diff -r b6ea3dc89a78 Lib/dbm/dumb.py
--- a/Lib/dbm/dumb.py	Sat Jan 17 18:46:10 2015 +0200
+++ b/Lib/dbm/dumb.py	Thu Jan 22 00:29:42 2015 +0200
@@ -21,6 +21,7 @@
 
 """
 
+import ast as _ast
 import io as _io
 import os as _os
 import collections
@@ -95,7 +96,10 @@
             with f:
                 for line in f:
                     line = line.rstrip()
-                    key, pos_and_siz_pair = eval(line)
+                    try:
+                        key, pos_and_siz_pair = _ast.literal_eval(line)
+                    except (ValueError, SyntaxError) as exc:
+                        raise error("Invalid entry in the dirfile.") from exc
                     key = key.encode('Latin-1')
                     self._index[key] = pos_and_siz_pair
 
diff -r b6ea3dc89a78 Lib/test/test_dbm_dumb.py
--- a/Lib/test/test_dbm_dumb.py	Sat Jan 17 18:46:10 2015 +0200
+++ b/Lib/test/test_dbm_dumb.py	Thu Jan 22 00:29:42 2015 +0200
@@ -225,6 +225,20 @@
         with dumbdbm.open(_fname, 'n') as f:
             self.assertEqual(f.keys(), [])
 
+    def test_eval(self):
+        for content, expected_error in [
+            ("import os; os.remove", SyntaxError),
+            ("os.remove()", ValueError),
+            ("os.remove", ValueError)]:
+
+            with open(_fname + ".dir", 'w') as stream:
+                stream.write(content)
+
+            with self.assertRaises(dumbdbm.error) as cm:
+                with dumbdbm.open(_fname) as f:
+                    pass
+            self.assertIsInstance(cm.exception.__context__, expected_error)
+
     def tearDown(self):
         _delete_files()