CVE-2016-1000030 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-1000030 Interim 1 11 2025-11-05T04:12:10Z current 2021-05-30T13:49:48Z 2025-11-05T04:12:10Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-1000030 Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client. This vulnerability appears to have been fixed in 2.11.0. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP3 finch finch-devel libpurple libpurple-branding-upstream libpurple-devel libpurple-lang libpurple-plugin-sametime libpurple-tcl pidgin pidgin-devel finch as a component of SUSE Linux Enterprise Desktop 12 SP3 libpurple as a component of SUSE Linux Enterprise Desktop 12 SP3 libpurple-branding-upstream as a component of SUSE Linux Enterprise Desktop 12 SP3 libpurple-lang as a component of SUSE Linux Enterprise Desktop 12 SP3 libpurple-plugin-sametime as a component of SUSE Linux Enterprise Desktop 12 SP3 libpurple-tcl as a component of SUSE Linux Enterprise Desktop 12 SP3 pidgin as a component of SUSE Linux Enterprise Desktop 12 SP3 finch-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 libpurple as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 libpurple-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 libpurple-lang as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 pidgin-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 pidgin as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 finch as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 libpurple as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 libpurple-branding-upstream as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 libpurple-lang as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 libpurple-plugin-sametime as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 libpurple-tcl as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 pidgin as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client. This vulnerability appears to have been fixed in 2.11.0. CVE-2016-1000030 SUSE Linux Enterprise Desktop 12 SP3:finch SUSE Linux Enterprise Desktop 12 SP3:libpurple SUSE Linux Enterprise Desktop 12 SP3:libpurple-branding-upstream SUSE Linux Enterprise Desktop 12 SP3:libpurple-lang SUSE Linux Enterprise Desktop 12 SP3:libpurple-plugin-sametime SUSE Linux Enterprise Desktop 12 SP3:libpurple-tcl SUSE Linux Enterprise Desktop 12 SP3:pidgin SUSE Linux Enterprise Software Development Kit 12 SP3:finch-devel SUSE Linux Enterprise Software Development Kit 12 SP3:libpurple SUSE Linux Enterprise Software Development Kit 12 SP3:libpurple-devel SUSE Linux Enterprise Software Development Kit 12 SP3:libpurple-lang SUSE Linux Enterprise Software Development Kit 12 SP3:pidgin SUSE Linux Enterprise Software Development Kit 12 SP3:pidgin-devel SUSE Linux Enterprise Workstation Extension 12 SP3:finch SUSE Linux Enterprise Workstation Extension 12 SP3:libpurple SUSE Linux Enterprise Workstation Extension 12 SP3:libpurple-branding-upstream SUSE Linux Enterprise Workstation Extension 12 SP3:libpurple-lang SUSE Linux Enterprise Workstation Extension 12 SP3:libpurple-plugin-sametime SUSE Linux Enterprise Workstation Extension 12 SP3:libpurple-tcl SUSE Linux Enterprise Workstation Extension 12 SP3:pidgin moderate 4 AV:N/AC:H/Au:N/C:P/I:P/A:N 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H