The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Gentoo Linux Security Advisory 201401-27 - A vulnerability in GNU TeXmacs could result in privilege escalation. Versions less than 1.0.7.2-r1 are affected.