The do_ed_script function in pch.c in GNU patch up to and including 2.7.6, and patch in FreeBSD 10.1 prior to 10.1-RELEASE-p17, 10.2 prior to 10.2-BETA2-p3, 10.2-RC1 prior to 10.2-RC1-p2, and 0.2-RC2 prior to 10.2-RC2-p1, allows remote malicious users to execute arbitrary commands via a crafted patch file, because a '!' character can be passed to the ed program.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 10.1 |
||
freebsd freebsd 10.2 |