Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Python Other Vulnerability (CVE-2015-5652)

Description

Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python that cannot really be altered at this point."

Remediation

References

Related Vulnerabilities

Apache HTTP Server Other Vulnerability (CVE-2004-0885)

WordPress Plugin Custom Post Type UI Cross-Site Scripting (1.0.6)

WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.12)

ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7364)

WordPress Plugin dsSearchAgent:WordPress Edition Cross-Site Scripting (1.0-beta10)

Severity

High

Classification

CVE-2015-5652

Tags

Missing Update Known Vulnerabilities