Oval Definition:	oval:com.ubuntu.trusty:def:20151395000
Revision Date: 2017-08-25 Version: 1 Title: CVE-2015-1395 on Ubuntu 14.04 LTS (trusty) - medium. Description: Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-1395 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND The 'patch' package in trusty was vulnerable but has been fixed (note: '2.7.1-4ubuntu2.3').
BACK