xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.Referenceshttp://marc.info/?l=bugtraq&m=107997911025558&w=2http://www.debian.org/security/2004/dsa-477http://www.securityfocus.com/bid/9939http://security.gentoo.org/glsa/glsa-200404-20.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/15564
