CVE-2004-0770 - Axiomatical Fuckmonkey
Description
romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.
Reference
http://www.securityfocus.com/bid/10855 http://secunia.com/advisories/12214 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=263282&archive=yes https://exchange.xforce.ibmcloud.com/vulnerabilities/16884