CVE-2015-1326 – python-dbusmock arbitrary code execution or file overwrite when templates are loaded from /tmp

https://notcve.org/view.php?id=CVE-2015-1326

python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file. python-dbusmock versiones anteriores a la 0.15.1 AddTemplate() D-Bus method call o DBusTestCase.spawn_server_stemplate() method podrían ser engañados para que ejecuten código malicioso si un atacante proporciona un archivo .pyc. • https://github.com/martinpitt/python-dbusmock/commit/4e7d0df9093 • CWE-20: Improper Input Validation •