 : + General : - Check the basic constraints extension when validating SSL/TLS certificates. This fixes a security hole that allowed a malicious man-in-the-middle to impersonate an IM server or any other https endpoint. This affected both the NSS and GnuTLS plugins...
Pidgin: Multiple vulnerabilities
Background Pidgin formerly Gaim is an instant messaging client for a variety of instant messaging protocols. It is based on the libpurple instant messaging library. Description Multiple vulnerabilities have been discovered in Pidgin and the libpurple library: A participant to the TippingPoint ZDI...
RHEL 4 / 5 : pidgin (RHSA-2008:1023)
The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:1023 advisory. - pidgin: remote DoS via MSN message with crafted file name CVE-2008-2955 - pidgin: unrestricted download of arbitrary files triggered v...
pidgin: NSS plugin doesn't verify SSL certificates
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service...
Pidgin NSS plugin SSL Certificate Validation Security Bypass Vulnerability (Windows)
The host is running Pidgin, which is prone to Security Bypass Vulnerability OpenVAS Vulnerability Test $Id: secpodpidginsslsecbypassvulnwin900020.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: Pidgin NSS plugin SSL Certificate Validation Security Bypass Vulnerability Windows Authors: Sharath S...
Pidgin NSS plugin SSL Certificate Validation Security Bypass Vulnerability - Linux
Pidgin is prone to a security bypass vulnerability SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:pidgin:pidgin"; ifdescription...
Pidgin NSS plugin SSL Certificate Validation Security Bypass Vulnerability - Windows
Pidgin is prone to a security bypass vulnerability SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:pidgin:pidgin"; ifdescription...
Code injection
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service...
CVE-2008-3532
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service...
CVE-2008-3532
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service...
CVE-2008-3532
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service...
CVE-2008-3532
CVE-2008-3532 affects the NSS plugin in libpurple (Pidgin) where SSL certificate verification was not performed. The consequence is that remote attackers could trick users into accepting invalid certificates for spoofed services, enabling MITM-style credential exposure or session hijacking. Publi...
CVE-2008-3532
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service...
CVE-2008-3532
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service...