Launchpad.net

CVE 2013-2012

autojump before 21.5.8 allows local users to gain privileges via a Trojan horse custom_install directory in the current working directory.

See the CVE page on Mitre.org for more details.