Your submission was sent successfully! Close

CVE-2015-5652

Published: 6 October 2015

Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python that cannot really be altered at this point."

Notes

AuthorNote
sbeattie
Windows only and upstream isn't going to fix, ignoring
Priority

Low

Status

Package Release Status
python2.7
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(Windows only)
cosmic Not vulnerable
(Windows only)
precise Not vulnerable
(Windows only)
trusty Not vulnerable
(Windows only)
upstream Needed

vivid Not vulnerable
(Windows only)
xenial Not vulnerable
(Windows only)
python3.2
Launchpad, Ubuntu, Debian
precise Not vulnerable
(Windows only)
trusty Does not exist

upstream Needed

vivid Does not exist

python3.4
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Not vulnerable
(Windows only)
upstream Needed

vivid Not vulnerable
(Windows only)
xenial Does not exist

python3.5
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Not vulnerable
(Windows only)
upstream Needed

vivid Does not exist

xenial Not vulnerable
(Windows only)