Lucene search
JpcertCVE-2015-5652HistoryOct 06, 2015 - 1:59 a.m.
CVE-2015-5652
2015-10-0601:59:27
jpcert
web.nvd.nist.gov
183
cve-2015-5652
untrusted search path vulnerability
python.exe
python
windows
local users
privileges
trojan horse
readline.pyd
nvd
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
High
EPSS
0
Percentile
5.1%
Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says “It was determined that this is a longtime behavior of Python that cannot really be altered at this point.”
Affected configurations
Node
pythonpythonRange≤3.5.0
microsoftwindows
Related
ubuntucve
ubuntucve
CVE-2015-5652
2015-10-06 00:00:00
prion
prion
Design/Logic Flaw
2015-10-06 01:59:00
nvd
nvd
CVE-2015-5652
2015-10-06 01:59:27
cvelist
cvelist
CVE-2015-5652
2015-10-05 10:00:00
jvn
jvn
JVN#49503705: Python for Windows may insecurely load dynamic libraries
2015-10-01 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2015-5652