Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack. http://archives.neohapsis.com/archives/bugtraq/2004-03/0118.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=308875
Low severity, won't fix, EOL