Python Untrusted Search Path Vulnerability - CVE-2008-5983

Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier and possibly later versions prepends an empty string to sys.path when the argv0 argument does not contain a path separator which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory.