Mandrake Linux Security Update Advisory - Javier Fernandez-Sanguino Pena discovered two vulnerabilities in scripts included with the vim editor. The two scripts, tcltags and vimspell.sh created temporary files in an insecure manner which could allow a malicious user to execute a symbolic link attack or to create, or overwrite, arbitrary files with the privileges of the user invoking the scripts.
7d9c2bfe6a4ee99a747572aa6fb968bad0aa4e7638fd1885eac13fa60c81fe34