{
  "modified": "2025-08-09T19:01:27Z",
  "published": "2018-02-05T16:29:00Z",
  "id": "CVE-2015-1416",
  "details": "Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file.",
  "severity": [
    {
      "type": "CVSS_V3",
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
    }
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://www.openwall.com/lists/oss-security/2015/07/30/9"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.openwall.com/lists/oss-security/2015/08/01/4"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.openwall.com/lists/oss-security/2015/08/02/1"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.openwall.com/lists/oss-security/2015/08/02/6"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.securityfocus.com/bid/76116"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.securitytracker.com/id/1033110"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc"
    },
    {
      "type": "ARTICLE",
      "url": "http://www.openwall.com/lists/oss-security/2015/07/30/9"
    },
    {
      "type": "ARTICLE",
      "url": "http://www.openwall.com/lists/oss-security/2015/08/01/4"
    },
    {
      "type": "ARTICLE",
      "url": "http://www.openwall.com/lists/oss-security/2015/08/02/1"
    },
    {
      "type": "ARTICLE",
      "url": "http://www.openwall.com/lists/oss-security/2015/08/02/6"
    }
  ]
}