A number of temporary file bugs have been found in versions of NetPBM
shipped with Red Hat Enterprise Linux 2.1 and 3. These could allow a
local attacker the ability to overwrite or create files as a user
running the netpbm utilities.
Low risk as few programs use the netpbm utilities for image conversion.
Errata has been release, netpbm-9.24-12.1.1 and later fix the problem.
Read ya, Phil