CVE-2015-5652

Advisory

Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python that cannot really be altered at this point."

Affected package

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

• http://jvn.jp/en/jp/JVN49503705/995204/index.html
• http://jvn.jp/en/jp/JVN49503705/index.html
• http://jvndb.jvn.jp/jvndb/JVNDB-2015-000141
• https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
• http://www.securityfocus.com/bid/76929
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5652