CVE-2008-3532

The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.

Date published : 2008-08-08

http://www.securityfocus.com/bid/30553

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492434