The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.
https://exchange.xforce.ibmcloud.com/vulnerabilities/18708
http://www.securityfocus.com/bid/12100