GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.
secunia.com/advisories/17646
secunia.com/advisories/17647
secunia.com/advisories/17656
www.debian.org/security/2005/dsa-901
www.gentoo.org/security/en/glsa/glsa-200511-16.xml
www.gnu.org/software/gnump3d/attacks.html#temporary-files
www.gnu.org/software/gnump3d/ChangeLog
www.novell.com/linux/security/advisories/2005_28_sr.html
www.securityfocus.com/bid/15497
www.vupen.com/english/advisories/2005/2489