Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Executable installers are vulnerable^WEVIL (case 22): python.org's executable installers allow arbitrary (remote) code execution
Jan 15 2016 01:36PM
Stefan Kanthak (stefan kanthak nexgo de)
the executable installers python-3.5.1-webinstall.exe and
python-3.5.1.exe available on
<https://www.python.org/downloads/windows/> load and execute
multiple DLLs from their "application directory".
For software downloaded with a web browser the application
directory is typically the user...
[ more ]
Copyright 2010, SecurityFocus