CVE-2005-0089 - Spireless Electric Eel


The SimpleXMLRPCServer library module in Python 2.2 2.3 before 2.3.5 and 2.4 when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method allows remote attackers to read or modify globals of the associated module and possibly execute arbitrary code via dotted attributes.