Vulnerabilities > CVE-2015-5652 - Remote Code Execution vulnerability in Python DLL Loading 'readline.pyd'
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python that cannot really be altered at this point." <a href="https://cwe.mitre.org/data/definitions/426.html">CWE-426: Untrusted Search Path</a>