Vulnerability Database

313,825

Total vulnerabilities in the database

CVE-2015-1416

Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file.

Published: Feb 5, 2018
Updated: Nov 9, 2025
CVE: CVE-2015-1416
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
freebsd / freebsd	10.0	10.0.x
freebsd / freebsd	10.2	10.2.x
freebsd / freebsd	10.1	10.1.x

http://www.openwall.com/lists/oss-security/2015/07/30/9
http://www.openwall.com/lists/oss-security/2015/08/01/4
http://www.openwall.com/lists/oss-security/2015/08/02/1
http://www.openwall.com/lists/oss-security/2015/08/02/6
http://www.securityfocus.com/bid/76116
http://www.securitytracker.com/id/1033110
https://www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo