Back to search
CVE-2019-13404
Published: Jul 8, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. (This also affects old 3.x releases before 3.5.) NOTE: the vendor's position is that it is the user's responsibility to ensure C:\Python27 access control or choose a different directory, because backwards compatibility requires that C:\Python27 remain the default for 2.7.x
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://docs.python.org/2/faq/windows.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now