Remote Code Execution via Indirect Module Import in mod_python

Remote Code Execution via Indirect Module Import in mod_python

CVE-2002-0185 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module.

Learn more about our Web Application Penetration Testing UK.