Launchpad.net

CVE 2008-5147

test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/outer.odt temporary file.

See the CVE page on Mitre.org for more details.