Ubuntu 4.10 : tetex-bin vulnerability (USN-51-1)
Javier Fernandez-Sanguino Pena noticed that 'xdvizilla', an auxiliary script to integrate DVI file viewing in Mozilla-based browsers, created temporary files and directories in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges o...