src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function.
Several vulnerabilities have been discovered in Gajim, a feature-rich
Jabber client The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2012-1987
Gajim is not properly sanitizing input before passing it to shell
commands An attacker can use this flaw to execute arbitrary code
on behalf of the victi ...