run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.Referenceshttp://secunia.com/advisories/19941http://www.debian.org/security/2006/dsa-1051https://usn.ubuntu.com/157-1/http://www.mandriva.com/security/advisories?name=MDKSA-2005:173http://secunia.com/advisories/19863http://www.mandriva.com/security/advisories?name=MDKSA-2005:174http://www.debian.org/security/2006/dsa-1046http://www.securityfocus.com/bid/14443
