Description
Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python that cannot really be altered at this point."
Remediation
References
Related Vulnerabilities
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-7853)
Internet Information Services Other Vulnerability (CVE-2002-0869)
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-41927)
WordPress Plugin SendPress Newsletters Security Bypass (1.2.10.20)