Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files.Referenceshttp://osvdb.org/42481http://www.zsh.org/mla/workers/2007/msg01066.htmlhttp://www.zsh.org/mla/workers/2007/msg01060.htmlhttps://bugs.gentoo.org/show_bug.cgi?id=201022http://www.securityfocus.com/bid/26674https://exchange.xforce.ibmcloud.com/vulnerabilities/38812http://www.zsh.org/mla/workers/2007/msg01065.htmlhttp://secunia.com/advisories/27899
