CVE-2016-1000030

Name of the Vulnerable Software and Affected Versions Pidgin versions prior to 2.11.0

Description The issue is related to improper checks of return values from gnutls x509 crt init() and gnutls x509 crt import() functions when importing X.509 certificates, potentially leading to code execution. This can be exploited via a custom X.509 certificate from another client.

Recommendations For versions prior to 2.11.0, update to version 2.11.0 to resolve the issue. As a temporary workaround, consider restricting the import of X.509 certificates from untrusted sources until the update is applied.