Guido Van Rossum

**Name of the Vulnerable Software and Affected Versions** Python versions 2.2, 2.3 before 2.3.5, and 2.4 **Description** The issue allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes, when the SimpleXMLRPCServer library module is used by XML-RPC servers that register an object without a dispatch method. **Recommendations** For Python version 2.2, update to a version with the necessary security fixes. For Python version 2.3 before 2.3.5, update to version 2.3.5 or later. For Python version 2.4, consider disabling the use of the register instance method without a dispatch method until a patch is available.