Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2015-1416

Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file.

  • Published: Feb 5, 2018
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-1416
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
freebsd / freebsd 10.0 10.0.x
freebsd / freebsd 10.2 10.2.x
freebsd / freebsd 10.1 10.1.x