Unrated severityNVD Advisory· Published Jan 21, 2015· Updated Jun 17, 2026
CVE-2015-1196
CVE-2015-1196
Description
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
- osv-coords4 versionspkg:rpm/opensuse/patch&distro=openSUSE%20Tumbleweedpkg:rpm/suse/patch&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/patch&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/patch&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
< 2.7.5-1.112+ 3 more
- (no CPE)range: < 2.7.5-1.112
- (no CPE)range: < 2.7.5-7.1
- (no CPE)range: < 2.7.5-7.1
- (no CPE)range: < 2.7.5-7.1
Patches
Vulnerability mechanics
References
8- git.savannah.gnu.org/cgit/patch.git/commit/nvdPatch
- bugs.debian.org/cgi-bin/bugreport.cginvdExploit
- lists.opensuse.org/opensuse-updates/2015-02/msg00013.htmlnvdThird Party Advisory
- seclists.org/oss-sec/2015/q1/173nvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/72074nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/99967nvd
News mentions
0No linked articles in our index yet.