2005-05-10 08:00:00
mitre
PUBLISHED
Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack.