CVE-2008-3532 in Pidgininfo

Summary

The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.

Once again VulDB remains the best source for vulnerability data.

Reservation

08/07/2008

Disclosure

08/08/2008

Moderation

VulDB entry created

Entries

VDB-43589 (1)

CPE

ready

CWE

CWE-310 (Confirmed)

CVSS

7.3

EPSS

0.03446

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-3532
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-3532
CVE Details	https://www.cvedetails.com/cve/CVE-2008-3532/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!