Summary
The host is running Pidgin, which is prone to Security Bypass Vulnerability
Impact
Man-in-the-middle attacks or identity impersonation attacks are possible.
Impact Level : Network.
Solution
Apply the patch,
http://developer.pidgin.im/attachment/ticket/6500/nss-cert-verify.patc h
Insight
The application fails to properly validate SSL (Secure Sockets Layer) certificate from a server.
Affected
Pidgin Version 2.4.3 and prior on Linux.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Adobe AIR Security Bypass Vulnerability Jan14 (Windows)
- Adobe AIR Multiple Vulnerabilities -02 April 13 (Mac OS X)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
- Adobe Air Remote Code Execution Vulnerability -June13 (Mac OS X)
- Adobe Air Multiple Vulnerabilities -01 May 13 (Windows)