WEB APPLICATION VULNERABILITIES Standard & Premium

Python Other Vulnerability (CVE-2015-5652)

Description

Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python that cannot really be altered at this point."

Remediation

References

Related Vulnerabilities

WordPress Plugin Pinterest 'Pin It' Button Cross-Site Scripting (2.0.8)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4573)

Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-8037)

Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-7902)

WordPress 4.7.x Prototype Pollution (4.7 - 4.7.22)

Severity

High

Classification

Tags

Missing Update Known Vulnerabilities