We do not set the protocol to use for sending the transaction to PayPal through cURL, this means it will use the hosts default protocol.
The Poodle vulnerability will only encountered if your host has SSLV3 s3et as the default protocol for cURL communications.
you should have your host disable SSLv3 for the cURL library and set TLS as the fall back.
more information on the Poodle vulnerability can be found here:
http://chrisburgess.com.au/how-to-test-for-the-sslv3-poodle-vulnerability/
To get information on the cause of the failure, add the following in the body section of the failure page:
<?php @session_start(); var_dump($_SESSION); ?>
this will write the session contents to the page including the gateways response. the gateways response will contain information on why the transaction failed.