Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file.Referenceshttp://www.horde.org/imp/2.2/news.phpftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-025.0.txthttp://archives.neohapsis.com/archives/bugtraq/2001-05/0303.html
