Mozilla Thunderbird 0.8 and Firefox 0.9.3 allows a temporary file to become world readable when using secondary applications to view the data.
0b1e7279d45dd44b682ecadf1c4f7ceda50e5ad2aa76c5c8076ff13b04ff70aa
aimSniff.pl 0.9b has a file deletion flaw. If the utility is run as root, a symlink attack can be used against a file in tmp to get root to remove any file on the system.
d35abb58d182e2ac03ec120bfbe800992445c733034160f3f66e0705ad173573