Unrated severityNVD Advisory· Published Aug 8, 2008· Updated Jun 16, 2026
CVE-2008-3532
CVE-2008-3532
Description
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:pidgin:pidgin:2.4.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:pidgin:pidgin:2.4.3:*:*:*:*:*:*:*
- (no CPE)range: =2.4.3
- Range: =2.4.3
Patches
Vulnerability mechanics
References
16- developer.pidgin.im/ticket/6500nvdPatch
- developer.pidgin.im/attachment/ticket/6500/nss-cert-verify.patchnvdExploit
- bugs.debian.org/cgi-bin/bugreport.cginvd
- developer.pidgin.im/attachment/ticket/6500/nss_add_rev.patchnvd
- secunia.com/advisories/31390nvd
- secunia.com/advisories/32859nvd
- secunia.com/advisories/33102nvd
- support.avaya.com/elmodocs2/security/ASA-2008-493.htmnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2008-1023.htmlnvd
- www.securityfocus.com/bid/30553nvd
- www.ubuntu.com/usn/USN-675-1nvd
- www.vupen.com/english/advisories/2008/2318nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/44220nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10979nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18327nvd
News mentions
0No linked articles in our index yet.