VDB
CVE-2008-3532
CVE-2008-3532
PUBLISHED
Reported by redhat · Published August 8, 2008
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, n/a, n/a |
Exploit Intelligence
Timeline
- Aug 8, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- x_refsource_MISC
- oval:org.mitre.oval:def:18327 vdb-entrysignaturex_refsource_OVAL
- MDVSA-2009:025 vendor-advisoryx_refsource_MANDRIVA
- 31390 third-party-advisoryx_refsource_SECUNIA
- ADV-2008-2318 vdb-entryx_refsource_VUPEN
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- 33102 third-party-advisoryx_refsource_SECUNIA
- USN-675-1 vendor-advisoryx_refsource_UBUNTU
- x_refsource_CONFIRM
- 32859 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- pidgin-ssl-spoofing(44220) vdb-entryx_refsource_XF
- RHSA-2008:1023 vendor-advisoryx_refsource_REDHAT
- oval:org.mitre.oval:def:10979 vdb-entrysignaturex_refsource_OVAL
- 30553 vdb-entryx_refsource_BID