Untrusted Search Path Vulnerability in Python.exe on Windows

Untrusted Search Path Vulnerability in Python.exe on Windows

CVE-2015-5652 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python that cannot really be altered at this point."

Learn more about our User Device Pen Test.