CVE 2008-5375

cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file.

Related bugs and status

CVE-2008-5375 (Candidate) is related to these bugs:

Bug #312215: Please merge cmus 2.2.0-1.1 (multiverse) from Debian unstable (main).

Summary				In	Importance	Status
	312215	Please merge cmus 2.2.0-1.1 (multiverse) from Debian unstable (main).		cmus (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.