Описание
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | 1:1.5.0+1.5.1cvs20051015-1ubuntu10 |
| devel | DNE | |
| feisty | ignored | end of life, was needed |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | released | 2.4.3-2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 1:2.5.2-0ubuntu1 |
| feisty | DNE | |
| gutsy | released | 1:2.2.1-1ubuntu4.3 |
| hardy | released | 1:2.4.1-1ubuntu2.2 |
| intrepid | not-affected | 1:2.5.2-0ubuntu1 |
| upstream | released | 2.4.3-2 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certif ...
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.
Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.8 Medium
CVSS2