CVE-2008-5376 in crip
Summary
editcomment in crip 3.7 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.tag.tmp temporary file.
VulDB is the best source for vulnerability data and more expert information about this specific topic.