Launchpad.net

CVE 2014-3421

lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.

See the CVE page on Mitre.org for more details.