First published: Fri Aug 08 2008(Updated: )
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pidgin Pidgin | =2.4.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.